ID USN-323-1 Type ubuntu Reporter Ubuntu Modified 2006-07-26T00:00:00
Description
Jonas Sicking discovered that under some circumstances persisted XUL attributes are associated with the wrong URL. A malicious web site could exploit this to execute arbitrary code with the privileges of the user. (MFSA 2006-35, CVE-2006-2775)
Paul Nickerson discovered that content-defined setters on an object prototype were getting called by privileged UI code. It was demonstrated that this could be exploited to run arbitrary web script with full user privileges (MFSA 2006-37, CVE-2006-2776). A similar attack was discovered by moz_bug_r_a4 that leveraged SelectionObject notifications that were called in privileged context. (MFSA 2006-43, CVE-2006-2777)
Mikolaj Habryn discovered a buffer overflow in the crypto.signText() function. By tricking a user to visit a site with an SSL certificate with specially crafted optional Certificate Authority name arguments, this could potentially be exploited to execute arbitrary code with the user’s privileges. (MFSA 2006-38, CVE-2006-2778)
The Mozilla developer team discovered several bugs that lead to crashes with memory corruption. These might be exploitable by malicious web sites to execute arbitrary code with the privileges of the user. (MFSA 2006-32, CVE-2006-2779, CVE-2006-2780)
Masatoshi Kimura discovered a memory corruption (double-free) when processing a large VCard with invalid base64 characters in it. By sending a maliciously crafted set of VCards to a user, this could potentially be exploited to execute arbitrary code with the user’s privileges. (MFSA 2006-40, CVE-2006-2781)
Chuck McAuley reported that the fix for CVE-2006-1729 (file stealing by changing input type) was not sufficient to prevent all variants of exploitation. (MFSA 2006-41, CVE-2006-2782)
Masatoshi Kimura found a way to bypass web input sanitizers which filter out JavaScript. By inserting ‘Unicode Byte-order-Mark (BOM)’ characters into the HTML code (e. g. ‘<scr[BOM]ipt>’), these filters might not recognize the tags anymore; however, Mozilla would still execute them since BOM markers are filtered out before processing the page. (MFSA 2006-42, CVE-2006-2783)
Paul Nickerson noticed that the fix for CVE-2005-0752 (JavaScript privilege escalation on the plugins page) was not sufficient to prevent all variants of exploitation. (MFSA 2006-36, CVE-2006-2784)
Paul Nickerson demonstrated that if an attacker could convince a user to right-click on a broken image and choose “View Image” from the context menu then he could get JavaScript to run on a site of the attacker’s choosing. This could be used to steal login cookies or other confidential information from the target site. (MFSA 2006-34, CVE-2006-2785)
Kazuho Oku discovered various ways to perform HTTP response smuggling when used with certain proxy servers. Due to different interpretation of nonstandard HTTP headers in Mozilla and the proxy server, a malicious web site can exploit this to send back two responses to one request. The second response could be used to steal login cookies or other sensitive data from another opened web site. (MFSA 2006-33, CVE-2006-2786)
{"id": "USN-323-1", "bulletinFamily": "unix", "title": "mozilla vulnerabilities", "description": "Jonas Sicking discovered that under some circumstances persisted XUL attributes are associated with the wrong URL. A malicious web site could exploit this to execute arbitrary code with the privileges of the user. (MFSA 2006-35, CVE-2006-2775)\n\nPaul Nickerson discovered that content-defined setters on an object prototype were getting called by privileged UI code. It was demonstrated that this could be exploited to run arbitrary web script with full user privileges (MFSA 2006-37, CVE-2006-2776). A similar attack was discovered by moz_bug_r_a4 that leveraged SelectionObject notifications that were called in privileged context. (MFSA 2006-43, CVE-2006-2777)\n\nMikolaj Habryn discovered a buffer overflow in the crypto.signText() function. By tricking a user to visit a site with an SSL certificate with specially crafted optional Certificate Authority name arguments, this could potentially be exploited to execute arbitrary code with the user\u2019s privileges. (MFSA 2006-38, CVE-2006-2778)\n\nThe Mozilla developer team discovered several bugs that lead to crashes with memory corruption. These might be exploitable by malicious web sites to execute arbitrary code with the privileges of the user. (MFSA 2006-32, CVE-2006-2779, CVE-2006-2780)\n\nMasatoshi Kimura discovered a memory corruption (double-free) when processing a large VCard with invalid base64 characters in it. By sending a maliciously crafted set of VCards to a user, this could potentially be exploited to execute arbitrary code with the user\u2019s privileges. (MFSA 2006-40, CVE-2006-2781)\n\nChuck McAuley reported that the fix for CVE-2006-1729 (file stealing by changing input type) was not sufficient to prevent all variants of exploitation. (MFSA 2006-41, CVE-2006-2782)\n\nMasatoshi Kimura found a way to bypass web input sanitizers which filter out JavaScript. By inserting \u2018Unicode Byte-order-Mark (BOM)\u2019 characters into the HTML code (e. g. \u2018<scr[BOM]ipt>\u2019), these filters might not recognize the tags anymore; however, Mozilla would still execute them since BOM markers are filtered out before processing the page. (MFSA 2006-42, CVE-2006-2783)\n\nPaul Nickerson noticed that the fix for CVE-2005-0752 (JavaScript privilege escalation on the plugins page) was not sufficient to prevent all variants of exploitation. (MFSA 2006-36, CVE-2006-2784)\n\nPaul Nickerson demonstrated that if an attacker could convince a user to right-click on a broken image and choose \u201cView Image\u201d from the context menu then he could get JavaScript to run on a site of the attacker\u2019s choosing. This could be used to steal login cookies or other confidential information from the target site. (MFSA 2006-34, CVE-2006-2785)\n\nKazuho Oku discovered various ways to perform HTTP response smuggling when used with certain proxy servers. Due to different interpretation of nonstandard HTTP headers in Mozilla and the proxy server, a malicious web site can exploit this to send back two responses to one request. The second response could be used to steal login cookies or other sensitive data from another opened web site. (MFSA 2006-33, CVE-2006-2786)", "published": "2006-07-26T00:00:00", "modified": "2006-07-26T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/323-1/", "reporter": "Ubuntu", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2781", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2776", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2775", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2784", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2778", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2785", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2780", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2779", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2777", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2782", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2787", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2786", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2783"], "cvelist": ["CVE-2006-2780", "CVE-2006-2784", "CVE-2006-2785", "CVE-2006-2776", "CVE-2006-2778", "CVE-2006-2779", "CVE-2006-2781", "CVE-2005-0752", "CVE-2006-2786", "CVE-2006-1729", "CVE-2006-2783", "CVE-2006-2787", "CVE-2006-2777", "CVE-2006-2775", "CVE-2006-2782"], "type": "ubuntu", "lastseen": "2019-01-29T20:34:00", "history": [{"bulletin": {"affectedPackage": [{"OS": "Ubuntu", "OSVersion": "5.10", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-mailnews - 2:1.7.13-0ubuntu5.10.1", "packageVersion": "any"}, {"OS": "Ubuntu", "OSVersion": "5.10", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-browser - 2:1.7.13-0ubuntu5.10.1", "packageVersion": "any"}, {"OS": "Ubuntu", "OSVersion": "5.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-mailnews - 2:1.7.13-0ubuntu05.04.1", "packageVersion": "any"}, {"OS": "Ubuntu", "OSVersion": "5.10", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-psm - 2:1.7.13-0ubuntu5.10.1", "packageVersion": "any"}, {"OS": "Ubuntu", "OSVersion": "5.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-browser - 2:1.7.13-0ubuntu05.04.1", "packageVersion": "any"}, {"OS": "Ubuntu", "OSVersion": "5.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-psm - 2:1.7.13-0ubuntu05.04.1", "packageVersion": "any"}], "bulletinFamily": "unix", "cvelist": ["CVE-2006-2780", "CVE-2006-2784", "CVE-2006-2785", "CVE-2006-2776", "CVE-2006-2778", "CVE-2006-2779", "CVE-2006-2781", "CVE-2005-0752", "CVE-2006-2786", "CVE-2006-1729", "CVE-2006-2783", "CVE-2006-2787", "CVE-2006-2777", "CVE-2006-2775", "CVE-2006-2782"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Jonas Sicking discovered that under some circumstances persisted XUL attributes are associated with the wrong URL. A malicious web site could exploit this to execute arbitrary code with the privileges of the user. (MFSA 2006-35, CVE-2006-2775)\n\nPaul Nickerson discovered that content-defined setters on an object prototype were getting called by privileged UI code. It was demonstrated that this could be exploited to run arbitrary web script with full user privileges (MFSA 2006-37, CVE-2006-2776). A similar attack was discovered by moz_bug_r_a4 that leveraged SelectionObject notifications that were called in privileged context. (MFSA 2006-43, CVE-2006-2777)\n\nMikolaj Habryn discovered a buffer overflow in the crypto.signText() function. By tricking a user to visit a site with an SSL certificate with specially crafted optional Certificate Authority name arguments, this could potentially be exploited to execute arbitrary code with the user\u2019s privileges. (MFSA 2006-38, CVE-2006-2778)\n\nThe Mozilla developer team discovered several bugs that lead to crashes with memory corruption. These might be exploitable by malicious web sites to execute arbitrary code with the privileges of the user. (MFSA 2006-32, CVE-2006-2779, CVE-2006-2780)\n\nMasatoshi Kimura discovered a memory corruption (double-free) when processing a large VCard with invalid base64 characters in it. By sending a maliciously crafted set of VCards to a user, this could potentially be exploited to execute arbitrary code with the user\u2019s privileges. (MFSA 2006-40, CVE-2006-2781)\n\nChuck McAuley reported that the fix for CVE-2006-1729 (file stealing by changing input type) was not sufficient to prevent all variants of exploitation. (MFSA 2006-41, CVE-2006-2782)\n\nMasatoshi Kimura found a way to bypass web input sanitizers which filter out JavaScript. By inserting \u2018Unicode Byte-order-Mark (BOM)\u2019 characters into the HTML code (e. g. \u2018<scr[BOM]ipt>\u2019), these filters might not recognize the tags anymore; however, Mozilla would still execute them since BOM markers are filtered out before processing the page. (MFSA 2006-42, CVE-2006-2783)\n\nPaul Nickerson noticed that the fix for CVE-2005-0752 (JavaScript privilege escalation on the plugins page) was not sufficient to prevent all variants of exploitation. (MFSA 2006-36, CVE-2006-2784)\n\nPaul Nickerson demonstrated that if an attacker could convince a user to right-click on a broken image and choose \u201cView Image\u201d from the context menu then he could get JavaScript to run on a site of the attacker\u2019s choosing. This could be used to steal login cookies or other confidential information from the target site. (MFSA 2006-34, CVE-2006-2785)\n\nKazuho Oku discovered various ways to perform HTTP response smuggling when used with certain proxy servers. Due to different interpretation of nonstandard HTTP headers in Mozilla and the proxy server, a malicious web site can exploit this to send back two responses to one request. The second response could be used to steal login cookies or other sensitive data from another opened web site. (MFSA 2006-33, CVE-2006-2786)", "edition": 1, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}}, "hash": "7c48d2c15381b1d6ceb46c61eb9eda8638585d3da9c628542d6a850fa1b011d5", "hashmap": [{"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "4b01c3d9272f72e9d0aaa7adff66245e", "key": "title"}, {"hash": "9b6e93e901de2e8f9e0a673a2fd14802", "key": "affectedPackage"}, {"hash": "29e29a81fd2f7bc25fa25c1f4c19ae90", "key": "published"}, {"hash": "29e29a81fd2f7bc25fa25c1f4c19ae90", "key": "modified"}, {"hash": "1d41c853af58d3a7ae54990ce29417d8", "key": "type"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "3d945423f8e9496c429a5d8c65b4604f", "key": "reporter"}, {"hash": "b1980fee6ab495f3ae5c714dbe418aff", "key": "href"}, {"hash": "7d8662e134dba85b752197550b5f94fc", "key": "description"}, {"hash": "78413e5c29bb7600c93a8f7ab4e0575e", "key": "references"}, {"hash": "6244f05147809b7916538a9e7dc52a8e", "key": "cvelist"}], "history": [], "href": "https://usn.ubuntu.com/323-1/", "id": "USN-323-1", "lastseen": "2018-03-29T18:17:40", "modified": "2006-07-26T00:00:00", "objectVersion": "1.3", "published": "2006-07-26T00:00:00", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2781", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2776", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2775", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2784", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2778", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2785", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2780", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2779", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2777", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2782", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2787", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2786", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2783"], "reporter": "Ubuntu", "title": "mozilla vulnerabilities", "type": "ubuntu", "viewCount": 0}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2018-03-29T18:17:40"}, {"bulletin": {"affectedPackage": [{"OS": "Ubuntu", "OSVersion": "5.10", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-mailnews - 2:1.7.13-0ubuntu5.10.1", "packageVersion": "any"}, {"OS": "Ubuntu", "OSVersion": "5.10", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-browser - 2:1.7.13-0ubuntu5.10.1", "packageVersion": "any"}, {"OS": "Ubuntu", "OSVersion": "5.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-mailnews - 2:1.7.13-0ubuntu05.04.1", "packageVersion": "any"}, {"OS": "Ubuntu", "OSVersion": "5.10", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-psm - 2:1.7.13-0ubuntu5.10.1", "packageVersion": "any"}, {"OS": "Ubuntu", "OSVersion": "5.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-browser - 2:1.7.13-0ubuntu05.04.1", "packageVersion": "any"}, {"OS": "Ubuntu", "OSVersion": "5.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-psm - 2:1.7.13-0ubuntu05.04.1", "packageVersion": "any"}], "bulletinFamily": "unix", "cvelist": ["CVE-2006-2780", "CVE-2006-2784", "CVE-2006-2785", "CVE-2006-2776", "CVE-2006-2778", "CVE-2006-2779", "CVE-2006-2781", "CVE-2005-0752", "CVE-2006-2786", "CVE-2006-1729", "CVE-2006-2783", "CVE-2006-2787", "CVE-2006-2777", "CVE-2006-2775", "CVE-2006-2782"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Jonas Sicking discovered that under some circumstances persisted XUL attributes are associated with the wrong URL. A malicious web site could exploit this to execute arbitrary code with the privileges of the user. (MFSA 2006-35, CVE-2006-2775)\n\nPaul Nickerson discovered that content-defined setters on an object prototype were getting called by privileged UI code. It was demonstrated that this could be exploited to run arbitrary web script with full user privileges (MFSA 2006-37, CVE-2006-2776). A similar attack was discovered by moz_bug_r_a4 that leveraged SelectionObject notifications that were called in privileged context. (MFSA 2006-43, CVE-2006-2777)\n\nMikolaj Habryn discovered a buffer overflow in the crypto.signText() function. By tricking a user to visit a site with an SSL certificate with specially crafted optional Certificate Authority name arguments, this could potentially be exploited to execute arbitrary code with the user\u2019s privileges. (MFSA 2006-38, CVE-2006-2778)\n\nThe Mozilla developer team discovered several bugs that lead to crashes with memory corruption. These might be exploitable by malicious web sites to execute arbitrary code with the privileges of the user. (MFSA 2006-32, CVE-2006-2779, CVE-2006-2780)\n\nMasatoshi Kimura discovered a memory corruption (double-free) when processing a large VCard with invalid base64 characters in it. By sending a maliciously crafted set of VCards to a user, this could potentially be exploited to execute arbitrary code with the user\u2019s privileges. (MFSA 2006-40, CVE-2006-2781)\n\nChuck McAuley reported that the fix for CVE-2006-1729 (file stealing by changing input type) was not sufficient to prevent all variants of exploitation. (MFSA 2006-41, CVE-2006-2782)\n\nMasatoshi Kimura found a way to bypass web input sanitizers which filter out JavaScript. By inserting \u2018Unicode Byte-order-Mark (BOM)\u2019 characters into the HTML code (e. g. \u2018<scr[BOM]ipt>\u2019), these filters might not recognize the tags anymore; however, Mozilla would still execute them since BOM markers are filtered out before processing the page. (MFSA 2006-42, CVE-2006-2783)\n\nPaul Nickerson noticed that the fix for CVE-2005-0752 (JavaScript privilege escalation on the plugins page) was not sufficient to prevent all variants of exploitation. (MFSA 2006-36, CVE-2006-2784)\n\nPaul Nickerson demonstrated that if an attacker could convince a user to right-click on a broken image and choose \u201cView Image\u201d from the context menu then he could get JavaScript to run on a site of the attacker\u2019s choosing. This could be used to steal login cookies or other confidential information from the target site. (MFSA 2006-34, CVE-2006-2785)\n\nKazuho Oku discovered various ways to perform HTTP response smuggling when used with certain proxy servers. Due to different interpretation of nonstandard HTTP headers in Mozilla and the proxy server, a malicious web site can exploit this to send back two responses to one request. The second response could be used to steal login cookies or other sensitive data from another opened web site. (MFSA 2006-33, CVE-2006-2786)", "edition": 2, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}}, "hash": "696ba8645cc02e5cb507d428b3f90e251092ff6db4732f9e199410f716d3f0b8", "hashmap": [{"hash": "4b01c3d9272f72e9d0aaa7adff66245e", "key": "title"}, {"hash": "9b6e93e901de2e8f9e0a673a2fd14802", "key": "affectedPackage"}, {"hash": "29e29a81fd2f7bc25fa25c1f4c19ae90", "key": "published"}, {"hash": "29e29a81fd2f7bc25fa25c1f4c19ae90", "key": "modified"}, {"hash": "1d41c853af58d3a7ae54990ce29417d8", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "3d945423f8e9496c429a5d8c65b4604f", "key": "reporter"}, {"hash": "b1980fee6ab495f3ae5c714dbe418aff", "key": "href"}, {"hash": "7d8662e134dba85b752197550b5f94fc", "key": "description"}, {"hash": "78413e5c29bb7600c93a8f7ab4e0575e", "key": "references"}, {"hash": "6244f05147809b7916538a9e7dc52a8e", "key": "cvelist"}], "history": [], "href": "https://usn.ubuntu.com/323-1/", "id": "USN-323-1", "lastseen": "2018-08-30T20:08:34", "modified": "2006-07-26T00:00:00", "objectVersion": "1.3", "published": "2006-07-26T00:00:00", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2781", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2776", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2775", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2784", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2778", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2785", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2780", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2779", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2777", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2782", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2787", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2786", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2783"], "reporter": "Ubuntu", "title": "mozilla vulnerabilities", "type": "ubuntu", "viewCount": 0}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-08-30T20:08:34"}, {"bulletin": {"affectedPackage": [{"OS": "Ubuntu", "OSVersion": "5.10", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-mailnews - 2:1.7.13-0ubuntu5.10.1", "packageVersion": "any"}, {"OS": "Ubuntu", "OSVersion": "5.10", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-browser - 2:1.7.13-0ubuntu5.10.1", "packageVersion": "any"}, {"OS": "Ubuntu", "OSVersion": "5.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-mailnews - 2:1.7.13-0ubuntu05.04.1", "packageVersion": "any"}, {"OS": "Ubuntu", "OSVersion": "5.10", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-psm - 2:1.7.13-0ubuntu5.10.1", "packageVersion": "any"}, {"OS": "Ubuntu", "OSVersion": "5.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-browser - 2:1.7.13-0ubuntu05.04.1", "packageVersion": "any"}, {"OS": "Ubuntu", "OSVersion": "5.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-psm - 2:1.7.13-0ubuntu05.04.1", "packageVersion": "any"}], "bulletinFamily": "unix", "cvelist": ["CVE-2006-2780", "CVE-2006-2784", "CVE-2006-2785", "CVE-2006-2776", "CVE-2006-2778", "CVE-2006-2779", "CVE-2006-2781", "CVE-2005-0752", "CVE-2006-2786", "CVE-2006-1729", "CVE-2006-2783", "CVE-2006-2787", "CVE-2006-2777", "CVE-2006-2775", "CVE-2006-2782"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Jonas Sicking discovered that under some circumstances persisted XUL attributes are associated with the wrong URL. A malicious web site could exploit this to execute arbitrary code with the privileges of the user. (MFSA 2006-35, CVE-2006-2775)\n\nPaul Nickerson discovered that content-defined setters on an object prototype were getting called by privileged UI code. It was demonstrated that this could be exploited to run arbitrary web script with full user privileges (MFSA 2006-37, CVE-2006-2776). A similar attack was discovered by moz_bug_r_a4 that leveraged SelectionObject notifications that were called in privileged context. (MFSA 2006-43, CVE-2006-2777)\n\nMikolaj Habryn discovered a buffer overflow in the crypto.signText() function. By tricking a user to visit a site with an SSL certificate with specially crafted optional Certificate Authority name arguments, this could potentially be exploited to execute arbitrary code with the user\u2019s privileges. (MFSA 2006-38, CVE-2006-2778)\n\nThe Mozilla developer team discovered several bugs that lead to crashes with memory corruption. These might be exploitable by malicious web sites to execute arbitrary code with the privileges of the user. (MFSA 2006-32, CVE-2006-2779, CVE-2006-2780)\n\nMasatoshi Kimura discovered a memory corruption (double-free) when processing a large VCard with invalid base64 characters in it. By sending a maliciously crafted set of VCards to a user, this could potentially be exploited to execute arbitrary code with the user\u2019s privileges. (MFSA 2006-40, CVE-2006-2781)\n\nChuck McAuley reported that the fix for CVE-2006-1729 (file stealing by changing input type) was not sufficient to prevent all variants of exploitation. (MFSA 2006-41, CVE-2006-2782)\n\nMasatoshi Kimura found a way to bypass web input sanitizers which filter out JavaScript. By inserting \u2018Unicode Byte-order-Mark (BOM)\u2019 characters into the HTML code (e. g. \u2018<scr[BOM]ipt>\u2019), these filters might not recognize the tags anymore; however, Mozilla would still execute them since BOM markers are filtered out before processing the page. (MFSA 2006-42, CVE-2006-2783)\n\nPaul Nickerson noticed that the fix for CVE-2005-0752 (JavaScript privilege escalation on the plugins page) was not sufficient to prevent all variants of exploitation. (MFSA 2006-36, CVE-2006-2784)\n\nPaul Nickerson demonstrated that if an attacker could convince a user to right-click on a broken image and choose \u201cView Image\u201d from the context menu then he could get JavaScript to run on a site of the attacker\u2019s choosing. This could be used to steal login cookies or other confidential information from the target site. (MFSA 2006-34, CVE-2006-2785)\n\nKazuho Oku discovered various ways to perform HTTP response smuggling when used with certain proxy servers. Due to different interpretation of nonstandard HTTP headers in Mozilla and the proxy server, a malicious web site can exploit this to send back two responses to one request. The second response could be used to steal login cookies or other sensitive data from another opened web site. (MFSA 2006-33, CVE-2006-2786)", "edition": 3, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}}, "hash": "7c48d2c15381b1d6ceb46c61eb9eda8638585d3da9c628542d6a850fa1b011d5", "hashmap": [{"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "4b01c3d9272f72e9d0aaa7adff66245e", "key": "title"}, {"hash": "9b6e93e901de2e8f9e0a673a2fd14802", "key": "affectedPackage"}, {"hash": "29e29a81fd2f7bc25fa25c1f4c19ae90", "key": "published"}, {"hash": "29e29a81fd2f7bc25fa25c1f4c19ae90", "key": "modified"}, {"hash": "1d41c853af58d3a7ae54990ce29417d8", "key": "type"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "3d945423f8e9496c429a5d8c65b4604f", "key": "reporter"}, {"hash": "b1980fee6ab495f3ae5c714dbe418aff", "key": "href"}, {"hash": "7d8662e134dba85b752197550b5f94fc", "key": "description"}, {"hash": "78413e5c29bb7600c93a8f7ab4e0575e", "key": "references"}, {"hash": "6244f05147809b7916538a9e7dc52a8e", "key": "cvelist"}], "history": [], "href": "https://usn.ubuntu.com/323-1/", "id": "USN-323-1", "lastseen": "2018-08-31T00:09:29", "modified": "2006-07-26T00:00:00", "objectVersion": "1.3", "published": "2006-07-26T00:00:00", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2781", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2776", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2775", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2784", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2778", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2785", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2780", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2779", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2777", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2782", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2787", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2786", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-2783"], "reporter": "Ubuntu", "title": "mozilla vulnerabilities", "type": "ubuntu", "viewCount": 0}, "differentElements": ["affectedPackage"], "edition": 3, "lastseen": "2018-08-31T00:09:29"}], "edition": 4, "hashmap": [{"key": "affectedPackage", "hash": "5276b06e8baa301b9dccf30e79dfafd9"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "6244f05147809b7916538a9e7dc52a8e"}, {"key": "cvss", "hash": "2076413bdcb42307d016f5286cbae795"}, {"key": "description", "hash": "7d8662e134dba85b752197550b5f94fc"}, {"key": "href", "hash": "b1980fee6ab495f3ae5c714dbe418aff"}, {"key": "modified", "hash": "29e29a81fd2f7bc25fa25c1f4c19ae90"}, {"key": "published", "hash": "29e29a81fd2f7bc25fa25c1f4c19ae90"}, {"key": "references", "hash": "78413e5c29bb7600c93a8f7ab4e0575e"}, {"key": "reporter", "hash": "3d945423f8e9496c429a5d8c65b4604f"}, {"key": "title", "hash": "4b01c3d9272f72e9d0aaa7adff66245e"}, {"key": "type", "hash": "1d41c853af58d3a7ae54990ce29417d8"}], "hash": "a7d35bae5be2105586edad3c2551c8556146a598f156c84b45dca55a06c1a198", "viewCount": 0, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:56939", "OPENVAS:57004", "OPENVAS:57203", "OPENVAS:57155", "OPENVAS:58064", "OPENVAS:57153", "OPENVAS:52132"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-200606-21.NASL", "SUSE_MOZILLATHUNDERBIRD-1672.NASL", "MOZILLA_FIREFOX_1504.NASL", "GENTOO_GLSA-200606-12.NASL", "MOZILLA_THUNDERBIRD_1504.NASL", "UBUNTU_USN-323-1.NASL", "UBUNTU_USN-297-3.NASL", "SEAMONKEY_102.NASL", "DEBIAN_DSA-1120.NASL", "UBUNTU_USN-297-1.NASL"]}, {"type": "ubuntu", "idList": ["USN-297-1", "USN-296-2", "USN-297-3", "USN-296-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1118-1:EEDF7", "DEBIAN:DSA-1134-1:9D70A", "DEBIAN:DSA-1120-1:5AE40"]}, {"type": "redhat", "idList": ["RHSA-2006:0578", "RHSA-2006:0609", "RHSA-2006:0611", "RHSA-2006:0610", "RHSA-2006:0594"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:13644", "SECURITYVULNS:DOC:13643"]}, {"type": "gentoo", "idList": ["GLSA-200606-12", "GLSA-200606-21"]}, {"type": "suse", "idList": ["SUSE-SA:2006:035"]}, {"type": "cve", "idList": ["CVE-2006-2781", "CVE-2006-2785", "CVE-2006-2780", "CVE-2006-2777", "CVE-2006-2778", "CVE-2006-2776", "CVE-2006-1729", "CVE-2006-2779", "CVE-2005-0752", "CVE-2006-2783"]}, {"type": "oraclelinux", "idList": ["ELSA-2006-0611", "ELSA-2006-0610"]}, {"type": "centos", "idList": ["CESA-2006:0611", "CESA-2006:0594-02", "CESA-2006:0610", "CESA-2006:0609"]}, {"type": "osvdb", "idList": ["OSVDB:24678", "OSVDB:26311", "OSVDB:26301", "OSVDB:26302", "OSVDB:15683", "OSVDB:26307", "OSVDB:26306", "OSVDB:26312", "OSVDB:26299", "OSVDB:26298"]}, {"type": "cert", "idList": ["VU:421529", "VU:243153", "VU:466673", "VU:237257", "VU:575969"]}, {"type": "freebsd", "idList": ["CE6AC624-AEC8-11D9-A788-0001020EED82"]}, {"type": "mozilla", "idList": ["MFSA2006-31"]}], "modified": "2019-01-29T20:34:00"}, "vulnersScore": 9.3}, "objectVersion": "1.3", "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "5.10", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-browser", "packageVersion": "2:1.7.13-0ubuntu5.10.1"}, {"OS": "Ubuntu", "OSVersion": "5.10", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-psm", "packageVersion": "2:1.7.13-0ubuntu5.10.1"}, {"OS": "Ubuntu", "OSVersion": "5.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-mailnews", "packageVersion": "2:1.7.13-0ubuntu05.04.1"}, {"OS": "Ubuntu", "OSVersion": "5.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-psm", "packageVersion": "2:1.7.13-0ubuntu05.04.1"}, {"OS": "Ubuntu", "OSVersion": "5.04", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-browser", "packageVersion": "2:1.7.13-0ubuntu05.04.1"}, {"OS": "Ubuntu", "OSVersion": "5.10", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "mozilla-mailnews", "packageVersion": "2:1.7.13-0ubuntu5.10.1"}]}
{"openvas": [{"lastseen": "2017-07-24T12:49:41", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200606-12.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=56939", "id": "OPENVAS:56939", "title": "Gentoo Security Advisory GLSA 200606-12 (mozilla-firefox)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Vulnerabilities in Mozilla Firefox allow privilege escalations for\nJavaScript code, cross site scripting attacks, HTTP response smuggling and\npossibly the execution of arbitrary code.\";\ntag_solution = \"All Mozilla Firefox users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose\n'>=www-client/mozilla-firefox-1.5.0.4'\n\nAll Mozilla Firefox binary users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose\n'>=www-client/mozilla-firefox-bin-1.5.0.4'\n\nNote: There is no stable fixed version for the Alpha architecture yet.\nUsers of Mozilla Firefox on Alpha should consider unmerging it until such\na version is available.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200606-12\nhttp://bugs.gentoo.org/show_bug.cgi?id=135254\nhttp://www.mozilla.org/projects/security/known-vulnerabilities.html#Firefox\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200606-12.\";\n\n \n\nif(description)\n{\n script_id(56939);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2006-2775\", \"CVE-2006-2776\", \"CVE-2006-2777\", \"CVE-2006-2778\", \"CVE-2006-2779\", \"CVE-2006-2780\", \"CVE-2006-2782\", \"CVE-2006-2783\", \"CVE-2006-2784\", \"CVE-2006-2785\", \"CVE-2006-2786\", \"CVE-2006-2787\");\n \n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200606-12 (mozilla-firefox)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"www-client/mozilla-firefox\", unaffected: make_list(\"ge 1.5.0.4\"), vulnerable: make_list(\"lt 1.5.0.4\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"www-client/mozilla-firefox-bin\", unaffected: make_list(\"ge 1.5.0.4\"), vulnerable: make_list(\"lt 1.5.0.4\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:16", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200606-21.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=57004", "id": "OPENVAS:57004", "title": "Gentoo Security Advisory GLSA 200606-21 (mozilla-thunderbird)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities in Mozilla Thunderbird allow cross site scripting,\nJavaScript privilege escalation and possibly execution of arbitrary code.\";\ntag_solution = \"All Mozilla Thunderbird users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-1.5.0.4'\n\nAll Mozilla Thunderbird binary users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-bin-1.5.0.4'\n\nNote: There is no stable fixed version for the Alpha architecture yet.\nUsers of Mozilla Thunderbird on Alpha should consider unmerging it until\nsuch a version is available.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200606-21\nhttp://bugs.gentoo.org/show_bug.cgi?id=135256\nhttp://www.mozilla.org/projects/security/known-vulnerabilities.html#Thunderbird\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200606-21.\";\n\n \n\nif(description)\n{\n script_id(57004);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2006-2775\", \"CVE-2006-2776\", \"CVE-2006-2778\", \"CVE-2006-2779\", \"CVE-2006-2780\", \"CVE-2006-2781\", \"CVE-2006-2783\", \"CVE-2006-2786\", \"CVE-2006-2787\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200606-21 (mozilla-thunderbird)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"mail-client/mozilla-thunderbird\", unaffected: make_list(\"ge 1.5.0.4\"), vulnerable: make_list(\"lt 1.5.0.4\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"mail-client/mozilla-thunderbird-bin\", unaffected: make_list(\"ge 1.5.0.4\"), vulnerable: make_list(\"lt 1.5.0.4\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:24", "bulletinFamily": "scanner", "description": "The remote host is missing an update to mozilla-thunderbird\nannounced via advisory DSA 1134-1.\n\nSeveral security related problems have been discovered in Mozilla\nwhich are also present in Mozilla Thunderbird. For details,\nplease visit the referenced security advisories.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=57203", "id": "OPENVAS:57203", "title": "Debian Security Advisory DSA 1134-1 (mozilla-thunderbird)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1134_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1134-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) these problems have been fixed in\nversion 1.0.2-2.sarge1.0.8a.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.5.0.4-1 and xulrunner 1.5.0.4-1 for galeon and epiphany.\n\nWe recommend that you upgrade your Mozilla Thunderbird packages.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201134-1\";\ntag_summary = \"The remote host is missing an update to mozilla-thunderbird\nannounced via advisory DSA 1134-1.\n\nSeveral security related problems have been discovered in Mozilla\nwhich are also present in Mozilla Thunderbird. For details,\nplease visit the referenced security advisories.\";\n\n\nif(description)\n{\n script_id(57203);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:13:11 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2006-1942\", \"CVE-2006-2775\", \"CVE-2006-2776\", \"CVE-2006-2777\", \"CVE-2006-2778\", \"CVE-2006-2779\", \"CVE-2006-2780\", \"CVE-2006-2781\", \"CVE-2006-2782\", \"CVE-2006-2783\", \"CVE-2006-2784\", \"CVE-2006-2785\", \"CVE-2006-2786\", \"CVE-2006-2787\", \"CVE-2006-1729\", \"CVE-2005-0752\");\n script_bugtraq_id(18228);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1134-1 (mozilla-thunderbird)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"1.0.2-2.sarge1.0.8a\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"1.0.2-2.sarge1.0.8a\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-inspector\", ver:\"1.0.2-2.sarge1.0.8a\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-offline\", ver:\"1.0.2-2.sarge1.0.8a\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-typeaheadfind\", ver:\"1.0.2-2.sarge1.0.8a\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:56", "bulletinFamily": "scanner", "description": "The remote host is missing an update to mozilla-firefox\nannounced via advisory DSA 1120-1. For details on the issues\naddressed with this update, please visit the referenced\nsecurity advisories.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=57155", "id": "OPENVAS:57155", "title": "Debian Security Advisory DSA 1120-1 (mozilla-firefox)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1120_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1120-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) these problems have been fixed in\nversion 1.0.4-2sarge9.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.5.dfsg+1.5.0.4-1.\n\nWe recommend that you upgrade your Mozilla Firefox packages.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201120-1\";\ntag_summary = \"The remote host is missing an update to mozilla-firefox\nannounced via advisory DSA 1120-1. For details on the issues\naddressed with this update, please visit the referenced\nsecurity advisories.\";\n\n\nif(description)\n{\n script_id(57155);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:13:11 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2006-1942\", \"CVE-2006-2775\", \"CVE-2006-2776\", \"CVE-2006-2777\", \"CVE-2006-2778\", \"CVE-2006-2779\", \"CVE-2006-2780\", \"CVE-2006-2782\", \"CVE-2006-2783\", \"CVE-2006-2784\", \"CVE-2006-2785\", \"CVE-2006-2786\", \"CVE-2006-2787\", \"CVE-2006-1729\", \"CVE-2005-0752\");\n script_bugtraq_id(18228);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1120-1 (mozilla-firefox)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"mozilla-firefox\", ver:\"1.0.4-2sarge9\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-firefox-dom-inspector\", ver:\"1.0.4-2sarge9\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-firefox-gnome-support\", ver:\"1.0.4-2sarge9\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:25", "bulletinFamily": "scanner", "description": "The remote host is missing an update to mozilla\nannounced via advisory DSA 1118-1. For details, please\nvisit the referenced security advisories.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=57153", "id": "OPENVAS:57153", "title": "Debian Security Advisory DSA 1118-1 (mozilla)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1118_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1118-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) these problems have been fixed in\nversion 1.7.8-1sarge7.1\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.7.13-0.3.\n\nWe recommend that you upgrade your Mozilla packages.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201118-1\";\ntag_summary = \"The remote host is missing an update to mozilla\nannounced via advisory DSA 1118-1. For details, please\nvisit the referenced security advisories.\";\n\n\nif(description)\n{\n script_id(57153);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:13:11 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2006-1942\", \"CVE-2006-2775\", \"CVE-2006-2776\", \"CVE-2006-2777\", \"CVE-2006-2778\", \"CVE-2006-2779\", \"CVE-2006-2780\", \"CVE-2006-2781\", \"CVE-2006-2782\", \"CVE-2006-2783\", \"CVE-2006-2784\", \"CVE-2006-2785\", \"CVE-2006-2786\", \"CVE-2006-2787\", \"CVE-2006-1729\", \"CVE-2005-0752\");\n script_bugtraq_id(18228);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1118-1 (mozilla)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libnspr-dev\", ver:\"1.7.8-1sarge7.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4\", ver:\"1.7.8-1sarge7.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss-dev\", ver:\"1.7.8-1sarge7.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3\", ver:\"1.7.8-1sarge7.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla\", ver:\"1.7.8-1sarge7.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-browser\", ver:\"1.7.8-1sarge7.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-calendar\", ver:\"1.7.8-1sarge7.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-chatzilla\", ver:\"1.7.8-1sarge7.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-dev\", ver:\"1.7.8-1sarge7.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-dom-inspector\", ver:\"1.7.8-1sarge7.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-js-debugger\", ver:\"1.7.8-1sarge7.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-mailnews\", ver:\"1.7.8-1sarge7.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-psm\", ver:\"1.7.8-1sarge7.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:18", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200703-05.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=58064", "id": "OPENVAS:58064", "title": "Gentoo Security Advisory GLSA 200703-05 (mozilla)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities exist in the Mozilla Suite, which is no longer\nsupported by the Mozilla project.\";\ntag_solution = \"The Mozilla Suite is no longer supported and has been masked after some\nnecessary changes on all the other ebuilds which used to depend on it.\nMozilla Suite users should unmerge www-client/mozilla or\nwww-client/mozilla-bin, and switch to a supported product, like SeaMonkey,\nThunderbird or Firefox.\n\n \n # emerge --unmerge 'www-client/mozilla'\n \n # emerge --unmerge 'www-client/mozilla-bin'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200703-05\nhttp://bugs.gentoo.org/show_bug.cgi?id=135257\nhttp://www.mozilla.org/projects/security/known-vulnerabilities.html#Mozilla\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200703-05.\";\n\n \n\nif(description)\n{\n script_id(58064);\n script_version(\"$Revision: 6596 $\");\n script_cve_id(\"CVE-2006-2775\", \"CVE-2006-2776\", \"CVE-2006-2778\", \"CVE-2006-2779\",\n \"CVE-2006-2780\", \"CVE-2006-2781\", \"CVE-2006-2782\", \"CVE-2006-2783\",\n \"CVE-2006-2784\", \"CVE-2006-2785\", \"CVE-2006-2786\", \"CVE-2006-2787\",\n \"CVE-2006-2788\", \"CVE-2006-2777\");\n script_bugtraq_id(18228);\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200703-05 (mozilla)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"www-client/mozilla\", unaffected: make_list(), vulnerable: make_list(\"le 1.7.13\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"www-client/mozilla-bin\", unaffected: make_list(), vulnerable: make_list(\"le 1.7.13\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:19", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-19T00:00:00", "published": "2008-09-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=52132", "id": "OPENVAS:52132", "title": "FreeBSD Ports: firefox", "type": "openvas", "sourceData": "#\n#VID ce6ac624-aec8-11d9-a788-0001020eed82\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n firefox\n linux-firefox\n\nCVE-2005-0752\nThe Plugin Finder Service (PFS) in Firefox before 1.0.3 allows remote\nattackers to execute arbitrary code via a javascript: URL in the\nPLUGINSPAGE attribute of an EMBED tag.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.mozilla.org/security/announce/mfsa2005-34.html\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=288556\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=289171\nhttp://www.vuxml.org/freebsd/ce6ac624-aec8-11d9-a788-0001020eed82.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52132);\n script_version(\"$Revision: 4112 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-19 15:17:59 +0200 (Mon, 19 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2005-0752\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: firefox\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0.3,1\")<0) {\n txt += 'Package firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0.3\")<0) {\n txt += 'Package linux-firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-02-21T01:09:12", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200606-21 (Mozilla Thunderbird: Multiple vulnerabilities)\n\n Several vulnerabilities were found and fixed in Mozilla Thunderbird.\n For details, please consult the references below.\n Impact :\n\n A remote attacker could craft malicious emails that would leverage these issues to inject and execute arbitrary script code with elevated privileges, spoof content, and possibly execute arbitrary code with the rights of the user running the application.\n Workaround :\n\n There are no known workarounds for all the issues at this time.", "modified": "2018-08-10T00:00:00", "id": "GENTOO_GLSA-200606-21.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=21734", "published": "2006-06-20T00:00:00", "title": "GLSA-200606-21 : Mozilla Thunderbird: Multiple vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200606-21.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21734);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2018/08/10 18:07:06\");\n\n script_cve_id(\"CVE-2006-2775\", \"CVE-2006-2776\", \"CVE-2006-2778\", \"CVE-2006-2779\", \"CVE-2006-2780\", \"CVE-2006-2781\", \"CVE-2006-2783\", \"CVE-2006-2786\", \"CVE-2006-2787\");\n script_xref(name:\"GLSA\", value:\"200606-21\");\n\n script_name(english:\"GLSA-200606-21 : Mozilla Thunderbird: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200606-21\n(Mozilla Thunderbird: Multiple vulnerabilities)\n\n Several vulnerabilities were found and fixed in Mozilla Thunderbird.\n For details, please consult the references below.\n \nImpact :\n\n A remote attacker could craft malicious emails that would leverage\n these issues to inject and execute arbitrary script code with elevated\n privileges, spoof content, and possibly execute arbitrary code with the\n rights of the user running the application.\n \nWorkaround :\n\n There are no known workarounds for all the issues at this time.\"\n );\n # http://www.mozilla.org/projects/security/known-vulnerabilities.html#Thunderbird\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?92848d5a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200606-21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Mozilla Thunderbird users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-1.5.0.4'\n All Mozilla Thunderbird binary users should upgrade to the latest\n version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-bin-1.5.0.4'\n Note: There is no stable fixed version for the Alpha architecture yet.\n Users of Mozilla Thunderbird on Alpha should consider unmerging it\n until such a version is available.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(94, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mozilla-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mozilla-thunderbird-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/06/20\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/06/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"mail-client/mozilla-thunderbird-bin\", unaffected:make_list(\"ge 1.5.0.4\"), vulnerable:make_list(\"lt 1.5.0.4\"))) flag++;\nif (qpkg_check(package:\"mail-client/mozilla-thunderbird\", unaffected:make_list(\"ge 1.5.0.4\"), vulnerable:make_list(\"lt 1.5.0.4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Mozilla Thunderbird\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:10:09", "bulletinFamily": "scanner", "description": "This update of Mozilla Thunderbird fixes the security problems fixed in version 1.5.0.4: MFSA 2006-31/CVE-2006-2787: EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via JavaScript that calls the valueOf method on objects that were created outside of the sandbox. MFSA 2006-32/CVE-2006-2780: Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via 'jsstr tagify,' which leads to memory corruption. MFSA 2006-32/CVE-2006-2779:\nMozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) 'Content-implemented tree views,' (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory corruption. MFSA 2006-33/CVE-2006-2786: HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via (1) invalid HTTP response headers with spaces between the header name and the colon, which might not be ignored in some cases, or (2) HTTP 1.1 headers through an HTTP 1.0 proxy, which are ignored by the proxy but processed by the client. MFSA 2006-35/CVE-2006-2775: Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with the wrong URL under certain unspecified circumstances, which might allow remote attackers to bypass restrictions by causing a persisted string to be associated with the wrong URL. MFSA 2006-37/CVE-2006-2776: Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended. MFSA 2006-38/CVE-2006-2778: The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow. MFSA 2006-40/CVE-2006-2781: Double-free vulnerability in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters.\nMFSA 2006-42/CVE-2006-2783: Mozilla Firefox and Thunderbird before 1.5.0.4 strips the Unicode Byte-order-Mark (BOM) from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT.", "modified": "2018-07-19T00:00:00", "id": "SUSE_MOZILLATHUNDERBIRD-1672.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=27124", "published": "2007-10-17T00:00:00", "title": "openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-1672)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update MozillaThunderbird-1672.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(27124);\n script_version (\"1.12\");\n script_cvs_date(\"Date: 2018/07/19 23:54:23\");\n\n script_cve_id(\"CVE-2006-2775\", \"CVE-2006-2776\", \"CVE-2006-2778\", \"CVE-2006-2779\", \"CVE-2006-2780\", \"CVE-2006-2781\", \"CVE-2006-2783\", \"CVE-2006-2786\", \"CVE-2006-2787\");\n\n script_name(english:\"openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-1672)\");\n script_summary(english:\"Check for the MozillaThunderbird-1672 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of Mozilla Thunderbird fixes the security problems fixed\nin version 1.5.0.4: MFSA 2006-31/CVE-2006-2787: EvalInSandbox in\nMozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers\nto gain privileges via JavaScript that calls the valueOf method on\nobjects that were created outside of the sandbox. MFSA\n2006-32/CVE-2006-2780: Integer overflow in Mozilla Firefox and\nThunderbird before 1.5.0.4 allows remote attackers to cause a denial\nof service (crash) and possibly execute arbitrary code via 'jsstr\ntagify,' which leads to memory corruption. MFSA 2006-32/CVE-2006-2779:\nMozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers\nto cause a denial of service (crash) and possibly execute arbitrary\ncode via (1) nested <option> tags in a select tag, (2) a\nDOMNodeRemoved mutation event, (3) 'Content-implemented tree views,'\n(4) BoxObjects, (5) the XBL implementation, (6) an iframe that\nattempts to remove itself, which leads to memory corruption. MFSA\n2006-33/CVE-2006-2786: HTTP response smuggling vulnerability in\nMozilla Firefox and Thunderbird before 1.5.0.4, when used with certain\nproxy servers, allows remote attackers to cause Firefox to interpret\ncertain responses as if they were responses from two different sites\nvia (1) invalid HTTP response headers with spaces between the header\nname and the colon, which might not be ignored in some cases, or (2)\nHTTP 1.1 headers through an HTTP 1.0 proxy, which are ignored by the\nproxy but processed by the client. MFSA 2006-35/CVE-2006-2775: Mozilla\nFirefox and Thunderbird before 1.5.0.4 associates XUL attributes with\nthe wrong URL under certain unspecified circumstances, which might\nallow remote attackers to bypass restrictions by causing a persisted\nstring to be associated with the wrong URL. MFSA\n2006-37/CVE-2006-2776: Certain privileged UI code in Mozilla Firefox\nand Thunderbird before 1.5.0.4 calls content-defined setters on an\nobject prototype, which allows remote attackers to execute code at a\nhigher privilege than intended. MFSA 2006-38/CVE-2006-2778: The\ncrypto.signText function in Mozilla Firefox and Thunderbird before\n1.5.0.4 allows remote attackers to execute arbitrary code via certain\noptional Certificate Authority name arguments, which causes an invalid\narray index and triggers a buffer overflow. MFSA\n2006-40/CVE-2006-2781: Double-free vulnerability in Mozilla\nThunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote\nattackers to cause a denial of service (hang) and possibly execute\narbitrary code via a VCard that contains invalid base64 characters.\nMFSA 2006-42/CVE-2006-2783: Mozilla Firefox and Thunderbird before\n1.5.0.4 strips the Unicode Byte-order-Mark (BOM) from a UTF-8 page\nbefore the page is passed to the parser, which allows remote attackers\nto conduct cross-site scripting (XSS) attacks via a BOM sequence in\nthe middle of a dangerous tag such as SCRIPT.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaThunderbird packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(94, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"MozillaThunderbird-1.5.0.4-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"MozillaThunderbird-translations-1.5.0.4-2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Thunderbird\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:09:11", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200606-12 (Mozilla Firefox: Multiple vulnerabilities)\n\n A number of vulnerabilities were found and fixed in Mozilla Firefox. For details please consult the references below.\n Impact :\n\n By enticing the user to visit a malicious website, a remote attacker can inject arbitrary HTML and JavaScript Code into the user's browser, execute JavaScript code with elevated privileges and possibly execute arbitrary code with the permissions of the user running the application.\n Workaround :\n\n There is no known workaround at this time.", "modified": "2018-08-10T00:00:00", "id": "GENTOO_GLSA-200606-12.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=21705", "published": "2006-06-16T00:00:00", "title": "GLSA-200606-12 : Mozilla Firefox: Multiple vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200606-12.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21705);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2018/08/10 18:07:06\");\n\n script_cve_id(\"CVE-2006-2775\", \"CVE-2006-2776\", \"CVE-2006-2777\", \"CVE-2006-2778\", \"CVE-2006-2779\", \"CVE-2006-2780\", \"CVE-2006-2782\", \"CVE-2006-2783\", \"CVE-2006-2784\", \"CVE-2006-2785\", \"CVE-2006-2786\", \"CVE-2006-2787\");\n script_xref(name:\"GLSA\", value:\"200606-12\");\n\n script_name(english:\"GLSA-200606-12 : Mozilla Firefox: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200606-12\n(Mozilla Firefox: Multiple vulnerabilities)\n\n A number of vulnerabilities were found and fixed in Mozilla\n Firefox. For details please consult the references below.\n \nImpact :\n\n By enticing the user to visit a malicious website, a remote\n attacker can inject arbitrary HTML and JavaScript Code into the user's\n browser, execute JavaScript code with elevated privileges and possibly\n execute arbitrary code with the permissions of the user running the\n application.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # http://www.mozilla.org/projects/security/known-vulnerabilities.html#Firefox\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9101c648\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200606-12\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Mozilla Firefox users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-1.5.0.4'\n All Mozilla Firefox binary users should upgrade to the latest\n version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-bin-1.5.0.4'\n Note: There is no stable fixed version for the Alpha\n architecture yet. Users of Mozilla Firefox on Alpha should consider\n unmerging it until such a version is available.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mozilla-firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mozilla-firefox-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/06/16\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/06/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/mozilla-firefox-bin\", unaffected:make_list(\"ge 1.5.0.4\"), vulnerable:make_list(\"lt 1.5.0.4\"))) flag++;\nif (qpkg_check(package:\"www-client/mozilla-firefox\", unaffected:make_list(\"ge 1.5.0.4\"), vulnerable:make_list(\"lt 1.5.0.4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Mozilla Firefox\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:09:10", "bulletinFamily": "scanner", "description": "The installed version of Firefox is affected by various security issues, some of which may lead to execution of arbitrary code on the affected host subject to the user's privileges.", "modified": "2018-07-16T00:00:00", "id": "MOZILLA_FIREFOX_1504.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=21627", "published": "2006-06-03T00:00:00", "title": "Firefox < 1.5.0.4 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (NASL_LEVEL < 3004) exit(0);\n\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21627);\n script_version(\"1.22\");\n\n script_cve_id(\n \"CVE-2006-1942\", \n \"CVE-2006-2775\", \n \"CVE-2006-2776\", \n \"CVE-2006-2777\", \n \"CVE-2006-2778\", \n \"CVE-2006-2779\", \n \"CVE-2006-2780\", \n \"CVE-2006-2782\", \n \"CVE-2006-2783\", \n \"CVE-2006-2784\", \n \"CVE-2006-2785\", \n \"CVE-2006-2786\", \n \"CVE-2006-2787\"\n );\n script_bugtraq_id(18228);\n\n script_name(english:\"Firefox < 1.5.0.4 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Firefox\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser that is affected by\nmultiple vulnerabilities.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Firefox is affected by various security issues,\nsome of which may lead to execution of arbitrary code on the affected\nhost subject to the user's privileges.\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-31/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-32/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-33/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-34/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-35/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-36/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-37/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-38/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-39/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-41/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-42/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-43/\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Firefox 1.5.0.4 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 94);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2006/06/03\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2006/05/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2006/06/01\");\n script_cvs_date(\"Date: 2018/07/16 14:09:14\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"local\");\nscript_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\nscript_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\"); \n\ninstalls = get_kb_list(\"SMB/Mozilla/Firefox/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Firefox\");\n\nmozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'1.5.0.4', severity:SECURITY_HOLE);", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:09:10", "bulletinFamily": "scanner", "description": "The remote version of Mozilla Thunderbird suffers from various security issues, some of which could lead to execution of arbitrary code on the affected host subject to the user's privileges.", "modified": "2018-07-16T00:00:00", "id": "MOZILLA_THUNDERBIRD_1504.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=21628", "published": "2006-06-03T00:00:00", "title": "Mozilla Thunderbird < 1.5.0.4 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21628);\n script_version(\"1.22\");\n\n script_cve_id(\n \"CVE-2006-2775\", \n \"CVE-2006-2776\", \n \"CVE-2006-2778\", \n \"CVE-2006-2779\", \n \"CVE-2006-2780\", \n \"CVE-2006-2781\", \n \"CVE-2006-2783\", \n \"CVE-2006-2786\", \n \"CVE-2006-2787\"\n );\n script_bugtraq_id(18228);\n\n script_name(english:\"Mozilla Thunderbird < 1.5.0.4 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Mozilla Thunderbird\");\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a mail client that is affected by \nmultiple vulnerabilities.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote version of Mozilla Thunderbird suffers from various \nsecurity issues, some of which could lead to execution of arbitrary \ncode on the affected host subject to the user's privileges.\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-31/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-32/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-33/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-35/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-37/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-38/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-40/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-42/\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Thunderbird 1.5.0.4 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94, 119);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2006/06/03\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2006/06/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2006/06/01\");\n script_cvs_date(\"Date: 2018/07/16 14:09:15\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"local\");\nscript_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\nscript_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Thunderbird/Version\");\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\");\n\ninstalls = get_kb_list(\"SMB/Mozilla/Thunderbird/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Thunderbird\");\n\nmozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'1.5.0.4', severity:SECURITY_HOLE);", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:09:10", "bulletinFamily": "scanner", "description": "The installed version of SeaMonkey contains various security issues, some of which could lead to execution of arbitrary code on the affected host subject to the user's privileges.", "modified": "2018-07-27T00:00:00", "id": "SEAMONKEY_102.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=21629", "published": "2006-06-03T00:00:00", "title": "SeaMonkey < 1.0.2 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21629);\n script_version(\"1.25\");\n script_cvs_date(\"Date: 2018/07/27 18:38:15\");\n\n script_cve_id(\"CVE-2006-1942\", \"CVE-2006-2775\", \"CVE-2006-2776\", \"CVE-2006-2777\",\n \"CVE-2006-2778\", \"CVE-2006-2779\", \"CVE-2006-2780\", \"CVE-2006-2781\",\n \"CVE-2006-2782\", \"CVE-2006-2783\", \"CVE-2006-2785\", \"CVE-2006-2786\", \n \"CVE-2006-2787\");\n script_bugtraq_id(18228);\n\n script_name(english:\"SeaMonkey < 1.0.2 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of SeaMonkey\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser on the remote host is prone to multiple flaws.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of SeaMonkey contains various security issues,\nsome of which could lead to execution of arbitrary code on the affected\nhost subject to the user's privileges.\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-31/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-32/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-33/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-34/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-35/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-37/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-38/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-39/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-40/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-41/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-42/\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2006-43/\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to SeaMonkey 1.0.2 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 94, 119);\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2006/06/03\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2006/05/05\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:seamonkey\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n \n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n \n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"SeaMonkey/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\ninstalls = get_kb_list(\"SMB/SeaMonkey/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"SeaMonkey\");\n\nmozilla_check_version(installs:installs, product:'seamonkey', fix:'1.0.2', severity:SECURITY_HOLE);", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:09:29", "bulletinFamily": "scanner", "description": "Several security related problems have been discovered in Mozilla. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities :\n\n - CVE-2006-1942 Eric Foley discovered that a user can be tricked to expose a local file to a remote attacker by displaying a local file as image in connection with other vulnerabilities. [MFSA-2006-39]\n\n - CVE-2006-2775 XUL attributes are associated with the wrong URL under certain circumstances, which might allow remote attackers to bypass restrictions. [MFSA-2006-35]\n\n - CVE-2006-2776 Paul Nickerson discovered that content-defined setters on an object prototype were getting called by privileged user interface code, and 'moz_bug_r_a4' demonstrated that the higher privilege level could be passed along to the content-defined attack code. [MFSA-2006-37]\n\n - CVE-2006-2777 A vulnerability allows remote attackers to execute arbitrary code and create notifications that are executed in a privileged context. [MFSA-2006-43]\n\n - CVE-2006-2778 Mikolaj Habryn discovered a buffer overflow in the crypto.signText function that allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments. [MFSA-2006-38]\n\n - CVE-2006-2779 Mozilla team members discovered several crashes during testing of the browser engine showing evidence of memory corruption which may also lead to the execution of arbitrary code. This problem has only partially been corrected. [MFSA-2006-32]\n\n - CVE-2006-2780 An integer overflow allows remote attackers to cause a denial of service and may permit the execution of arbitrary code. [MFSA-2006-32]\n\n - CVE-2006-2782 Chuck McAuley discovered that a text input box can be pre-filled with a filename and then turned into a file-upload control, allowing a malicious website to steal any local file whose name they can guess.\n [MFSA-2006-41, MFSA-2006-23, CVE-2006-1729]\n\n - CVE-2006-2783 Masatoshi Kimura discovered that the Unicode Byte-order-Mark (BOM) is stripped from UTF-8 pages during the conversion to Unicode before the parser sees the web page, which allows remote attackers to conduct cross-site scripting (XSS) attacks. [MFSA-2006-42]\n\n - CVE-2006-2784 Paul Nickerson discovered that the fix for CVE-2005-0752 can be bypassed using nested javascript: URLs, allowing the attacker to execute privileged code. [MFSA-2005-34, MFSA-2006-36]\n\n - CVE-2006-2785 Paul Nickerson demonstrated that if an attacker could convince a user to right-click on a broken image and choose 'View Image' from the context menu then he could get JavaScript to run. [MFSA-2006-34]\n\n - CVE-2006-2786 Kazuho Oku discovered that Mozilla's lenient handling of HTTP header syntax may allow remote attackers to trick the browser to interpret certain responses as if they were responses from two different sites. [MFSA-2006-33]\n\n - CVE-2006-2787 The Mozilla researcher 'moz_bug_r_a4' discovered that JavaScript run via EvalInSandbox can escape the sandbox and gain elevated privilege. [MFSA-2006-31]", "modified": "2018-07-20T00:00:00", "id": "DEBIAN_DSA-1120.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=22662", "published": "2006-10-14T00:00:00", "title": "Debian DSA-1120-1 : mozilla-firefox - several vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1120. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(22662);\n script_version(\"1.25\");\n script_cvs_date(\"Date: 2018/07/20 2:17:12\");\n\n script_cve_id(\"CVE-2006-1942\", \"CVE-2006-2775\", \"CVE-2006-2776\", \"CVE-2006-2777\", \"CVE-2006-2778\", \"CVE-2006-2779\", \"CVE-2006-2780\", \"CVE-2006-2782\", \"CVE-2006-2783\", \"CVE-2006-2784\", \"CVE-2006-2785\", \"CVE-2006-2786\", \"CVE-2006-2787\");\n script_bugtraq_id(18228);\n script_xref(name:\"CERT\", value:\"237257\");\n script_xref(name:\"CERT\", value:\"243153\");\n script_xref(name:\"CERT\", value:\"421529\");\n script_xref(name:\"CERT\", value:\"466673\");\n script_xref(name:\"CERT\", value:\"575969\");\n script_xref(name:\"DSA\", value:\"1120\");\n\n script_name(english:\"Debian DSA-1120-1 : mozilla-firefox - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several security related problems have been discovered in Mozilla. The\nCommon Vulnerabilities and Exposures project identifies the following\nvulnerabilities :\n\n - CVE-2006-1942\n Eric Foley discovered that a user can be tricked to\n expose a local file to a remote attacker by displaying a\n local file as image in connection with other\n vulnerabilities. [MFSA-2006-39]\n\n - CVE-2006-2775\n XUL attributes are associated with the wrong URL under\n certain circumstances, which might allow remote\n attackers to bypass restrictions. [MFSA-2006-35]\n\n - CVE-2006-2776\n Paul Nickerson discovered that content-defined setters\n on an object prototype were getting called by privileged\n user interface code, and 'moz_bug_r_a4' demonstrated\n that the higher privilege level could be passed along to\n the content-defined attack code. [MFSA-2006-37]\n\n - CVE-2006-2777\n A vulnerability allows remote attackers to execute\n arbitrary code and create notifications that are\n executed in a privileged context. [MFSA-2006-43]\n\n - CVE-2006-2778\n Mikolaj Habryn discovered a buffer overflow in the\n crypto.signText function that allows remote attackers to\n execute arbitrary code via certain optional Certificate\n Authority name arguments. [MFSA-2006-38]\n\n - CVE-2006-2779\n Mozilla team members discovered several crashes during\n testing of the browser engine showing evidence of memory\n corruption which may also lead to the execution of\n arbitrary code. This problem has only partially been\n corrected. [MFSA-2006-32]\n\n - CVE-2006-2780\n An integer overflow allows remote attackers to cause a\n denial of service and may permit the execution of\n arbitrary code. [MFSA-2006-32]\n\n - CVE-2006-2782\n Chuck McAuley discovered that a text input box can be\n pre-filled with a filename and then turned into a\n file-upload control, allowing a malicious website to\n steal any local file whose name they can guess.\n [MFSA-2006-41, MFSA-2006-23, CVE-2006-1729]\n\n - CVE-2006-2783\n Masatoshi Kimura discovered that the Unicode\n Byte-order-Mark (BOM) is stripped from UTF-8 pages\n during the conversion to Unicode before the parser sees\n the web page, which allows remote attackers to conduct\n cross-site scripting (XSS) attacks. [MFSA-2006-42]\n\n - CVE-2006-2784\n Paul Nickerson discovered that the fix for CVE-2005-0752\n can be bypassed using nested javascript: URLs, allowing\n the attacker to execute privileged code. [MFSA-2005-34,\n MFSA-2006-36]\n\n - CVE-2006-2785\n Paul Nickerson demonstrated that if an attacker could\n convince a user to right-click on a broken image and\n choose 'View Image' from the context menu then he could\n get JavaScript to run. [MFSA-2006-34]\n\n - CVE-2006-2786\n Kazuho Oku discovered that Mozilla's lenient handling of\n HTTP header syntax may allow remote attackers to trick\n the browser to interpret certain responses as if they\n were responses from two different sites. [MFSA-2006-33]\n\n - CVE-2006-2787\n The Mozilla researcher 'moz_bug_r_a4' discovered that\n JavaScript run via EvalInSandbox can escape the sandbox\n and gain elevated privilege. [MFSA-2006-31]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-1942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-2775\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-2776\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-2777\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-2778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-2779\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-2780\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-2782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-1729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-2783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-2784\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2005-0752\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-2785\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-2786\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-2787\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-1120\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the Mozilla Firefox packages.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 1.0.4-2sarge9.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mozilla-firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"mozilla-firefox\", reference:\"1.0.4-2sarge9\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"mozilla-firefox-dom-inspector\", reference:\"1.0.4-2sarge9\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"mozilla-firefox-gnome-support\", reference:\"1.0.4-2sarge9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:10:19", "bulletinFamily": "scanner", "description": "Jonas Sicking discovered that under some circumstances persisted XUL attributes are associated with the wrong URL. A malicious website could exploit this to execute arbitrary code with the privileges of the user. (MFSA 2006-35, CVE-2006-2775)\n\nPaul Nickerson discovered that content-defined setters on an object prototype were getting called by privileged UI code. It was demonstrated that this could be exploited to run arbitrary web script with full user privileges (MFSA 2006-37, CVE-2006-2776). A similar attack was discovered by moz_bug_r_a4 that leveraged SelectionObject notifications that were called in privileged context. (MFSA 2006-43, CVE-2006-2777)\n\nMikolaj Habryn discovered a buffer overflow in the crypto.signText() function. By tricking a user to visit a site with an SSL certificate with specially crafted optional Certificate Authority name arguments, this could potentially be exploited to execute arbitrary code with the user's privileges. (MFSA 2006-38, CVE-2006-2778)\n\nThe Mozilla developer team discovered several bugs that lead to crashes with memory corruption. These might be exploitable by malicious websites to execute arbitrary code with the privileges of the user. (MFSA 2006-32, CVE-2006-2779, CVE-2006-2780)\n\nMasatoshi Kimura discovered a memory corruption (double-free) when processing a large VCard with invalid base64 characters in it. By sending a maliciously crafted set of VCards to a user, this could potentially be exploited to execute arbitrary code with the user's privileges. (MFSA 2006-40, CVE-2006-2781)\n\nChuck McAuley reported that the fix for CVE-2006-1729 (file stealing by changing input type) was not sufficient to prevent all variants of exploitation. (MFSA 2006-41, CVE-2006-2782)\n\nMasatoshi Kimura found a way to bypass web input sanitizers which filter out JavaScript. By inserting 'Unicode Byte-order-Mark (BOM)' characters into the HTML code (e. g. '<scr[BOM]ipt>'), these filters might not recognize the tags anymore; however, Mozilla would still execute them since BOM markers are filtered out before processing the page. (MFSA 2006-42, CVE-2006-2783)\n\nPaul Nickerson noticed that the fix for CVE-2005-0752 (JavaScript privilege escalation on the plugins page) was not sufficient to prevent all variants of exploitation. (MFSA 2006-36, CVE-2006-2784)\n\nPaul Nickerson demonstrated that if an attacker could convince a user to right-click on a broken image and choose 'View Image' from the context menu then he could get JavaScript to run on a site of the attacker's choosing. This could be used to steal login cookies or other confidential information from the target site. (MFSA 2006-34, CVE-2006-2785)\n\nKazuho Oku discovered various ways to perform HTTP response smuggling when used with certain proxy servers. Due to different interpretation of nonstandard HTTP headers in Mozilla and the proxy server, a malicious website can exploit this to send back two responses to one request. The second response could be used to steal login cookies or other sensitive data from another opened website. (MFSA 2006-33, CVE-2006-2786).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-08-15T00:00:00", "id": "UBUNTU_USN-323-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=27901", "published": "2007-11-10T00:00:00", "title": "Ubuntu 5.04 / 5.10 : mozilla vulnerabilities (USN-323-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-323-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(27901);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/08/15 16:35:43\");\n\n script_cve_id(\"CVE-2005-0752\", \"CVE-2006-1729\", \"CVE-2006-2775\", \"CVE-2006-2776\", \"CVE-2006-2777\", \"CVE-2006-2778\", \"CVE-2006-2779\", \"CVE-2006-2780\", \"CVE-2006-2781\", \"CVE-2006-2782\", \"CVE-2006-2783\", \"CVE-2006-2784\", \"CVE-2006-2785\", \"CVE-2006-2786\", \"CVE-2006-2787\");\n script_xref(name:\"USN\", value:\"323-1\");\n\n script_name(english:\"Ubuntu 5.04 / 5.10 : mozilla vulnerabilities (USN-323-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jonas Sicking discovered that under some circumstances persisted XUL\nattributes are associated with the wrong URL. A malicious website\ncould exploit this to execute arbitrary code with the privileges of\nthe user. (MFSA 2006-35, CVE-2006-2775)\n\nPaul Nickerson discovered that content-defined setters on an object\nprototype were getting called by privileged UI code. It was\ndemonstrated that this could be exploited to run arbitrary web script\nwith full user privileges (MFSA 2006-37, CVE-2006-2776). A similar\nattack was discovered by moz_bug_r_a4 that leveraged SelectionObject\nnotifications that were called in privileged context. (MFSA 2006-43,\nCVE-2006-2777)\n\nMikolaj Habryn discovered a buffer overflow in the crypto.signText()\nfunction. By tricking a user to visit a site with an SSL certificate\nwith specially crafted optional Certificate Authority name arguments,\nthis could potentially be exploited to execute arbitrary code with the\nuser's privileges. (MFSA 2006-38, CVE-2006-2778)\n\nThe Mozilla developer team discovered several bugs that lead to\ncrashes with memory corruption. These might be exploitable by\nmalicious websites to execute arbitrary code with the privileges of\nthe user. (MFSA 2006-32, CVE-2006-2779, CVE-2006-2780)\n\nMasatoshi Kimura discovered a memory corruption (double-free) when\nprocessing a large VCard with invalid base64 characters in it. By\nsending a maliciously crafted set of VCards to a user, this could\npotentially be exploited to execute arbitrary code with the user's\nprivileges. (MFSA 2006-40, CVE-2006-2781)\n\nChuck McAuley reported that the fix for CVE-2006-1729 (file stealing\nby changing input type) was not sufficient to prevent all variants of\nexploitation. (MFSA 2006-41, CVE-2006-2782)\n\nMasatoshi Kimura found a way to bypass web input sanitizers which\nfilter out JavaScript. By inserting 'Unicode Byte-order-Mark (BOM)'\ncharacters into the HTML code (e. g. '<scr[BOM]ipt>'), these filters\nmight not recognize the tags anymore; however, Mozilla would still\nexecute them since BOM markers are filtered out before processing the\npage. (MFSA 2006-42, CVE-2006-2783)\n\nPaul Nickerson noticed that the fix for CVE-2005-0752 (JavaScript\nprivilege escalation on the plugins page) was not sufficient to\nprevent all variants of exploitation. (MFSA 2006-36, CVE-2006-2784)\n\nPaul Nickerson demonstrated that if an attacker could convince a user\nto right-click on a broken image and choose 'View Image' from the\ncontext menu then he could get JavaScript to run on a site of the\nattacker's choosing. This could be used to steal login cookies or\nother confidential information from the target site. (MFSA 2006-34,\nCVE-2006-2785)\n\nKazuho Oku discovered various ways to perform HTTP response smuggling\nwhen used with certain proxy servers. Due to different interpretation\nof nonstandard HTTP headers in Mozilla and the proxy server, a\nmalicious website can exploit this to send back two responses to one\nrequest. The second response could be used to steal login cookies or\nother sensitive data from another opened website. (MFSA 2006-33,\nCVE-2006-2786).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 94, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnspr-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnspr4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnss-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnss3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-chatzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-mailnews\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-psm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/06/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2006-2018 Canonical, Inc. / NASL script (C) 2007-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(5\\.04|5\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 5.04 / 5.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libnspr-dev\", pkgver:\"1.7.13-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libnspr4\", pkgver:\"1.7.13-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libnss-dev\", pkgver:\"1.7.13-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libnss3\", pkgver:\"1.7.13-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"mozilla\", pkgver:\"1.7.13-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"mozilla-browser\", pkgver:\"2:1.7.13-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"mozilla-calendar\", pkgver:\"1.7.13-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"mozilla-chatzilla\", pkgver:\"1.7.13-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"mozilla-dev\", pkgver:\"1.7.13-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"mozilla-dom-inspector\", pkgver:\"1.7.13-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"mozilla-js-debugger\", pkgver:\"1.7.13-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"mozilla-mailnews\", pkgver:\"2:1.7.13-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"mozilla-psm\", pkgver:\"2:1.7.13-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libnspr-dev\", pkgver:\"1.7.13-0ubuntu5.10.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libnspr4\", pkgver:\"1.7.13-0ubuntu5.10.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libnss-dev\", pkgver:\"1.7.13-0ubuntu5.10.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libnss3\", pkgver:\"1.7.13-0ubuntu5.10.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla\", pkgver:\"1.7.13-0ubuntu5.10.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla-browser\", pkgver:\"2:1.7.13-0ubuntu5.10.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla-calendar\", pkgver:\"1.7.13-0ubuntu5.10.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla-chatzilla\", pkgver:\"1.7.13-0ubuntu5.10.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla-dev\", pkgver:\"1.7.13-0ubuntu5.10.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla-dom-inspector\", pkgver:\"1.7.13-0ubuntu5.10.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla-js-debugger\", pkgver:\"1.7.13-0ubuntu5.10.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla-mailnews\", pkgver:\"2:1.7.13-0ubuntu5.10.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla-psm\", pkgver:\"2:1.7.13-0ubuntu5.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libnspr-dev / libnspr4 / libnss-dev / libnss3 / mozilla / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:10:19", "bulletinFamily": "scanner", "description": "Jonas Sicking discovered that under some circumstances persisted XUL attributes are associated with the wrong URL. A malicious website could exploit this to execute arbitrary code with the privileges of the user. (MFSA 2006-35, CVE-2006-2775)\n\nPaul Nickerson discovered that content-defined setters on an object prototype were getting called by privileged UI code. It was demonstrated that this could be exploited to run arbitrary web script with full user privileges (MFSA 2006-37, CVE-2006-2776).\n\nMikolaj Habryn discovered a buffer overflow in the crypto.signText() function. By sending an email with malicious JavaScript to an user, and that user enabled JavaScript in Thunderbird (which is not the default and not recommended), this could potentially be exploited to execute arbitrary code with the user's privileges. (MFSA 2006-38, CVE-2006-2778)\n\nThe Mozilla developer team discovered several bugs that lead to crashes with memory corruption. These might be exploitable by malicious websites to execute arbitrary code with the privileges of the user. (MFSA 2006-32, CVE-2006-2779, CVE-2006-2780)\n\nMasatoshi Kimura discovered a memory corruption (double-free) when processing a large VCard with invalid base64 characters in it. By sending a maliciously crafted set of VCards to a user, this could potentially be exploited to execute arbitrary code with the user's privileges. (MFSA 2006-40, CVE-2006-2781)\n\nMasatoshi Kimura found a way to bypass web input sanitizers which filter out JavaScript. By inserting 'Unicode Byte-order-Mark (BOM)' characters into the HTML code (e. g. '<scr[BOM]ipt>'), these filters might not recognize the tags anymore; however, Thunderbird would still execute them since BOM markers are filtered out before processing a mail containing JavaScript. (MFSA 2006-42, CVE-2006-2783)\n\nKazuho Oku discovered various ways to perform HTTP response smuggling when used with certain proxy servers. Due to different interpretation of nonstandard HTTP headers in Thunderbird and the proxy server, a malicious HTML email can exploit this to send back two responses to one request. The second response could be used to steal login cookies or other sensitive data from another opened website. (MFSA 2006-33, CVE-2006-2786)\n\nIt was discovered that JavaScript run via EvalInSandbox() can escape the sandbox. Malicious scripts received in emails containing JavaScript could use these privileges to execute arbitrary code with the user's privileges. (MFSA 2006-31, CVE-2006-2787)\n\nThe 'enigmail' plugin has been updated to work with the new Thunderbird version.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-297-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=27870", "published": "2007-11-10T00:00:00", "title": "Ubuntu 6.06 LTS : mozilla-thunderbird vulnerabilities (USN-297-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-297-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(27870);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/12/01 15:12:38\");\n\n script_cve_id(\"CVE-2006-2775\", \"CVE-2006-2776\", \"CVE-2006-2778\", \"CVE-2006-2779\", \"CVE-2006-2780\", \"CVE-2006-2781\", \"CVE-2006-2783\", \"CVE-2006-2786\", \"CVE-2006-2787\");\n script_xref(name:\"USN\", value:\"297-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS : mozilla-thunderbird vulnerabilities (USN-297-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jonas Sicking discovered that under some circumstances persisted XUL\nattributes are associated with the wrong URL. A malicious website\ncould exploit this to execute arbitrary code with the privileges of\nthe user. (MFSA 2006-35, CVE-2006-2775)\n\nPaul Nickerson discovered that content-defined setters on an object\nprototype were getting called by privileged UI code. It was\ndemonstrated that this could be exploited to run arbitrary web script\nwith full user privileges (MFSA 2006-37, CVE-2006-2776).\n\nMikolaj Habryn discovered a buffer overflow in the crypto.signText()\nfunction. By sending an email with malicious JavaScript to an user,\nand that user enabled JavaScript in Thunderbird (which is not the\ndefault and not recommended), this could potentially be exploited to\nexecute arbitrary code with the user's privileges. (MFSA 2006-38,\nCVE-2006-2778)\n\nThe Mozilla developer team discovered several bugs that lead to\ncrashes with memory corruption. These might be exploitable by\nmalicious websites to execute arbitrary code with the privileges of\nthe user. (MFSA 2006-32, CVE-2006-2779, CVE-2006-2780)\n\nMasatoshi Kimura discovered a memory corruption (double-free) when\nprocessing a large VCard with invalid base64 characters in it. By\nsending a maliciously crafted set of VCards to a user, this could\npotentially be exploited to execute arbitrary code with the user's\nprivileges. (MFSA 2006-40, CVE-2006-2781)\n\nMasatoshi Kimura found a way to bypass web input sanitizers which\nfilter out JavaScript. By inserting 'Unicode Byte-order-Mark (BOM)'\ncharacters into the HTML code (e. g. '<scr[BOM]ipt>'), these filters\nmight not recognize the tags anymore; however, Thunderbird would still\nexecute them since BOM markers are filtered out before processing a\nmail containing JavaScript. (MFSA 2006-42, CVE-2006-2783)\n\nKazuho Oku discovered various ways to perform HTTP response smuggling\nwhen used with certain proxy servers. Due to different interpretation\nof nonstandard HTTP headers in Thunderbird and the proxy server, a\nmalicious HTML email can exploit this to send back two responses to\none request. The second response could be used to steal login cookies\nor other sensitive data from another opened website. (MFSA 2006-33,\nCVE-2006-2786)\n\nIt was discovered that JavaScript run via EvalInSandbox() can escape\nthe sandbox. Malicious scripts received in emails containing\nJavaScript could use these privileges to execute arbitrary code with\nthe user's privileges. (MFSA 2006-31, CVE-2006-2787)\n\nThe 'enigmail' plugin has been updated to work with the new\nThunderbird version.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/297-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(94, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-enigmail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-typeaheadfind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mozilla-thunderbird\", pkgver:\"1.5.0.4-0ubuntu6.06\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mozilla-thunderbird-dev\", pkgver:\"1.5.0.4-0ubuntu6.06\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mozilla-thunderbird-enigmail\", pkgver:\"2:0.94-0ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mozilla-thunderbird-inspector\", pkgver:\"1.5.0.4-0ubuntu6.06\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mozilla-thunderbird-typeaheadfind\", pkgver:\"1.5.0.4-0ubuntu6.06\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mozilla-thunderbird / mozilla-thunderbird-dev / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:10:19", "bulletinFamily": "scanner", "description": "USN-297-1 fixed several vulnerabilities in Thunderbird for the Ubuntu 6.06 LTS release. This update provides the corresponding fixes for Ubuntu 5.04 and Ubuntu 5.10.\n\nFor reference, these are the details of the original USN :\n\nJonas Sicking discovered that under some circumstances persisted XUL attributes are associated with the wrong URL. A malicious website could exploit this to execute arbitrary code with the privileges of the user. (MFSA 2006-35, CVE-2006-2775)\n\nPaul Nickerson discovered that content-defined setters on an object prototype were getting called by privileged UI code.\nIt was demonstrated that this could be exploited to run arbitrary web script with full user privileges (MFSA 2006-37, CVE-2006-2776).\n\nMikolaj Habryn discovered a buffer overflow in the crypto.signText() function. By sending an email with malicious JavaScript to an user, and that user enabled JavaScript in Thunderbird (which is not the default and not recommended), this could potentially be exploited to execute arbitrary code with the user's privileges. (MFSA 2006-38, CVE-2006-2778)\n\nThe Mozilla developer team discovered several bugs that lead to crashes with memory corruption. These might be exploitable by malicious websites to execute arbitrary code with the privileges of the user. (MFSA 2006-32, CVE-2006-2779, CVE-2006-2780)\n\nMasatoshi Kimura discovered a memory corruption (double-free) when processing a large VCard with invalid base64 characters in it. By sending a maliciously crafted set of VCards to a user, this could potentially be exploited to execute arbitrary code with the user's privileges. (MFSA 2006-40, CVE-2006-2781)\n\nMasatoshi Kimura found a way to bypass web input sanitizers which filter out JavaScript. By inserting 'Unicode Byte-order-Mark (BOM)' characters into the HTML code (e. g.\n'<scr[BOM]ipt>'), these filters might not recognize the tags anymore; however, Thunderbird would still execute them since BOM markers are filtered out before processing a mail containing JavaScript. (MFSA 2006-42, CVE-2006-2783)\n\nKazuho Oku discovered various ways to perform HTTP response smuggling when used with certain proxy servers. Due to different interpretation of nonstandard HTTP headers in Thunderbird and the proxy server, a malicious HTML email can exploit this to send back two responses to one request. The second response could be used to steal login cookies or other sensitive data from another opened web site. (MFSA 2006-33, CVE-2006-2786)\n\nIt was discovered that JavaScript run via EvalInSandbox() can escape the sandbox. Malicious scripts received in emails containing JavaScript could use these privileges to execute arbitrary code with the user's privileges. (MFSA 2006-31, CVE-2006-2787).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-08-15T00:00:00", "id": "UBUNTU_USN-297-3.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=27872", "published": "2007-11-10T00:00:00", "title": "Ubuntu 5.04 / 5.10 : mozilla-thunderbird vulnerabilities (USN-297-3)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-297-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(27872);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/08/15 16:35:43\");\n\n script_cve_id(\"CVE-2006-2775\", \"CVE-2006-2776\", \"CVE-2006-2778\", \"CVE-2006-2779\", \"CVE-2006-2780\", \"CVE-2006-2781\", \"CVE-2006-2783\", \"CVE-2006-2784\", \"CVE-2006-2786\", \"CVE-2006-2787\");\n script_xref(name:\"USN\", value:\"297-3\");\n\n script_name(english:\"Ubuntu 5.04 / 5.10 : mozilla-thunderbird vulnerabilities (USN-297-3)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-297-1 fixed several vulnerabilities in Thunderbird for the Ubuntu\n6.06 LTS release. This update provides the corresponding fixes for\nUbuntu 5.04 and Ubuntu 5.10.\n\nFor reference, these are the details of the original USN :\n\nJonas Sicking discovered that under some circumstances persisted XUL\nattributes are associated with the wrong URL. A malicious website\ncould exploit this to execute arbitrary code with the privileges of\nthe user. (MFSA 2006-35, CVE-2006-2775)\n\nPaul Nickerson discovered that content-defined setters on an\nobject prototype were getting called by privileged UI code.\nIt was demonstrated that this could be exploited to run\narbitrary web script with full user privileges (MFSA\n2006-37, CVE-2006-2776).\n\nMikolaj Habryn discovered a buffer overflow in the\ncrypto.signText() function. By sending an email with\nmalicious JavaScript to an user, and that user enabled\nJavaScript in Thunderbird (which is not the default and not\nrecommended), this could potentially be exploited to execute\narbitrary code with the user's privileges. (MFSA 2006-38,\nCVE-2006-2778)\n\nThe Mozilla developer team discovered several bugs that lead\nto crashes with memory corruption. These might be\nexploitable by malicious websites to execute arbitrary code\nwith the privileges of the user. (MFSA 2006-32,\nCVE-2006-2779, CVE-2006-2780)\n\nMasatoshi Kimura discovered a memory corruption\n(double-free) when processing a large VCard with invalid\nbase64 characters in it. By sending a maliciously crafted\nset of VCards to a user, this could potentially be exploited\nto execute arbitrary code with the user's privileges. (MFSA\n2006-40, CVE-2006-2781)\n\nMasatoshi Kimura found a way to bypass web input sanitizers\nwhich filter out JavaScript. By inserting 'Unicode\nByte-order-Mark (BOM)' characters into the HTML code (e. g.\n'<scr[BOM]ipt>'), these filters might not recognize the tags\nanymore; however, Thunderbird would still execute them since\nBOM markers are filtered out before processing a mail\ncontaining JavaScript. (MFSA 2006-42, CVE-2006-2783)\n\nKazuho Oku discovered various ways to perform HTTP response\nsmuggling when used with certain proxy servers. Due to\ndifferent interpretation of nonstandard HTTP headers in\nThunderbird and the proxy server, a malicious HTML email can\nexploit this to send back two responses to one request. The\nsecond response could be used to steal login cookies or\nother sensitive data from another opened web site. (MFSA\n2006-33, CVE-2006-2786)\n\nIt was discovered that JavaScript run via EvalInSandbox()\ncan escape the sandbox. Malicious scripts received in emails\ncontaining JavaScript could use these privileges to execute\narbitrary code with the user's privileges. (MFSA 2006-31,\nCVE-2006-2787).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(94, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-offline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-typeaheadfind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/06/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2006-2018 Canonical, Inc. / NASL script (C) 2007-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(5\\.04|5\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 5.04 / 5.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"5.04\", pkgname:\"mozilla-thunderbird\", pkgver:\"1.0.8-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"mozilla-thunderbird-dev\", pkgver:\"1.0.8-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"mozilla-thunderbird-inspector\", pkgver:\"1.0.8-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"mozilla-thunderbird-offline\", pkgver:\"1.0.8-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"mozilla-thunderbird-typeaheadfind\", pkgver:\"1.0.8-0ubuntu05.04.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla-thunderbird\", pkgver:\"1.0.8-0ubuntu05.10.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla-thunderbird-dev\", pkgver:\"1.0.8-0ubuntu05.10.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla-thunderbird-inspector\", pkgver:\"1.0.8-0ubuntu05.10.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla-thunderbird-offline\", pkgver:\"1.0.8-0ubuntu05.10.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla-thunderbird-typeaheadfind\", pkgver:\"1.0.8-0ubuntu05.10.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mozilla-thunderbird / mozilla-thunderbird-dev / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2019-01-29T20:32:56", "bulletinFamily": "unix", "description": "Jonas Sicking discovered that under some circumstances persisted XUL attributes are associated with the wrong URL. A malicious web site could exploit this to execute arbitrary code with the privileges of the user. (MFSA 2006-35, CVE-2006-2775)\n\nPaul Nickerson discovered that content-defined setters on an object prototype were getting called by privileged UI code. It was demonstrated that this could be exploited to run arbitrary web script with full user privileges (MFSA 2006-37, CVE-2006-2776).\n\nMikolaj Habryn discovered a buffer overflow in the crypto.signText() function. By sending an email with malicious JavaScript to an user, and that user enabled JavaScript in Thunderbird (which is not the default and not recommended), this could potentially be exploited to execute arbitrary code with the user\u2019s privileges. (MFSA 2006-38, CVE-2006-2778)\n\nThe Mozilla developer team discovered several bugs that lead to crashes with memory corruption. These might be exploitable by malicious web sites to execute arbitrary code with the privileges of the user. (MFSA 2006-32, CVE-2006-2779, CVE-2006-2780)\n\nMasatoshi Kimura discovered a memory corruption (double-free) when processing a large VCard with invalid base64 characters in it. By sending a maliciously crafted set of VCards to a user, this could potentially be exploited to execute arbitrary code with the user\u2019s privileges. (MFSA 2006-40, CVE-2006-2781)\n\nMasatoshi Kimura found a way to bypass web input sanitizers which filter out JavaScript. By inserting \u2018Unicode Byte-order-Mark (BOM)\u2019 characters into the HTML code (e. g. \u2018<scr[BOM]ipt>\u2019), these filters might not recognize the tags anymore; however, Thunderbird would still execute them since BOM markers are filtered out before processing a mail containing JavaScript. (MFSA 2006-42, CVE-2006-2783)\n\nKazuho Oku discovered various ways to perform HTTP response smuggling when used with certain proxy servers. Due to different interpretation of nonstandard HTTP headers in Thunderbird and the proxy server, a malicious HTML email can exploit this to send back two responses to one request. The second response could be used to steal login cookies or other sensitive data from another opened web site. (MFSA 2006-33, CVE-2006-2786)\n\nIt was discovered that JavaScript run via EvalInSandbox() can escape the sandbox. Malicious scripts received in emails containing JavaScript could use these privileges to execute arbitrary code with the user\u2019s privileges. (MFSA 2006-31, CVE-2006-2787)\n\nThe \u201cenigmail\u201d plugin has been updated to work with the new Thunderbird version.", "modified": "2006-06-14T00:00:00", "published": "2006-06-14T00:00:00", "id": "USN-297-1", "href": "https://usn.ubuntu.com/297-1/", "title": "Thunderbird vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-29T20:31:50", "bulletinFamily": "unix", "description": "USN-296-1 fixed several vulnerabilities in Firefox for the Ubuntu 6.06 LTS release. This update provides the corresponding fixes for Ubuntu 5.04 and Ubuntu 5.10.\n\nFor reference, these are the details of the original USN:\n\nJonas Sicking discovered that under some circumstances persisted XUL attributes are associated with the wrong URL. A malicious web site could exploit this to execute arbitrary code with the privileges of the user. (MFSA 2006-35, CVE-2006-2775)\n\nPaul Nickerson discovered that content-defined setters on an object prototype were getting called by privileged UI code. It was demonstrated that this could be exploited to run arbitrary web script with full user privileges (MFSA 2006-37, CVE-2006-2776). A similar attack was discovered by moz_bug_r_a4 that leveraged SelectionObject notifications that were called in privileged context. (MFSA 2006-43, CVE-2006-2777)\n\nMikolaj Habryn discovered a buffer overflow in the crypto.signText() function. By tricking a user to visit a site with an SSL certificate with specially crafted optional Certificate Authority name arguments, this could potentially be exploited to execute arbitrary code with the user\u2019s privileges. (MFSA 2006-38, CVE-2006-2778)\n\nThe Mozilla developer team discovered several bugs that lead to crashes with memory corruption. These might be exploitable by malicious web sites to execute arbitrary code with the privileges of the user. (MFSA 2006-32, CVE-2006-2779, CVE-2006-2780, CVE-2006-2788)\n\nChuck McAuley reported that the fix for CVE-2006-1729 (file stealing by changing input type) was not sufficient to prevent all variants of exploitation. (MFSA 2006-41, CVE-2006-2782)\n\nMasatoshi Kimura found a way to bypass web input sanitizers which filter out JavaScript. By inserting \u2018Unicode Byte-order-Mark (BOM)\u2019 characters into the HTML code (e. g. \u2018<scr[BOM]ipt>\u2019), these filters might not recognize the tags anymore; however, Firefox would still execute them since BOM markers are filtered out before processing the page. (MFSA 2006-42, CVE-2006-2783)\n\nPaul Nickerson noticed that the fix for CVE-2005-0752 (JavaScript privilege escalation on the plugins page) was not sufficient to prevent all variants of exploitation. (MFSA 2006-36, CVE-2006-2784)\n\nPaul Nickerson demonstrated that if an attacker could convince a user to right-click on a broken image and choose \u201cView Image\u201d from the context menu then he could get JavaScript to run on a site of the attacker\u2019s choosing. This could be used to steal login cookies or other confidential information from the target site. (MFSA 2006-34, CVE-2006-2785)\n\nKazuho Oku discovered various ways to perform HTTP response smuggling when used with certain proxy servers. Due to different interpretation of nonstandard HTTP headers in Firefox and the proxy server, a malicious web site can exploit this to send back two responses to one request. The second response could be used to steal login cookies or other sensitive data from another opened web site. (MFSA 2006-33, CVE-2006-2786)", "modified": "2006-07-25T00:00:00", "published": "2006-07-25T00:00:00", "id": "USN-296-2", "href": "https://usn.ubuntu.com/296-2/", "title": "Firefox vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-29T20:34:16", "bulletinFamily": "unix", "description": "USN-297-1 fixed several vulnerabilities in Thunderbird for the Ubuntu 6.06 LTS release. This update provides the corresponding fixes for Ubuntu 5.04 and Ubuntu 5.10.\n\nFor reference, these are the details of the original USN:\n\nJonas Sicking discovered that under some circumstances persisted XUL attributes are associated with the wrong URL. A malicious web site could exploit this to execute arbitrary code with the privileges of the user. (MFSA 2006-35, CVE-2006-2775)\n\nPaul Nickerson discovered that content-defined setters on an object prototype were getting called by privileged UI code. It was demonstrated that this could be exploited to run arbitrary web script with full user privileges (MFSA 2006-37, CVE-2006-2776).\n\nMikolaj Habryn discovered a buffer overflow in the crypto.signText() function. By sending an email with malicious JavaScript to an user, and that user enabled JavaScript in Thunderbird (which is not the default and not recommended), this could potentially be exploited to execute arbitrary code with the user\u2019s privileges. (MFSA 2006-38, CVE-2006-2778)\n\nThe Mozilla developer team discovered several bugs that lead to crashes with memory corruption. These might be exploitable by malicious web sites to execute arbitrary code with the privileges of the user. (MFSA 2006-32, CVE-2006-2779, CVE-2006-2780)\n\nMasatoshi Kimura discovered a memory corruption (double-free) when processing a large VCard with invalid base64 characters in it. By sending a maliciously crafted set of VCards to a user, this could potentially be exploited to execute arbitrary code with the user\u2019s privileges. (MFSA 2006-40, CVE-2006-2781)\n\nMasatoshi Kimura found a way to bypass web input sanitizers which filter out JavaScript. By inserting \u2018Unicode Byte-order-Mark (BOM)\u2019 characters into the HTML code (e. g. \u2018<scr[BOM]ipt>\u2019), these filters might not recognize the tags anymore; however, Thunderbird would still execute them since BOM markers are filtered out before processing a mail containing JavaScript. (MFSA 2006-42, CVE-2006-2783)\n\nKazuho Oku discovered various ways to perform HTTP response smuggling when used with certain proxy servers. Due to different interpretation of nonstandard HTTP headers in Thunderbird and the proxy server, a malicious HTML email can exploit this to send back two responses to one request. The second response could be used to steal login cookies or other sensitive data from another opened web site. (MFSA 2006-33, CVE-2006-2786)\n\nIt was discovered that JavaScript run via EvalInSandbox() can escape the sandbox. Malicious scripts received in emails containing JavaScript could use these privileges to execute arbitrary code with the user\u2019s privileges. (MFSA 2006-31, CVE-2006-2787)", "modified": "2006-07-26T00:00:00", "published": "2006-07-26T00:00:00", "id": "USN-297-3", "href": "https://usn.ubuntu.com/297-3/", "title": "Thunderbird vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-29T20:31:48", "bulletinFamily": "unix", "description": "Jonas Sicking discovered that under some circumstances persisted XUL attributes are associated with the wrong URL. A malicious web site could exploit this to execute arbitrary code with the privileges of the user. (MFSA 2006-35, CVE-2006-2775)\n\nPaul Nickerson discovered that content-defined setters on an object prototype were getting called by privileged UI code. It was demonstrated that this could be exploited to run arbitrary web script with full user privileges (MFSA 2006-37, CVE-2006-2776). A similar attack was discovered by moz_bug_r_a4 that leveraged SelectionObject notifications that were called in privileged context. (MFSA 2006-43, CVE-2006-2777)\n\nMikolaj Habryn discovered a buffer overflow in the crypto.signText() function. By tricking a user to visit a site with an SSL certificate with specially crafted optional Certificate Authority name arguments, this could potentially be exploited to execute arbitrary code with the user\u2019s privileges. (MFSA 2006-38, CVE-2006-2778)\n\nThe Mozilla developer team discovered several bugs that lead to crashes with memory corruption. These might be exploitable by malicious web sites to execute arbitrary code with the privileges of the user. (MFSA 2006-32, CVE-2006-2779, CVE-2006-2780, CVE-2006-2788)\n\nChuck McAuley reported that the fix for CVE-2006-1729 (file stealing by changing input type) was not sufficient to prevent all variants of exploitation. (MFSA 2006-41, CVE-2006-2782)\n\nMasatoshi Kimura found a way to bypass web input sanitizers which filter out JavaScript. By inserting \u2018Unicode Byte-order-Mark (BOM)\u2019 characters into the HTML code (e. g. \u2018<scr[BOM]ipt>\u2019), these filters might not recognize the tags anymore; however, Firefox would still execute them since BOM markers are filtered out before processing the page. (MFSA 2006-42, CVE-2006-2783)\n\nPaul Nickerson noticed that the fix for CVE-2005-0752 (JavaScript privilege escalation on the plugins page) was not sufficient to prevent all variants of exploitation. (MFSA 2006-36, CVE-2006-2784)\n\nPaul Nickerson demonstrated that if an attacker could convince a user to right-click on a broken image and choose \u201cView Image\u201d from the context menu then he could get JavaScript to run on a site of the attacker\u2019s choosing. This could be used to steal login cookies or other confidential information from the target site. (MFSA 2006-34, CVE-2006-2785)\n\nKazuho Oku discovered various ways to perform HTTP response smuggling when used with certain proxy servers. Due to different interpretation of nonstandard HTTP headers in Firefox and the proxy server, a malicious web site can exploit this to send back two responses to one request. The second response could be used to steal login cookies or other sensitive data from another opened web site. (MFSA 2006-33, CVE-2006-2786)", "modified": "2006-06-09T00:00:00", "published": "2006-06-09T00:00:00", "id": "USN-296-1", "href": "https://usn.ubuntu.com/296-1/", "title": "firefox vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:51", "bulletinFamily": "unix", "description": "### Background\n\nMozilla Firefox is the next-generation web browser from the Mozilla project. \n\n### Description\n\nA number of vulnerabilities were found and fixed in Mozilla Firefox. For details please consult the references below. \n\n### Impact\n\nBy enticing the user to visit a malicious website, a remote attacker can inject arbitrary HTML and JavaScript Code into the user's browser, execute JavaScript code with elevated privileges and possibly execute arbitrary code with the permissions of the user running the application. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Mozilla Firefox users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/mozilla-firefox-1.5.0.4\"\n\nAll Mozilla Firefox binary users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/mozilla-firefox-bin-1.5.0.4\"\n\nNote: There is no stable fixed version for the Alpha architecture yet. Users of Mozilla Firefox on Alpha should consider unmerging it until such a version is available.", "modified": "2006-06-11T00:00:00", "published": "2006-06-11T00:00:00", "id": "GLSA-200606-12", "href": "https://security.gentoo.org/glsa/200606-12", "type": "gentoo", "title": "Mozilla Firefox: Multiple vulnerabilities", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-06T19:46:49", "bulletinFamily": "unix", "description": "### Background\n\nMozilla Thunderbird is the next-generation mail client from the Mozilla project. \n\n### Description\n\nSeveral vulnerabilities were found and fixed in Mozilla Thunderbird. For details, please consult the references below. \n\n### Impact\n\nA remote attacker could craft malicious emails that would leverage these issues to inject and execute arbitrary script code with elevated privileges, spoof content, and possibly execute arbitrary code with the rights of the user running the application. \n\n### Workaround\n\nThere are no known workarounds for all the issues at this time. \n\n### Resolution\n\nAll Mozilla Thunderbird users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=mail-client/mozilla-thunderbird-1.5.0.4\"\n\nAll Mozilla Thunderbird binary users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=mail-client/mozilla-thunderbird-bin-1.5.0.4\"\n\nNote: There is no stable fixed version for the Alpha architecture yet. Users of Mozilla Thunderbird on Alpha should consider unmerging it until such a version is available.", "modified": "2006-06-19T00:00:00", "published": "2006-06-19T00:00:00", "id": "GLSA-200606-21", "href": "https://security.gentoo.org/glsa/200606-21", "type": "gentoo", "title": "Mozilla Thunderbird: Multiple vulnerabilities", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-16T22:13:08", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1118-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJuly 22nd, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : mozilla\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE IDs : CVE-2006-1942 CVE-2006-2775 CVE-2006-2776 CVE-2006-2777\n CVE-2006-2778 CVE-2006-2779 CVE-2006-2780 CVE-2006-2781\n CVE-2006-2782 CVE-2006-2783 CVE-2006-2784 CVE-2006-2785\n CVE-2006-2786 CVE-2006-2787\nCERT advisories: VU#237257 VU#243153 VU#421529 VU#466673 VU#575969\nBugTraq ID : 18228\n\nSeveral security related problems have been discovered in Mozilla.\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing vulnerabilities:\n\nCVE-2006-1942\n\n Eric Foley discovered that a user can be tricked to expose a local\n file to a remote attacker by displaying a local file as image in\n connection with other vulnerabilities. [MFSA-2006-39]\n\nCVE-2006-2775\n\n XUL attributes are associated with the wrong URL under certain\n circumstances, which might allow remote attackers to bypass\n restrictions. [MFSA-2006-35]\n\nCVE-2006-2776\n\n Paul Nickerson discovered that content-defined setters on an\n object prototype were getting called by privileged user interface\n code, and "moz_bug_r_a4" demonstrated that the higher privilege\n level could be passed along to the content-defined attack code.\n [MFSA-2006-37]\n\nCVE-2006-2777\n\n A vulnerability allows remote attackers to execute arbitrary code\n and create notifications that are executed in a privileged\n context. [MFSA-2006-43]\n\nCVE-2006-2778\n\n Mikolaj Habryn a buffer overflow in the crypto.signText function\n that allows remote attackers to execute arbitrary code via certain\n optional Certificate Authority name arguments. [MFSA-2006-38]\n\nCVE-2006-2779\n\n Mozilla team members discovered several crashes during testing of\n the browser engine showing evidence of memory corruption which may\n also lead to the execution of arbitrary code. This problem has\n only partially been corrected. [MFSA-2006-32]\n\nCVE-2006-2780\n\n An integer overflow allows remote attackers to cause a denial of\n service and may permit the execution of arbitrary code.\n [MFSA-2006-32]\n\nCVE-2006-2781\n\n Masatoshi Kimura discovered a double-free vulnerability that\n allows remote attackers to cause a denial of service and possibly\n execute arbitrary code via a VCard. [MFSA-2006-40]\n\nCVE-2006-2782\n\n Chuck McAuley discovered that a text input box can be pre-filled\n with a filename and then turned into a file-upload control,\n allowing a malicious website to steal any local file whose name\n they can guess. [MFSA-2006-41, MFSA-2006-23, CVE-2006-1729]\n\nCVE-2006-2783\n\n Masatoshi Kimura discovered that the Unicode Byte-order-Mark (BOM)\n is stripped from UTF-8 pages during the conversion to Unicode\n before the parser sees the web page, which allows remote attackers\n to conduct cross-site scripting (XSS) attacks. [MFSA-2006-42]\n\nCVE-2006-2784\n\n Paul Nickerson discovered that the fix for CAN-2005-0752 can be\n bypassed using nested javascript: URLs, allowing the attacker to\n execute privileged code. [MFSA-2005-34, MFSA-2006-36]\n\nCVE-2006-2785\n\n Paul Nickerson demonstrated that if an attacker could convince a\n user to right-click on a broken image and choose "View Image" from\n the context menu then he could get JavaScript to\n run. [MFSA-2006-34]\n\nCVE-2006-2786\n\n Kazuho Oku discovered that Mozilla's lenient handling of HTTP\n header syntax may allow remote attackers to trick the browser to\n interpret certain responses as if they were responses from two\n different sites. [MFSA-2006-33]\n\nCVE-2006-2787\n\n The Mozilla researcher "moz_bug_r_a4" discovered that JavaScript\n run via EvalInSandbox can escape the sandbox and gain elevated\n privilege. [MFSA-2006-31]\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 1.7.8-1sarge7.1\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.7.13-0.3.\n\nWe recommend that you upgrade your Mozilla packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1.dsc\n Size/MD5 checksum: 1127 473562c669e27793809fd76034b5e9de\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1.diff.gz\n Size/MD5 checksum: 498361 6d4f73fb299451760cbf05974d36753a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8.orig.tar.gz\n Size/MD5 checksum: 30589520 13c0f0331617748426679e8f2e9f537a\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_alpha.deb\n Size/MD5 checksum: 168076 9478bc76f4c4dac2cfa1adc51c599e71\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_alpha.deb\n Size/MD5 checksum: 147050 34ab8e06aeb3d46f150b0099a29b8c2b\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_alpha.deb\n Size/MD5 checksum: 184960 ec9526c058ec2a9629fa16a2c7b0f286\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_alpha.deb\n Size/MD5 checksum: 856618 515d873622c67d0cf1b155f85187935c\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_alpha.deb\n Size/MD5 checksum: 1040 a12e4c5754cf581aa6aab5dd4a1388ec\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_alpha.deb\n Size/MD5 checksum: 11481282 52de66676dea443b4426cb0e24703a57\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_alpha.deb\n Size/MD5 checksum: 403306 efe2822cd3109126a096e4c19bb61f6e\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_alpha.deb\n Size/MD5 checksum: 158336 490cc71ffff457bd6f600ef3d7ab9b4b\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_alpha.deb\n Size/MD5 checksum: 3358246 5bf68f7988b64ef4175768d92829dccc\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_alpha.deb\n Size/MD5 checksum: 122294 6c36e2cec285b6ec28b3115aaa8cfdb1\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_alpha.deb\n Size/MD5 checksum: 204170 d02d474bf40b4a0adc41e58cbb0f71aa\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_alpha.deb\n Size/MD5 checksum: 1937112 be8a8005f99506a3e9188672c3f70e57\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_alpha.deb\n Size/MD5 checksum: 212298 96d4c738772a42501805fd1cfb2a6336\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_amd64.deb\n Size/MD5 checksum: 168070 841b4f6d14d55a8e37ea9fe2d4b8508b\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_amd64.deb\n Size/MD5 checksum: 146154 b17bbe57b0a30c4698f5c883984d552e\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_amd64.deb\n Size/MD5 checksum: 184950 342427477e9db97c2d663a3b7620c1ea\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_amd64.deb\n Size/MD5 checksum: 714978 bbf6e26c728df94a6bdb8e19b22dae5b\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_amd64.deb\n Size/MD5 checksum: 1036 4f0379f9ae6b0edf6eb5fbf4977f9d6e\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_amd64.deb\n Size/MD5 checksum: 10946160 f7e344cd5bbcc6f1d06b314be572ffd2\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_amd64.deb\n Size/MD5 checksum: 403294 675c774981cadd3d695cc7fa498d2046\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_amd64.deb\n Size/MD5 checksum: 158330 387195d0b8a6fd9acf4b1a2c8d0d70d8\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_amd64.deb\n Size/MD5 checksum: 3352180 f896a49299904f8082ccc96ff85ac40e\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_amd64.deb\n Size/MD5 checksum: 121192 df4ef46b4940ecd65ae9cdc140cca1bf\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_amd64.deb\n Size/MD5 checksum: 204170 cdd080115be04ac72473181ce622caf1\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_amd64.deb\n Size/MD5 checksum: 1936006 002755bffa9cbb1a943a4a81d04f362b\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_amd64.deb\n Size/MD5 checksum: 204400 61fe98f12d92139d157dd672ca6513c8\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_arm.deb\n Size/MD5 checksum: 168074 1de16d4b8435fe420a7883dc7d51c910\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_arm.deb\n Size/MD5 checksum: 124492 d138a37a746f6fa32bd574f34fdaaefe\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_arm.deb\n Size/MD5 checksum: 184960 30851d8827b6061465d370ba42d4ccff\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_arm.deb\n Size/MD5 checksum: 632198 79ce23ade76fcc6cb789053d801c904f\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_arm.deb\n Size/MD5 checksum: 1036 e0a0373f1cdf7ecf8f176bbbc4e23d18\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_arm.deb\n Size/MD5 checksum: 9212808 1dbb7f756a25a96e9057ef8f96d05805\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_arm.deb\n Size/MD5 checksum: 403314 07dad23f621d6e3be785ba0fb5a29763\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_arm.deb\n Size/MD5 checksum: 158366 176eede20a70a9ac2a61282b7bc45b01\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_arm.deb\n Size/MD5 checksum: 3341712 0904389fef700da0f4664d4bceb28717\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_arm.deb\n Size/MD5 checksum: 112672 8797efa5f068220b587eaac7818cccdc\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_arm.deb\n Size/MD5 checksum: 204178 75382868b592a542b00e6b6441591a3b\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_arm.deb\n Size/MD5 checksum: 1604452 34e908e017cf40549741c227acc78b50\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_arm.deb\n Size/MD5 checksum: 168866 ed9894b18f51f745750ad28fa47aba1f\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_i386.deb\n Size/MD5 checksum: 170346 5956d005059fd107818f8035fa9ffbf2\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_i386.deb\n Size/MD5 checksum: 136984 5a5c0d8e7e0614ee02c182983e8d8656\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_i386.deb\n Size/MD5 checksum: 187138 74f8739619d8ae81b1fe30d0668b8a58\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_i386.deb\n Size/MD5 checksum: 661744 74ebef87c001e89d4a2e8d45c9910e13\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_i386.deb\n Size/MD5 checksum: 1032 8f01d06ab6028c5b908dd5594e1d1c14\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_i386.deb\n Size/MD5 checksum: 10336772 e281b8fb2b04eb6f788654557efb8f94\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_i386.deb\n Size/MD5 checksum: 403504 5db7402ffdb5b6523fa43d1c89944907\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_i386.deb\n Size/MD5 checksum: 158352 a8a7f9c96a21287704a76ff3e5455335\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_i386.deb\n Size/MD5 checksum: 3594164 db6a4633ec5db81ce6e0bd1d9bf95193\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_i386.deb\n Size/MD5 checksum: 116702 fade783b8720425b0f05004c6d9632ef\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_i386.deb\n Size/MD5 checksum: 204170 e173db0beb2598ea64ac80262b8043e4\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_i386.deb\n Size/MD5 checksum: 1816096 10fd0769547b8342fcf833182c66f7cd\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_i386.deb\n Size/MD5 checksum: 192634 9f757a02bfa0e741b4d131191ac3bed1\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_ia64.deb\n Size/MD5 checksum: 168076 7caf0acd02827f3259cc523d24882267\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_ia64.deb\n Size/MD5 checksum: 174472 c8fbf63229bf8f13e1e51419a917da78\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_ia64.deb\n Size/MD5 checksum: 184950 8305ace7fb5c15b17da7cbd94ac114be\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_ia64.deb\n Size/MD5 checksum: 966902 6f09c27be295615d6724ec4e82c8682c\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_ia64.deb\n Size/MD5 checksum: 1036 8d0589021091a859a4fe1a8784cf2b84\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_ia64.deb\n Size/MD5 checksum: 12948914 25e2e3b61f3212b5e69fb8db376dea1c\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_ia64.deb\n Size/MD5 checksum: 403298 00cd58b07f32fb9b33cdf3f9138ff48d\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_ia64.deb\n Size/MD5 checksum: 158334 c03b2a84ab5db4574bce186a934bb61c\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_ia64.deb\n Size/MD5 checksum: 3377948 0ae22412a7c6766cc74b84578f029da0\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_ia64.deb\n Size/MD5 checksum: 125598 a853f9be2fef52df2b7537a56a4762ca\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_ia64.deb\n Size/MD5 checksum: 204160 d6c4e9801cb584fa974ec2843d4e7dde\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_ia64.deb\n Size/MD5 checksum: 2302302 8d6e65e606882e9a9f29eae5ecdc0505\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_ia64.deb\n Size/MD5 checksum: 242684 1c59d2b14cf73625549222c27feec305\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_hppa.deb\n Size/MD5 checksum: 168076 5626cf0a12a7d9993ab65840ac71b2e4\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_hppa.deb\n Size/MD5 checksum: 157080 ae8769ba33d1f7b1c55db5af74322108\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_hppa.deb\n Size/MD5 checksum: 184966 653cf87074a4392f1103f333b8f385a4\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_hppa.deb\n Size/MD5 checksum: 754910 5c54ed3f028d4fca725c43f17aac7472\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_hppa.deb\n Size/MD5 checksum: 1038 b21e02e210697770a13094757afdb343\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_hppa.deb\n Size/MD5 checksum: 12164938 0710346051d9d6217a938faf1a6c3a5e\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_hppa.deb\n Size/MD5 checksum: 403280 dec179a4a47c40e21b74e1015655a47a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_hppa.deb\n Size/MD5 checksum: 158346 0fbead0b5adfaf58475f3308ad5c7825\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_hppa.deb\n Size/MD5 checksum: 3358624 8c0cbf705f20e694222dc2a2e558bf25\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_hppa.deb\n Size/MD5 checksum: 123514 7d29aa30c3c525bfb3674200d0853f60\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_hppa.deb\n Size/MD5 checksum: 204152 5f27c072d2b0cf7a88362b0ca86aa91f\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_hppa.deb\n Size/MD5 checksum: 2135198 ca8cf38363e6fa41e3c58e0f6813bcec\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_hppa.deb\n Size/MD5 checksum: 216176 dbf6f4e0538358e675fafb2215215ddb\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_m68k.deb\n Size/MD5 checksum: 168090 2f9923cada81ee2792194134d5c8766c\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_m68k.deb\n Size/MD5 checksum: 126174 a2d29b886d583dfeaecaf9140a98cbb1\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_m68k.deb\n Size/MD5 checksum: 184976 07788d7940bceb772ee38b639fa06c90\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_m68k.deb\n Size/MD5 checksum: 600262 57d23c1825ce20d9fdc7ed3c935e4822\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_m68k.deb\n Size/MD5 checksum: 1044 6865b570c621d2715d90d55e72c18686\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_m68k.deb\n Size/MD5 checksum: 9707812 039664d92d6585080245e56b31a495bc\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_m68k.deb\n Size/MD5 checksum: 403372 80f8ea392f13f4a8615281ad17b45345\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_m68k.deb\n Size/MD5 checksum: 158396 e11aa75979022c10ff540e9cca7da37e\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_m68k.deb\n Size/MD5 checksum: 3336888 253879215a28c9c1611e1eab36739c69\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_m68k.deb\n Size/MD5 checksum: 114490 e32e9948e3e8df554e2314c7e7851c86\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_m68k.deb\n Size/MD5 checksum: 204220 56d85ed9b0439792035300fe5c3745e9\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_m68k.deb\n Size/MD5 checksum: 1683110 5392bc875f07ce277f17a08558223d76\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_m68k.deb\n Size/MD5 checksum: 174758 bd3bb602538e94bb672b67c80056aa51\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_mips.deb\n Size/MD5 checksum: 168078 b716653d10d25308e460c0d15ce8c249\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_mips.deb\n Size/MD5 checksum: 141006 e192f8087b16f7e17257aa63394def8f\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_mips.deb\n Size/MD5 checksum: 184962 d2d6aaad54ee894ed00c678a856cd292\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_mips.deb\n Size/MD5 checksum: 725986 e57f99d19cc017d3273eaa632cef1359\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_mips.deb\n Size/MD5 checksum: 1040 2574a4694290c9c0b66900214389d13a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_mips.deb\n Size/MD5 checksum: 10729826 577b9c004ce4078826f9085cfef3f1b7\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_mips.deb\n Size/MD5 checksum: 403284 e32ea6716c0102cbd6e7c2c738239555\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_mips.deb\n Size/MD5 checksum: 158342 ac17f1b907adddaae579376411860fe6\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_mips.deb\n Size/MD5 checksum: 3358078 c03e05906c6da5b7f06c8adfb9bf1bb5\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_mips.deb\n Size/MD5 checksum: 117626 027b87aceadf873cadd52f5b5a6cdad2\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_mips.deb\n Size/MD5 checksum: 204166 04db7ee6b1bcc0a7e286bd7aed2a46af\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_mips.deb\n Size/MD5 checksum: 1795496 43c24c3da475b571baee65e6f97b3b72\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_mips.deb\n Size/MD5 checksum: 189876 4515f5447d4d74104bac1b98a21741a9\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_mipsel.deb\n Size/MD5 checksum: 168080 6b20701ae2005724d525421407997b34\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_mipsel.deb\n Size/MD5 checksum: 140964 20d773802c88e422796b2b0d8657f269\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_mipsel.deb\n Size/MD5 checksum: 184956 e696e6afa300237c1fe8bf9d24c25341\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_mipsel.deb\n Size/MD5 checksum: 715454 ba7d908f470f0fe10912263bd88ffe27\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_mipsel.deb\n Size/MD5 checksum: 1042 e660b635921248505a19c5bc4ad57698\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_mipsel.deb\n Size/MD5 checksum: 10606956 9c45e8272bec9b1e40d18a577283d270\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_mipsel.deb\n Size/MD5 checksum: 403302 fc7449f1c1aca3e3beb41743d5ddce15\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_mipsel.deb\n Size/MD5 checksum: 158342 b357c21424e98e72a150cdc7ef285f36\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_mipsel.deb\n Size/MD5 checksum: 3358814 9384ee1ae88d0ce5bfb9cf7419cf1fc4\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_mipsel.deb\n Size/MD5 checksum: 117192 6cee62bb29d207039072c1f66b15693d\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_mipsel.deb\n Size/MD5 checksum: 204166 02d9a75229f18b8222cbde0809763968\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_mipsel.deb\n Size/MD5 checksum: 1777564 812da33649005f3e9c602b92e5198d0f\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_mipsel.deb\n Size/MD5 checksum: 187450 50a81db8d3f8fb747b9641ebab1e44c2\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_powerpc.deb\n Size/MD5 checksum: 168076 3ec22b357709447796939d749ee01918\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_powerpc.deb\n Size/MD5 checksum: 131506 b23d3cb1d96dd102ea8e1a317611d9cf\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_powerpc.deb\n Size/MD5 checksum: 184962 47e118b6e43ab5dd68edaaebb61a14a5\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_powerpc.deb\n Size/MD5 checksum: 719212 2eb46acfdb0984316af95544d2a26586\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_powerpc.deb\n Size/MD5 checksum: 1040 da38d40720821ab284ff921f8d14ac7b\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_powerpc.deb\n Size/MD5 checksum: 9706108 c273d7531e0510262497b2b665025009\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_powerpc.deb\n Size/MD5 checksum: 403278 909516b0d9bfbc46f3c0dd438bb02c29\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_powerpc.deb\n Size/MD5 checksum: 158338 2de3e64ff4391b9db98838fac617dbf6\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_powerpc.deb\n Size/MD5 checksum: 3340554 4253026847bdceca40ba1f7f8a77150a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_powerpc.deb\n Size/MD5 checksum: 114590 cf73e13daee899efb5d6cefb3e85c461\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_powerpc.deb\n Size/MD5 checksum: 204148 3de97db7ab79ee5b688b62dc1132859c\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_powerpc.deb\n Size/MD5 checksum: 1643042 52b9f55a9507da86f34ebda24e25ec12\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_powerpc.deb\n Size/MD5 checksum: 175652 d7538c95e4ea1efaf76737a24b5e0388\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_s390.deb\n Size/MD5 checksum: 168070 97ce8fcc52d581aa9608dbc327abbe8b\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_s390.deb\n Size/MD5 checksum: 156822 008799a0d79ca556d878a20b96028354\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_s390.deb\n Size/MD5 checksum: 184962 a3241679a42c7f8fe899e34ae7516981\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_s390.deb\n Size/MD5 checksum: 799202 fbbf02a9624d975a1eaafdfaf025f885\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_s390.deb\n Size/MD5 checksum: 1042 12f767e93775437d702d9ea31bed575c\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_s390.deb\n Size/MD5 checksum: 11330344 442b98dd32a88fd33efa22d5d13bdd3e\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_s390.deb\n Size/MD5 checksum: 403320 aa21f60bfc070223d8a6f5c78c4b0faf\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_s390.deb\n Size/MD5 checksum: 158350 b0981f49d6b5639a4712e2a115599d6b\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_s390.deb\n Size/MD5 checksum: 3353136 4576af9688c6fc5b4e7fe64deb11aead\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_s390.deb\n Size/MD5 checksum: 121352 1c1672d0d0f3752a0195ee1ff33d8ec4\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_s390.deb\n Size/MD5 checksum: 204158 a0a82c9fa992b839aaf60f9484fd9bc8\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_s390.deb\n Size/MD5 checksum: 1944746 432f3f0fb2e1a429a51ddda422cc21cc\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_s390.deb\n Size/MD5 checksum: 213482 f8bc5f9fa1e79b26ba22bb891e5b9b46\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_sparc.deb\n Size/MD5 checksum: 168082 98bec9b3ad75652b9fa7f0c425a2deb2\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_sparc.deb\n Size/MD5 checksum: 128722 9947038f2936e62834bfdd1b2672d497\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_sparc.deb\n Size/MD5 checksum: 184962 4ffe137e0baebd3335718ac6936ca52b\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.1_sparc.deb\n Size/MD5 checksum: 673000 696296101aefad3cdc6e41c39320f85a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.1_sparc.deb\n Size/MD5 checksum: 1038 e1e482e36d09311de2fb0416e068e070\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_sparc.deb\n Size/MD5 checksum: 9376650 7b791062063db30e3a2f25436f410c01\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_sparc.deb\n Size/MD5 checksum: 403280 15a8a8616423b988387abcf2a3089b93\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_sparc.deb\n Size/MD5 checksum: 158336 2481b4d5956c4219f33a5c29d3125ed3\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_sparc.deb\n Size/MD5 checksum: 3341556 4765e3947b3045730fb35f128ec8b30c\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_sparc.deb\n Size/MD5 checksum: 112532 8b9d8d6fb0469b333837653684508c68\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_sparc.deb\n Size/MD5 checksum: 204158 a46509b3f314a48cf5d0365dd999688a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_sparc.deb\n Size/MD5 checksum: 1583728 57ca973e877b3a718e5534537c94e468\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_sparc.deb\n Size/MD5 checksum: 168012 2a402caa207ced1ede92416141a37ab9\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2006-07-22T00:00:00", "published": "2006-07-22T00:00:00", "id": "DEBIAN:DSA-1118-1:EEDF7", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00205.html", "title": "[SECURITY] [DSA 1118-1] New Mozilla packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-16T22:12:56", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1134-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nAugust 2nd, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : mozilla-thunderbird\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE IDs : CVE-2006-1942 CVE-2006-2775 CVE-2006-2776 CVE-2006-2777\n CVE-2006-2778 CVE-2006-2779 CVE-2006-2780 CVE-2006-2781\n CVE-2006-2782 CVE-2006-2783 CVE-2006-2784 CVE-2006-2785\n CVE-2006-2786 CVE-2006-2787\nCERT advisories: VU#237257 VU#243153 VU#421529 VU#466673 VU#575969\nBugTraq ID : 18228\n\nSeveral security related problems have been discovered in Mozilla\nwhich are also present in Mozilla Thunderbird. The Common\nVulnerabilities and Exposures project identifies the following\nvulnerabilities:\n\nCVE-2006-1942\n\n Eric Foley discovered that a user can be tricked to expose a local\n file to a remote attacker by displaying a local file as image in\n connection with other vulnerabilities. [MFSA-2006-39]\n\nCVE-2006-2775\n\n XUL attributes are associated with the wrong URL under certain\n circumstances, which might allow remote attackers to bypass\n restrictions. [MFSA-2006-35]\n\nCVE-2006-2776\n\n Paul Nickerson discovered that content-defined setters on an\n object prototype were getting called by privileged user interface\n code, and "moz_bug_r_a4" demonstrated that the higher privilege\n level could be passed along to the content-defined attack code.\n [MFSA-2006-37]\n\nCVE-2006-2777\n\n A vulnerability allows remote attackers to execute arbitrary code\n and create notifications that are executed in a privileged\n context. [MFSA-2006-43]\n\nCVE-2006-2778\n\n Mikolaj Habryn a buffer overflow in the crypto.signText function\n that allows remote attackers to execute arbitrary code via certain\n optional Certificate Authority name arguments. [MFSA-2006-38]\n\nCVE-2006-2779\n\n Mozilla team members discovered several crashes during testing of\n the browser engine showing evidence of memory corruption which may\n also lead to the execution of arbitrary code. This problem has\n only partially been corrected. [MFSA-2006-32]\n\nCVE-2006-2780\n\n An integer overflow allows remote attackers to cause a denial of\n service and may permit the execution of arbitrary code.\n [MFSA-2006-32]\n\nCVE-2006-2781\n\n Masatoshi Kimura discovered a double-free vulnerability that\n allows remote attackers to cause a denial of service and possibly\n execute arbitrary code via a VCard. [MFSA-2006-40]\n\nCVE-2006-2782\n\n Chuck McAuley discovered that a text input box can be pre-filled\n with a filename and then turned into a file-upload control,\n allowing a malicious website to steal any local file whose name\n they can guess. [MFSA-2006-41, MFSA-2006-23, CVE-2006-1729]\n\nCVE-2006-2783\n\n Masatoshi Kimura discovered that the Unicode Byte-order-Mark (BOM)\n is stripped from UTF-8 pages during the conversion to Unicode\n before the parser sees the web page, which allows remote attackers\n to conduct cross-site scripting (XSS) attacks. [MFSA-2006-42]\n\nCVE-2006-2784\n\n Paul Nickerson discovered that the fix for CAN-2005-0752 can be\n bypassed using nested javascript: URLs, allowing the attacker to\n execute privileged code. [MFSA-2005-34, MFSA-2006-36]\n\nCVE-2006-2785\n\n Paul Nickerson demonstrated that if an attacker could convince a\n user to right-click on a broken image and choose "View Image" from\n the context menu then he could get JavaScript to\n run. [MFSA-2006-34]\n\nCVE-2006-2786\n\n Kazuho Oku discovered that Mozilla's lenient handling of HTTP\n header syntax may allow remote attackers to trick the browser to\n interpret certain responses as if they were responses from two\n different sites. [MFSA-2006-33]\n\nCVE-2006-2787\n\n The Mozilla researcher "moz_bug_r_a4" discovered that JavaScript\n run via EvalInSandbox can escape the sandbox and gain elevated\n privilege. [MFSA-2006-31]\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 1.0.2-2.sarge1.0.8a.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.5.0.4-1 and xulrunner 1.5.0.4-1 for galeon and epiphany.\n\nWe recommend that you upgrade your Mozilla Thunderbird packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a.dsc\n Size/MD5 checksum: 999 a7547d54f6c987d16db915709bc5fe44\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a.diff.gz\n Size/MD5 checksum: 453026 eb2d71ba5d15fe803784950a13a47563\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2.orig.tar.gz\n Size/MD5 checksum: 33288906 806175393a226670aa66060452d31df4\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_alpha.deb\n Size/MD5 checksum: 12842296 fa614356eb934f90ae45fa3ed9dd1539\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_alpha.deb\n Size/MD5 checksum: 3278130 4cb654733bfccea8cd3c0df00b5def8c\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_alpha.deb\n Size/MD5 checksum: 151082 c07a4daabd1c05a637520f9a094dc074\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_alpha.deb\n Size/MD5 checksum: 32502 80579d205020032c49770ce3fc7141f6\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_alpha.deb\n Size/MD5 checksum: 88350 3b3e525e54326e8e2d9af8b69904c3a8\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_amd64.deb\n Size/MD5 checksum: 12251804 deb4396f8cd09c132ff78052ff534f8a\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_amd64.deb\n Size/MD5 checksum: 3279014 7d2f64aba52ea20a7b8cf16a66fff252\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_amd64.deb\n Size/MD5 checksum: 150050 77fdbefdcd0aedbdbccac24e7c81f943\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_amd64.deb\n Size/MD5 checksum: 32488 867701a09fd5bbac7acc1865fbe064b8\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_amd64.deb\n Size/MD5 checksum: 88190 5bdde29214cc86cf4340ed9dd43c68d3\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_arm.deb\n Size/MD5 checksum: 10339868 a60a1c13491b2a0771c8e3517cd25dd8\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_arm.deb\n Size/MD5 checksum: 3270162 22724283f230b50cf6a173520c420fc1\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_arm.deb\n Size/MD5 checksum: 142198 7008892dc0bb9bca14978a7e1f09fde9\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_arm.deb\n Size/MD5 checksum: 32512 3ac5306abd8ecbdd9ba981df3d61db68\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_arm.deb\n Size/MD5 checksum: 80218 5514acae240f08b8a061176131d2fdb8\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_i386.deb\n Size/MD5 checksum: 11565160 23e9aaa2f8f1a62bf43efb7bc815fdcf\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_i386.deb\n Size/MD5 checksum: 3506098 169af4eda4ae283d48a0b1523b05bdd7\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_i386.deb\n Size/MD5 checksum: 145716 e63141ba6a893db986bd0e9cbcc575e9\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_i386.deb\n Size/MD5 checksum: 32480 2d23870e404431d77f83601ec81a7fda\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_i386.deb\n Size/MD5 checksum: 86962 ea63c9a6e99a6895ad7eb1fe70363b22\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_ia64.deb\n Size/MD5 checksum: 14618962 f0ae93cc731f61beb0599fac54445460\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_ia64.deb\n Size/MD5 checksum: 3290490 2d16d23f8042bad1273b992861011349\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_ia64.deb\n Size/MD5 checksum: 154412 1b39804a27f4b7dae90e92d7a39d4bb9\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_ia64.deb\n Size/MD5 checksum: 32490 818339f4a6d9e98182975f9d1a834939\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_ia64.deb\n Size/MD5 checksum: 106058 6b1214ef1b42a53af54389da726fd478\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_hppa.deb\n Size/MD5 checksum: 13561594 b7eb45b4c8829370a58b2d870021024e\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_hppa.deb\n Size/MD5 checksum: 3283714 f65b93a3a73a3dfc62d6f024c259a1db\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_hppa.deb\n Size/MD5 checksum: 152280 06e23e82444cacea77afdc87699f5773\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_hppa.deb\n Size/MD5 checksum: 32496 06a10d18ef8a1bc84b89b3cc50e8cad5\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_hppa.deb\n Size/MD5 checksum: 96308 076063aee6cf91541585b08fdf73a801\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_m68k.deb\n Size/MD5 checksum: 10786352 e5c9c4cb536f92fc2cab024541460b8f\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_m68k.deb\n Size/MD5 checksum: 3269592 909c5464deba45d965f5a0612f04becd\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_m68k.deb\n Size/MD5 checksum: 143968 6e45eef4d3241039abe41a638e9f34df\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_m68k.deb\n Size/MD5 checksum: 32522 494885109459853538c84e47c21635ec\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_m68k.deb\n Size/MD5 checksum: 81442 c978cb34ab778b06385814cd4ad51056\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_mips.deb\n Size/MD5 checksum: 11941536 ddf753469c129bf3fd2681a9bbc5e81a\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_mips.deb\n Size/MD5 checksum: 3277166 1f3efa2d140a400ad98b73ba33f6e35c\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_mips.deb\n Size/MD5 checksum: 146966 a5e221ce8c30ee3a12c1a3d6603c52dd\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_mips.deb\n Size/MD5 checksum: 32496 05e84094b89573c4aafac9b414bb0d34\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_mips.deb\n Size/MD5 checksum: 83704 a1006bc20c63a7d51607cc3249a88677\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_mipsel.deb\n Size/MD5 checksum: 11806560 dccdeef719f40ee45b6ea11a2e1d5675\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_mipsel.deb\n Size/MD5 checksum: 3278332 12657ea860ed91f17750e30458526dc9\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_mipsel.deb\n Size/MD5 checksum: 146522 b528200933d5bcb366959bfb21015b1b\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_mipsel.deb\n Size/MD5 checksum: 32496 5956a48e052e31695346398197734eef\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_mipsel.deb\n Size/MD5 checksum: 83552 a0a0035eadfb314ebd90a21f4e888275\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_powerpc.deb\n Size/MD5 checksum: 10903816 1590ee6c726500d5cb4f037d29e0a8f8\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_powerpc.deb\n Size/MD5 checksum: 3268272 67789b6af42f2b76d578377cc4ff9f3d\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_powerpc.deb\n Size/MD5 checksum: 144024 3617dbb5b65f5c1d4317b09626f0be5f\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_powerpc.deb\n Size/MD5 checksum: 32500 5807e7e4389796a8dd1b79c9ae07f051\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_powerpc.deb\n Size/MD5 checksum: 80232 5f4d117d2108a7c0ab683e6b2756a701\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_s390.deb\n Size/MD5 checksum: 12697106 ba9085a2f7203579f62e288e3f1dd7ee\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_s390.deb\n Size/MD5 checksum: 3278522 7b17ff2d80845368acdf7263c1affc50\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_s390.deb\n Size/MD5 checksum: 150324 943c02d94e672ec2fe94c1303ee2679d\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_s390.deb\n Size/MD5 checksum: 32484 2cbf34e4da8492fe773465378e069ca6\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_s390.deb\n Size/MD5 checksum: 88194 e7ccfa32631e9acd0e96146f9c49a176\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8a_sparc.deb\n Size/MD5 checksum: 11167620 d493999d1fe3f28b0adef98731003ad7\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a_sparc.deb\n Size/MD5 checksum: 3273616 2e75bfd4a38e0e92de802c7ed5560f90\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a_sparc.deb\n Size/MD5 checksum: 143680 402f90dc28004eb5c6777d1e13946c55\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a_sparc.deb\n Size/MD5 checksum: 32500 0534fcca42cbc508c633ec090b875bb1\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a_sparc.deb\n Size/MD5 checksum: 82040 ca4a06228ba6980a44b8df8c37b94b0c\n\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2006-08-02T00:00:00", "published": "2006-08-02T00:00:00", "id": "DEBIAN:DSA-1134-1:9D70A", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00223.html", "title": "[SECURITY] [DSA 1134-1] New Mozilla Thunderbird packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-16T22:14:47", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1120-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJuly 23rd, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : mozilla-firefox\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE IDs : CVE-2006-1942 CVE-2006-2775 CVE-2006-2776 CVE-2006-2777\n CVE-2006-2778 CVE-2006-2779 CVE-2006-2780 CVE-2006-2782\n CVE-2006-2783 CVE-2006-2784 CVE-2006-2785 CVE-2006-2786\n CVE-2006-2787\nCERT advisories: VU#237257 VU#243153 VU#421529 VU#466673 VU#575969\nBugTraq ID : 18228\n\nSeveral security related problems have been discovered in Mozilla.\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing vulnerabilities:\n\nCVE-2006-1942\n\n Eric Foley discovered that a user can be tricked to expose a local\n file to a remote attacker by displaying a local file as image in\n connection with other vulnerabilities. [MFSA-2006-39]\n\nCVE-2006-2775\n\n XUL attributes are associated with the wrong URL under certain\n circumstances, which might allow remote attackers to bypass\n restrictions. [MFSA-2006-35]\n\nCVE-2006-2776\n\n Paul Nickerson discovered that content-defined setters on an\n object prototype were getting called by privileged user interface\n code, and "moz_bug_r_a4" demonstrated that the higher privilege\n level could be passed along to the content-defined attack code.\n [MFSA-2006-37]\n\nCVE-2006-2777\n\n A vulnerability allows remote attackers to execute arbitrary code\n and create notifications that are executed in a privileged\n context. [MFSA-2006-43]\n\nCVE-2006-2778\n\n Mikolaj Habryn a buffer overflow in the crypto.signText function\n that allows remote attackers to execute arbitrary code via certain\n optional Certificate Authority name arguments. [MFSA-2006-38]\n\nCVE-2006-2779\n\n Mozilla team members discovered several crashes during testing of\n the browser engine showing evidence of memory corruption which may\n also lead to the execution of arbitrary code. This problem has\n only partially been corrected. [MFSA-2006-32]\n\nCVE-2006-2780\n\n An integer overflow allows remote attackers to cause a denial of\n service and may permit the execution of arbitrary code.\n [MFSA-2006-32]\n\nCVE-2006-2782\n\n Chuck McAuley discovered that a text input box can be pre-filled\n with a filename and then turned into a file-upload control,\n allowing a malicious website to steal any local file whose name\n they can guess. [MFSA-2006-41, MFSA-2006-23, CVE-2006-1729]\n\nCVE-2006-2783\n\n Masatoshi Kimura discovered that the Unicode Byte-order-Mark (BOM)\n is stripped from UTF-8 pages during the conversion to Unicode\n before the parser sees the web page, which allows remote attackers\n to conduct cross-site scripting (XSS) attacks. [MFSA-2006-42]\n\nCVE-2006-2784\n\n Paul Nickerson discovered that the fix for CAN-2005-0752 can be\n bypassed using nested javascript: URLs, allowing the attacker to\n execute privileged code. [MFSA-2005-34, MFSA-2006-36]\n\nCVE-2006-2785\n\n Paul Nickerson demonstrated that if an attacker could convince a\n user to right-click on a broken image and choose "View Image" from\n the context menu then he could get JavaScript to\n run. [MFSA-2006-34]\n\nCVE-2006-2786\n\n Kazuho Oku discovered that Mozilla's lenient handling of HTTP\n header syntax may allow remote attackers to trick the browser to\n interpret certain responses as if they were responses from two\n different sites. [MFSA-2006-33]\n\nCVE-2006-2787\n\n The Mozilla researcher "moz_bug_r_a4" discovered that JavaScript\n run via EvalInSandbox can escape the sandbox and gain elevated\n privilege. [MFSA-2006-31]\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 1.0.4-2sarge9.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.5.dfsg+1.5.0.4-1.\n\nWe recommend that you upgrade your Mozilla Firefox packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9.dsc\n Size/MD5 checksum: 1001 21424c5ba440f16f6abea37711d66aa9\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9.diff.gz\n Size/MD5 checksum: 398646 2eff76a21650ad05f52b5fdf73bd3f7e\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4.orig.tar.gz\n Size/MD5 checksum: 40212297 8e4ba81ad02c7986446d4e54e978409d\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_alpha.deb\n Size/MD5 checksum: 11173304 3a940907dc9761c8f509bb4c985db436\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_alpha.deb\n Size/MD5 checksum: 169032 05d7a00140abdf880b41c4fa28114068\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_alpha.deb\n Size/MD5 checksum: 60866 de85fa33566f2fbfcc86501ee62b2a1b\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_amd64.deb\n Size/MD5 checksum: 9401816 963bc07e9bad81b56674d2e87fcc2074\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_amd64.deb\n Size/MD5 checksum: 163774 782e55322d790e206be62b7c973cf4ee\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_amd64.deb\n Size/MD5 checksum: 59390 62063c4dc7dfb9dd977b2a019bd37946\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_arm.deb\n Size/MD5 checksum: 8223298 0a3854d01bb66b8251a6fd0f6f6acf1d\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_arm.deb\n Size/MD5 checksum: 155248 04b4755e60835717a7b5ed0025f00f0c\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_arm.deb\n Size/MD5 checksum: 54702 93f66e628ad9327de4ed14acdfec4395\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_i386.deb\n Size/MD5 checksum: 8899786 395567e782da4a1d6e0ef10367ba57cc\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_i386.deb\n Size/MD5 checksum: 159032 5225bca73b84ed3e8a1c4e06bdd6cd69\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_i386.deb\n Size/MD5 checksum: 56250 f8baa460416bd34c28e347b371c2ac72\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_ia64.deb\n Size/MD5 checksum: 11632562 3fc46e9c4a4575594c610c7ff85146ce\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_ia64.deb\n Size/MD5 checksum: 169362 aad3f6f89760080eca86f9988c690532\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_ia64.deb\n Size/MD5 checksum: 64062 0973673b6e56cc6d26db14a0170c4a1a\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_hppa.deb\n Size/MD5 checksum: 10275134 dbdcf7d07ead3c046ec5a604922bd853\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_hppa.deb\n Size/MD5 checksum: 166732 ff51c0f78f3bb6ee011c85e850e67230\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_hppa.deb\n Size/MD5 checksum: 59840 856193bc316aecbcce4f88aae4404240\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_m68k.deb\n Size/MD5 checksum: 8175302 d60841a0292077f4635ca9b68c45cd8a\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_m68k.deb\n Size/MD5 checksum: 157932 5559512572a0493c336f46e67dc6163d\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_m68k.deb\n Size/MD5 checksum: 55524 f04387c9e24e76965342227983327a03\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_mips.deb\n Size/MD5 checksum: 9932150 56eefc3ec8a8832645ec1316929f4411\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_mips.deb\n Size/MD5 checksum: 156774 696dca1ed57d6c13fd80bcd6fc4364cd\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_mips.deb\n Size/MD5 checksum: 56506 af7303ff23599cf25224df22f5b92e05\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_mipsel.deb\n Size/MD5 checksum: 9810314 3673c61e049c42c7ea21ed58e06b2acc\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_mipsel.deb\n Size/MD5 checksum: 156350 9d3f411c8372b54775ab5ba90c10d0da\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_mipsel.deb\n Size/MD5 checksum: 56336 ccc11bdf50a4b0809fe7ed2dbdf44006\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_powerpc.deb\n Size/MD5 checksum: 8571660 cf198d98db5695e5c423c567ebfdba38\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_powerpc.deb\n Size/MD5 checksum: 157448 d96866bfc3e74f73d6cf4a3f71aa50cb\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_powerpc.deb\n Size/MD5 checksum: 58628 e3a6722463006bb379c9548318784af8\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_s390.deb\n Size/MD5 checksum: 9641400 c935ca331cf22eab9f311fc65c69e227\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_s390.deb\n Size/MD5 checksum: 164392 342aeb1f6362565bac9cd8f9a34e6711\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_s390.deb\n Size/MD5 checksum: 58816 3199d08b5c64c05d4c9f3600fd1a9927\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_sparc.deb\n Size/MD5 checksum: 8662210 a25db0f4ce57b47898d633b2512cd0b4\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_sparc.deb\n Size/MD5 checksum: 157632 5d0f66746bcbb48269e1e4e0efa71067\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_sparc.deb\n Size/MD5 checksum: 55062 99d09b78f6efa23c02d1e9076185f105\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2006-07-23T00:00:00", "published": "2006-07-23T00:00:00", "id": "DEBIAN:DSA-1120-1:5AE40", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00207.html", "title": "[SECURITY] [DSA 1120-1] New Mozilla Firefox packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-12-11T17:45:43", "bulletinFamily": "unix", "description": "SeaMonkey is an open source Web browser, advanced email and newsgroup\r\nclient, IRC chat client, and HTML editor.\r\n\r\nThe Mozilla Foundation has discontinued support for the Mozilla Suite. This\r\nupdate deprecates the Mozilla Suite in Red Hat Enterprise Linux 3 in favor\r\nof the supported SeaMonkey Suite.\r\n\r\nThis update also resolves a number of outstanding Mozilla security issues:\r\n\r\nSeveral flaws were found in the way Mozilla processed certain javascript\r\nactions. A malicious web page could execute arbitrary javascript\r\ninstructions with the permissions of \"chrome\", allowing the page to steal\r\nsensitive information or install browser malware. (CVE-2006-2776,\r\nCVE-2006-2784, CVE-2006-2785, CVE-2006-2787)\r\n\r\nSeveral denial of service flaws were found in the way Mozilla processed\r\ncertain web content. A malicious web page could crash firefox or possibly\r\nexecute arbitrary code. These issues to date were not proven to be\r\nexploitable, but do show evidence of memory corruption. (CVE-2006-2779,\r\nCVE-2006-2780)\r\n\r\nA double-free flaw was found in the way Mozilla-mail displayed malformed\r\ninline vcard attachments. If a victim viewed an email message containing\r\na carefully crafted vcard it could execute arbitrary code as the user\r\nrunning Mozilla-mail. (CVE-2006-2781) \r\n\r\nA cross site scripting flaw was found in the way Mozilla processed Unicode\r\nByte-order-Mark (BOM) markers in UTF-8 web pages. A malicious web page\r\ncould execute a script within the browser that a web input sanitizer could\r\nmiss due to a malformed \"script\" tag. (CVE-2006-2783)\r\n\r\nA form file upload flaw was found in the way Mozilla handled javascript\r\ninput object mutation. A malicious web page could upload an arbitrary local\r\nfile at form submission time without user interaction. (CVE-2006-2782)\r\n\r\nA denial of service flaw was found in the way Mozilla called the\r\ncrypto.signText() javascript function. A malicious web page could crash the\r\nbrowser if the victim had a client certificate loaded. (CVE-2006-2778)\r\n\r\nTwo HTTP response smuggling flaws were found in the way Mozilla processed\r\ncertain invalid HTTP response headers. A malicious web site could return\r\nspecially crafted HTTP response headers which may bypass HTTP proxy\r\nrestrictions. (CVE-2006-2786)\r\n\r\nA double free flaw was found in the way the nsIX509::getRawDER method was\r\ncalled. If a victim visited a carefully crafted web page it could execute\r\narbitrary code as the user running Mozilla. (CVE-2006-2788)\r\n\r\nUsers of Mozilla are advised to upgrade to this update, which contains\r\nSeaMonkey version 1.0.2 that is not vulnerable to these issues.", "modified": "2017-07-29T20:27:13", "published": "2006-07-20T04:00:00", "id": "RHSA-2006:0578", "href": "https://access.redhat.com/errata/RHSA-2006:0578", "type": "redhat", "title": "(RHSA-2006:0578) seamonkey security update (was mozilla)", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:40:53", "bulletinFamily": "unix", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\r\n\r\nThe Mozilla Foundation has discontinued support for the Mozilla Thunderbird\r\n1.0 branch. This update deprecates the Mozilla Thunderbird 1.0 branch in\r\nRed Hat Enterprise Linux 4 in favor of the supported Mozilla Thunderbird\r\n1.5 branch.\r\n\r\nThis update also resolves a number of outstanding Thunderbird security issues:\r\n\r\nSeveral flaws were found in the way Thunderbird processed certain\r\njavascript actions. A malicious mail message could execute arbitrary\r\njavascript instructions with the permissions of \"chrome\", allowing the page\r\nto steal sensitive information or install browser malware. (CVE-2006-2776,\r\nCVE-2006-2784, CVE-2006-2785, CVE-2006-2787, CVE-2006-3807, CVE-2006-3809)\r\n\r\nSeveral denial of service flaws were found in the way Thunderbird processed\r\ncertain mail messages. A malicious web page could crash the browser or\r\npossibly execute arbitrary code as the user running Thunderbird.\r\n(CVE-2006-2779, CVE-2006-2780, CVE-2006-3801, CVE-2006-3677,\r\nCVE-2006-3113, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3811)\r\n\r\nSeveral flaws were found in the way Thunderbird processed certain\r\njavascript actions. A malicious mail message could conduct a cross-site\r\nscripting attack or steal sensitive information (such as cookies owned by\r\nother domains). (CVE-2006-3802, CVE-2006-3810)\r\n\r\nA form file upload flaw was found in the way Thunderbird handled javascript\r\ninput object mutation. A malicious mail message could upload an arbitrary\r\nlocal file at form submission time without user interaction. (CVE-2006-2782)\r\n\r\nA denial of service flaw was found in the way Thunderbird called the\r\ncrypto.signText() javascript function. A malicious mail message could crash\r\nthe browser if the victim had a client certificate loaded. (CVE-2006-2778)\r\n\r\nA flaw was found in the way Thunderbird processed Proxy AutoConfig scripts.\r\nA malicious Proxy AutoConfig server could execute arbitrary javascript\r\ninstructions with the permissions of \"chrome\", allowing the page to steal\r\nsensitive information or install client malware. (CVE-2006-3808)\r\n\r\nNote: Please note that JavaScript support is disabled by default in\r\nThunderbird. The above issues are not exploitable with JavaScript disabled. \r\n\r\nTwo flaws were found in the way Thunderbird displayed malformed inline\r\nvcard attachments. If a victim viewed an email message containing a\r\ncarefully crafted vcard it was possible to execute arbitrary code as the\r\nuser running Thunderbird. (CVE-2006-2781, CVE-2006-3804)\r\n\r\nA cross site scripting flaw was found in the way Thunderbird processed\r\nUnicode Byte-order-Mark (BOM) markers in UTF-8 mail messages. A malicious\r\nweb page could execute a script within the browser that a web input\r\nsanitizer could miss due to a malformed \"script\" tag. (CVE-2006-2783)\r\n\r\nTwo HTTP response smuggling flaws were found in the way Thunderbird\r\nprocessed certain invalid HTTP response headers. A malicious web site could\r\nreturn specially crafted HTTP response headers which may bypass HTTP proxy\r\nrestrictions. (CVE-2006-2786)\r\n\r\nA double free flaw was found in the way the nsIX509::getRawDER method was\r\ncalled. If a victim visited a carefully crafted web page, it was possible\r\nto crash Thunderbird. (CVE-2006-2788)\r\n\r\nUsers of Thunderbird are advised to upgrade to this update, which contains\r\nThunderbird version 1.5.0.5 that corrects these issues.", "modified": "2017-09-08T12:12:04", "published": "2006-07-28T04:00:00", "id": "RHSA-2006:0611", "href": "https://access.redhat.com/errata/RHSA-2006:0611", "type": "redhat", "title": "(RHSA-2006:0611) thunderbird security update", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:45:26", "bulletinFamily": "unix", "description": "Seamonkey is an open source Web browser, advanced email and newsgroup\r\nclient, IRC chat client, and HTML editor.\r\n\r\nThe Mozilla Foundation has discontinued support for the Mozilla Suite. This\r\nupdate deprecates the Mozilla Suite in Red Hat Enterprise Linux 4 in\r\nfavor of the supported Seamonkey Suite.\r\n\r\nThis update also resolves a number of outstanding Mozilla security issues:\r\n\r\nSeveral flaws were found in the way Seamonkey processed certain javascript\r\nactions. A malicious web page could execute arbitrary javascript\r\ninstructions with the permissions of \"chrome\", allowing the page to steal\r\nsensitive information or install browser malware. (CVE-2006-2776,\r\nCVE-2006-2784, CVE-2006-2785, CVE-2006-2787, CVE-2006-3807, CVE-2006-3809,\r\nCVE-2006-3812)\r\n\r\nSeveral denial of service flaws were found in the way Seamonkey processed\r\ncertain web content. A malicious web page could crash the browser or\r\npossibly execute arbitrary code as the user running Seamonkey.\r\n(CVE-2006-2779, CVE-2006-2780, CVE-2006-3801, CVE-2006-3677, CVE-2006-3113,\r\nCVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3811)\r\n\r\nTwo flaws were found in the way Seamonkey-mail displayed malformed\r\ninline vcard attachments. If a victim viewed an email message containing\r\na carefully crafted vcard it was possible to execute arbitrary code as the\r\nuser running Mozilla-mail. (CVE-2006-2781, CVE-2006-3804)\r\n\r\nA cross-site scripting flaw was found in the way Seamonkey processed\r\nUnicode Byte-Order-Mark (BOM) markers in UTF-8 web pages. A malicious web\r\npage could execute a script within the browser that a web input sanitizer\r\ncould miss due to a malformed \"script\" tag. (CVE-2006-2783)\r\n\r\nSeveral flaws were found in the way Seamonkey processed certain javascript\r\nactions. A malicious web page could conduct a cross-site scripting attack\r\nor steal sensitive information (such as cookies owned by other domains).\r\n(CVE-2006-3802, CVE-2006-3810)\r\n\r\nA form file upload flaw was found in the way Seamonkey handled javascript\r\ninput object mutation. A malicious web page could upload an arbitrary local\r\nfile at form submission time without user interaction. (CVE-2006-2782)\r\n\r\nA denial of service flaw was found in the way Seamonkey called the\r\ncrypto.signText() javascript function. A malicious web page could crash the\r\nbrowser if the victim had a client certificate loaded. (CVE-2006-2778)\r\n\r\nTwo HTTP response smuggling flaws were found in the way Seamonkey processed\r\ncertain invalid HTTP response headers. A malicious web site could return\r\nspecially crafted HTTP response headers which may bypass HTTP proxy\r\nrestrictions. (CVE-2006-2786)\r\n\r\nA flaw was found in the way Seamonkey processed Proxy AutoConfig scripts. A\r\nmalicious Proxy AutoConfig server could execute arbitrary javascript\r\ninstructions with the permissions of \"chrome\", allowing the page to steal\r\nsensitive information or install browser malware. (CVE-2006-3808)\r\n\r\nA double free flaw was found in the way the nsIX509::getRawDER method was\r\ncalled. If a victim visited a carefully crafted web page, it was possible\r\nto execute arbitrary code as the user running Mozilla. (CVE-2006-2788)\r\n\r\nUsers of Mozilla are advised to upgrade to this update, which contains\r\nSeamonkey version 1.0.3 that corrects these issues.", "modified": "2017-09-08T11:49:07", "published": "2006-08-02T04:00:00", "id": "RHSA-2006:0609", "href": "https://access.redhat.com/errata/RHSA-2006:0609", "type": "redhat", "title": "(RHSA-2006:0609) seamonkey security update", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:43:41", "bulletinFamily": "unix", "description": "Mozilla Firefox is an open source Web browser.\r\n\r\nThe Mozilla Foundation has discontinued support for the Mozilla Firefox\r\n1.0 branch. This update deprecates the Mozilla Firefox 1.0 branch in\r\nRed Hat Enterprise Linux 4 in favor of the supported Mozilla Firefox\r\n1.5 branch.\r\n\r\nThis update also resolves a number of outstanding Firefox security issues:\r\n\r\nSeveral flaws were found in the way Firefox processed certain javascript\r\nactions. A malicious web page could execute arbitrary javascript\r\ninstructions with the permissions of \"chrome\", allowing the page to steal\r\nsensitive information or install browser malware. (CVE-2006-2776,\r\nCVE-2006-2784, CVE-2006-2785, CVE-2006-2787, CVE-2006-3807, CVE-2006-3809,\r\nCVE-2006-3812)\r\n\r\nSeveral denial of service flaws were found in the way Firefox processed\r\ncertain web content. A malicious web page could crash the browser or\r\npossibly execute arbitrary code as the user running Firefox.\r\n(CVE-2006-2779, CVE-2006-2780, CVE-2006-3801, CVE-2006-3677, CVE-2006-3113,\r\nCVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3811)\r\n\r\nA cross-site scripting flaw was found in the way Firefox processed\r\nUnicode Byte-Order-Mark (BOM) markers in UTF-8 web pages. A malicious web\r\npage could execute a script within the browser that a web input sanitizer\r\ncould miss due to a malformed \"script\" tag. (CVE-2006-2783)\r\n\r\nSeveral flaws were found in the way Firefox processed certain javascript\r\nactions. A malicious web page could conduct a cross-site scripting attack\r\nor steal sensitive information (such as cookies owned by other domains).\r\n(CVE-2006-3802, CVE-2006-3810)\r\n\r\nA form file upload flaw was found in the way Firefox handled javascript\r\ninput object mutation. A malicious web page could upload an arbitrary local\r\nfile at form submission time without user interaction. (CVE-2006-2782)\r\n\r\nA denial of service flaw was found in the way Firefox called the\r\ncrypto.signText() javascript function. A malicious web page could crash the\r\nbrowser if the victim had a client certificate loaded. (CVE-2006-2778)\r\n\r\nTwo HTTP response smuggling flaws were found in the way Firefox processed\r\ncertain invalid HTTP response headers. A malicious web site could return\r\nspecially crafted HTTP response headers which may bypass HTTP proxy\r\nrestrictions. (CVE-2006-2786)\r\n\r\nA flaw was found in the way Firefox processed Proxy AutoConfig scripts. A\r\nmalicious Proxy AutoConfig server could execute arbitrary javascript\r\ninstructions with the permissions of \"chrome\", allowing the page to steal\r\nsensitive information or install browser malware. (CVE-2006-3808)\r\n\r\nA double free flaw was found in the way the nsIX509::getRawDER method was\r\ncalled. If a victim visited a carefully crafted web page, it was possible\r\nto execute arbitrary code as the user running Firefox. (CVE-2006-2788)\r\n\r\nUsers of Firefox are advised to upgrade to this update, which contains\r\nFirefox version 1.5.0.5 that corrects these issues.", "modified": "2017-09-08T11:54:53", "published": "2006-07-28T04:00:00", "id": "RHSA-2006:0610", "href": "https://access.redhat.com/errata/RHSA-2006:0610", "type": "redhat", "title": "(RHSA-2006:0610) firefox security update", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:43:35", "bulletinFamily": "unix", "description": "SeaMonkey is an open source Web browser, advanced email and newsgroup\r\nclient, IRC chat client, and HTML editor.\r\n\r\nThe Mozilla Foundation has discontinued support for the Mozilla Suite. This\r\nupdate deprecates the Mozilla Suite in Red Hat Enterprise Linux 2.1 in\r\nfavor of the supported SeaMonkey Suite.\r\n\r\nThis update also resolves a number of outstanding Mozilla security issues:\r\n\r\nSeveral flaws were found in the way SeaMonkey processed certain javascript\r\nactions. A malicious web page could execute arbitrary javascript\r\ninstructions with the permissions of \"chrome\", allowing the page to steal\r\nsensitive information or install browser malware. (CVE-2006-2776,\r\nCVE-2006-2784, CVE-2006-2785, CVE-2006-2787, CVE-2006-3807, CVE-2006-3809,\r\nCVE-2006-3812)\r\n\r\nSeveral denial of service flaws were found in the way SeaMonkey processed\r\ncertain web content. A malicious web page could crash the browser or\r\npossibly execute arbitrary code as the user running SeaMonkey.\r\n(CVE-2006-2779, CVE-2006-2780, CVE-2006-3801, CVE-2006-3677, CVE-2006-3113,\r\nCVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3811)\r\n\r\nTwo flaws were found in the way SeaMonkey Messenger displayed malformed\r\ninline vcard attachments. If a victim viewed an email message containing\r\na carefully crafted vcard it was possible to execute arbitrary code as the\r\nuser running SeaMonkey Messenger. (CVE-2006-2781, CVE-2006-3804)\r\n\r\nA cross-site scripting flaw was found in the way SeaMonkey processed\r\nUnicode Byte-Order-Mark (BOM) markers in UTF-8 web pages. A malicious web\r\npage could execute a script within the browser that a web input sanitizer\r\ncould miss due to a malformed \"script\" tag. (CVE-2006-2783)\r\n\r\nSeveral flaws were found in the way SeaMonkey processed certain javascript\r\nactions. A malicious web page could conduct a cross-site scripting attack\r\nor steal sensitive information (such as cookies owned by other domains).\r\n(CVE-2006-3802, CVE-2006-3810)\r\n\r\nA form file upload flaw was found in the way SeaMonkey handled javascript\r\ninput object mutation. A malicious web page could upload an arbitrary local\r\nfile at form submission time without user interaction. (CVE-2006-2782)\r\n\r\nA denial of service flaw was found in the way SeaMonkey called the\r\ncrypto.signText() javascript function. A malicious web page could crash the\r\nbrowser if the victim had a client certificate loaded. (CVE-2006-2778)\r\n\r\nTwo HTTP response smuggling flaws were found in the way SeaMonkey processed\r\ncertain invalid HTTP response headers. A malicious web site could return\r\nspecially crafted HTTP response headers which may bypass HTTP proxy\r\nrestrictions. (CVE-2006-2786)\r\n\r\nA flaw was found in the way SeaMonkey processed Proxy AutoConfig scripts. A\r\nmalicious Proxy AutoConfig server could execute arbitrary javascript\r\ninstructions with the permissions of \"chrome\", allowing the page to steal\r\nsensitive information or install browser malware. (CVE-2006-3808)\r\n\r\nA double free flaw was found in the way the nsIX509::getRawDER method was\r\ncalled. If a victim visited a carefully crafted web page it was possible to\r\nexecute arbitrary code as the user running SeaMonkey. (CVE-2006-2788)\r\n\r\nUsers of Mozilla are advised to upgrade to this update, which contains\r\nSeaMonkey version 1.0.3 that corrects these issues.", "modified": "2018-03-14T19:28:05", "published": "2006-08-28T04:00:00", "id": "RHSA-2006:0594", "href": "https://access.redhat.com/errata/RHSA-2006:0594", "type": "redhat", "title": "(RHSA-2006:0594) seamonkey security update (was mozilla)", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:18", "bulletinFamily": "software", "description": "=========================================================== \r\nUbuntu Security Notice USN-323-1 July 25, 2006\r\nmozilla vulnerabilities\r\nCVE-2006-2775, CVE-2006-2776, CVE-2006-2777, CVE-2006-2778,\r\nCVE-2006-2779, CVE-2006-2780, CVE-2006-2781, CVE-2006-2782,\r\nCVE-2006-2783, CVE-2006-2784, CVE-2006-2785, CVE-2006-2786,\r\nCVE-2006-2787\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 5.04\r\nUbuntu 5.10\r\n\r\nThis advisory also applies to the corresponding versions of\r\nKubuntu, Edubuntu, and Xubuntu.\r\n\r\nThe problem can be corrected by upgrading your system to the\r\nfollowing package versions:\r\n\r\nUbuntu 5.04:\r\n mozilla-browser 2:1.7.13-0ubuntu05.04.1\r\n mozilla-mailnews 2:1.7.13-0ubuntu05.04.1\r\n mozilla-psm 2:1.7.13-0ubuntu05.04.1\r\n\r\nUbuntu 5.10:\r\n mozilla-browser 2:1.7.13-0ubuntu5.10.1\r\n mozilla-mailnews 2:1.7.13-0ubuntu5.10.1\r\n mozilla-psm 2:1.7.13-0ubuntu5.10.1\r\n\r\nAfter a standard system upgrade you need to restart Mozilla to effect\r\nthe necessary changes.\r\n\r\nDetails follow:\r\n\r\nJonas Sicking discovered that under some circumstances persisted XUL\r\nattributes are associated with the wrong URL. A malicious web site\r\ncould exploit this to execute arbitrary code with the privileges of\r\nthe user. (MFSA 2006-35, CVE-2006-2775)\r\n\r\nPaul Nickerson discovered that content-defined setters on an object\r\nprototype were getting called by privileged UI code. It was\r\ndemonstrated that this could be exploited to run arbitrary web script\r\nwith full user privileges (MFSA 2006-37, CVE-2006-2776). A similar\r\nattack was discovered by moz_bug_r_a4 that leveraged SelectionObject\r\nnotifications that were called in privileged context. (MFSA 2006-43,\r\nCVE-2006-2777)\r\n\r\nMikolaj Habryn discovered a buffer overflow in the crypto.signText()\r\nfunction. By tricking a user to visit a site with an SSL certificate\r\nwith specially crafted optional Certificate Authority name\r\narguments, this could potentially be exploited to execute arbitrary\r\ncode with the user's privileges. (MFSA 2006-38, CVE-2006-2778)\r\n\r\nThe Mozilla developer team discovered several bugs that lead to\r\ncrashes with memory corruption. These might be exploitable by\r\nmalicious web sites to execute arbitrary code with the privileges of\r\nthe user. (MFSA 2006-32, CVE-2006-2779, CVE-2006-2780)\r\n\r\nMasatoshi Kimura discovered a memory corruption (double-free) when\r\nprocessing a large VCard with invalid base64 characters in it. By\r\nsending a maliciously crafted set of VCards to a user, this could\r\npotentially be exploited to execute arbitrary code with the user's\r\nprivileges. (MFSA 2006-40, CVE-2006-2781)\r\n\r\nChuck McAuley reported that the fix for CVE-2006-1729 (file stealing\r\nby changing input type) was not sufficient to prevent all variants of\r\nexploitation. (MFSA 2006-41, CVE-2006-2782)\r\n\r\nMasatoshi Kimura found a way to bypass web input sanitizers which\r\nfilter out JavaScript. By inserting 'Unicode Byte-order-Mark (BOM)'\r\ncharacters into the HTML code (e. g. '<scr[BOM]ipt>'), these filters\r\nmight not recognize the tags anymore; however, Mozilla would still\r\nexecute them since BOM markers are filtered out before processing the\r\npage. (MFSA 2006-42, CVE-2006-2783)\r\n\r\nPaul Nickerson noticed that the fix for CVE-2005-0752 (JavaScript\r\nprivilege escalation on the plugins page) was not sufficient to\r\nprevent all variants of exploitation. (MFSA 2006-36, CVE-2006-2784)\r\n\r\nPaul Nickerson demonstrated that if an attacker could convince a user\r\nto right-click on a broken image and choose "View Image" from the\r\ncontext menu then he could get JavaScript to run on a site of the\r\nattacker's choosing. This could be used to steal login cookies or\r\nother confidential information from the target site. (MFSA 2006-34,\r\nCVE-2006-2785)\r\n\r\nKazuho Oku discovered various ways to perform HTTP response smuggling\r\nwhen used with certain proxy servers. Due to different interpretation\r\nof nonstandard HTTP headers in Mozilla and the proxy server, a\r\nmalicious web site can exploit this to send back two responses to one\r\nrequest. The second response could be used to steal login cookies or\r\nother sensitive data from another opened web site. (MFSA 2006-33,\r\nCVE-2006-2786)\r\n\r\n\r\nUpdated packages for Ubuntu 5.04:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla_1.7.13-0ubuntu05.04.1.diff.gz\r\n Size/MD5: 337800 2db7b990124c6c1c1b8e9672ca5d6513\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla_1.7.13-0ubuntu05.04.1.dsc\r\n Size/MD5: 1140 dff39e5ce49d9743de85eec224192a32\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla_1.7.13.orig.tar.gz\r\n Size/MD5: 38788839 db906560b5abe488286ad1edc21d52b6\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr-dev_1.7.13-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 168074 ad1b6c33075e971bbda9f2b1fb105acd\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr4_1.7.13-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 141800 26fe9cb2a488851d5a08f008eccb1286\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss-dev_1.7.13-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 184958 e70af6a5c0c0ebd475977cede7dd2d0e\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss3_1.7.13-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 710626 8a7cb0a2c698fbb25a19cb372012cc25\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-browser_1.7.13-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 10610980 33b6ff77510c97ad410648acfa60969d\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-calendar_1.7.13-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 403276 503bd265002378861042e9145adca4e5\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-chatzilla_1.7.13-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 158328 a3a78547d1739fa489b5eaf06e2bb775\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-dev_1.7.13-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 3352288 f136491aa7a81cafefbb3c7ecdc5f358\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-dom-inspector_1.7.13-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 121188 9047e6b7ddc935e553ef96869a0697b1\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-js-debugger_1.7.13-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 204152 5ddbdbe777cf61007db5946793386778\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-mailnews_1.7.13-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 1935856 e72372370e4e6ad8f232649faab04c1e\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-psm_1.7.13-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 204518 694f522af956a4e0450fc40c0fec1681\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla_1.7.13-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 1042 e6281edcb4a65fa6d05ea72eb83b6cc6\r\n\r\n i386 architecture (x86 compatible Intel/AMD)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr-dev_1.7.13-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 168070 81c685cd991f0ff3b109be63f80130c5\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr4_1.7.13-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 128448 77877720eaad8970b2675ead1eeaaf76\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss-dev_1.7.13-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 184934 cf8811d7050bd397343b9a6f16e43be6\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss3_1.7.13-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 640510 4919807173e6d2e47a9d3c04ba7ba2b8\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-browser_1.7.13-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 9625412 8b357311b8d2ca54dec002ab45c8be2a\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-calendar_1.7.13-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 403294 b32aca483d56c4ce22e7c985b29e2fc4\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-chatzilla_1.7.13-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 158332 8186f8e0eed294d42d40deaa635620df\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-dev_1.7.13-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 3344850 258d820d93386ad62ef54a6427dc80a8\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-dom-inspector_1.7.13-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 115832 cb1f8880d0afe7e6d7c7a62df15817ed\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-js-debugger_1.7.13-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 204160 6631b13c4025bbe77715589c86c28de7\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-mailnews_1.7.13-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 1780842 e2d26ad17ed1ee60cf7b3dcadff9080a\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-psm_1.7.13-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 188486 7722d3ca28defc86236a0a24ec0a31bb\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla_1.7.13-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 1038 3122a3872c2860bf08471a77215a539f\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr-dev_1.7.13-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 168076 2df31cb514546f26e4dda5a13f234c55\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr4_1.7.13-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 127186 f68d8a52426231ba404610958394f786\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss-dev_1.7.13-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 184950 2f0a1db9364ce06f9c5b0a5b984d2167\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss3_1.7.13-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 714848 8f18e6495b88346a54b806af6bbea813\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-browser_1.7.13-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 9177718 3d1e82b88c35c967c210b88ff54970dc\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-calendar_1.7.13-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 403298 1c4691bde820ec913f3bbddf13c9cef6\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-chatzilla_1.7.13-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 158338 407c8d0d588edb5dd6742ec47b912472\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-dev_1.7.13-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 3340480 80710d7291666df1ce959410928bbec4\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-dom-inspector_1.7.13-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 114584 a3c957dc3151e896ff18e9bd2710e6fa\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-js-debugger_1.7.13-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 204166 f4a827dd3800896f1dd36c9a0e563ff9\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-mailnews_1.7.13-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 1643010 06882ef0b556a5db1adec008cd609370\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-psm_1.7.13-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 175714 a1f98dd0b17c838723cd06b4a4167a21\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla_1.7.13-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 1046 3fff2d11475b3d408cb007f79583b486\r\n\r\nUpdated packages for Ubuntu 5.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla_1.7.13-0ubuntu5.10.1.diff.gz\r\n Size/MD5: 339739 f3417c36cc2f4edf0f56f2a3d291186f\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla_1.7.13-0ubuntu5.10.1.dsc\r\n Size/MD5: 1080 6633c093477fe6313ea31a05626c74fa\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla_1.7.13.orig.tar.gz\r\n Size/MD5: 38788839 db906560b5abe488286ad1edc21d52b6\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr-dev_1.7.13-0ubuntu5.10.1_amd64.deb\r\n Size/MD5: 168042 e7c77d1568c6c46f083ab05f038464ff\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr4_1.7.13-0ubuntu5.10.1_amd64.deb\r\n Size/MD5: 143820 446658c0da7878eca5977486d5aa71c8\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss-dev_1.7.13-0ubuntu5.10.1_amd64.deb\r\n Size/MD5: 184942 8fc2cf6a6d115e63715f5c54b82c2d4a\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss3_1.7.13-0ubuntu5.10.1_amd64.deb\r\n Size/MD5: 719348 fd2b0f552c07995dc65906b56b12a5bc\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-browser_1.7.13-0ubuntu5.10.1_amd64.deb\r\n Size/MD5: 10666540 3b661ff62d97846c23e422fdb0f87bc8\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-calendar_1.7.13-0ubuntu5.10.1_amd64.deb\r\n Size/MD5: 403282 ab2167239e57b61676dc3fbd296a2ffc\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-chatzilla_1.7.13-0ubuntu5.10.1_amd64.deb\r\n Size/MD5: 158322 d0e08f0196752784b50d87191d878d0a\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-dev_1.7.13-0ubuntu5.10.1_amd64.deb\r\n Size/MD5: 3347976 344d169cf65cb66bb67af5dbb4c19048\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-dom-inspector_1.7.13-0ubuntu5.10.1_amd64.deb\r\n Size/MD5: 122358 9db2a1a2d412846a541a5b113357a65b\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-js-debugger_1.7.13-0ubuntu5.10.1_amd64.deb\r\n Size/MD5: 204154 9e2f774e0c8b0bc75f60899b9ea518dd\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-mailnews_1.7.13-0ubuntu5.10.1_amd64.deb\r\n Size/MD5: 1962852 1baa399dd55eaccda81c2f707f225817\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-psm_1.7.13-0ubuntu5.10.1_amd64.deb\r\n Size/MD5: 204202 e6f84c6501268f8cd8680d55ca8bc673\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla_1.7.13-0ubuntu5.10.1_amd64.deb\r\n Size/MD5: 1032 875ac9a3fccb0f396f537560047ca9e6\r\n\r\n i386 architecture (x86 compatible Intel/AMD)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr-dev_1.7.13-0ubuntu5.10.1_i386.deb\r\n Size/MD5: 168048 257bbb4473be7bdfff3ded89b9d8a12b\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr4_1.7.13-0ubuntu5.10.1_i386.deb\r\n Size/MD5: 129200 eda6af1ceb30b9594442702ad99152ed\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss-dev_1.7.13-0ubuntu5.10.1_i386.deb\r\n Size/MD5: 184932 f05d44d79b74e7887af887e6a9b09f1e\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss3_1.7.13-0ubuntu5.10.1_i386.deb\r\n Size/MD5: 635378 a7808a9e8f431a16cc60baddc68b8139\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-browser_1.7.13-0ubuntu5.10.1_i386.deb\r\n Size/MD5: 9185932 85d2251d70e3488a0cc388e0db41a4fc\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-calendar_1.7.13-0ubuntu5.10.1_i386.deb\r\n Size/MD5: 403280 7034e103d8a30f986ec57fe31160e487\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-chatzilla_1.7.13-0ubuntu5.10.1_i386.deb\r\n Size/MD5: 158324 a29a00a6e450d7d998d6e874987f10ba\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-dev_1.7.13-0ubuntu5.10.1_i386.deb\r\n Size/MD5: 3337576 7094cd9a4464d4645d92489c371c6cab\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-dom-inspector_1.7.13-0ubuntu5.10.1_i386.deb\r\n Size/MD5: 115304 87dd3fb83b695986dda9ddeaedf47781\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-js-debugger_1.7.13-0ubuntu5.10.1_i386.deb\r\n Size/MD5: 204152 09352de0004e77e96ca17cb21d0715e3\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-mailnews_1.7.13-0ubuntu5.10.1_i386.deb\r\n Size/MD5: 1691482 6df8075f514d49d7f5411891bbc0e7f5\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-psm_1.7.13-0ubuntu5.10.1_i386.deb\r\n Size/MD5: 178782 d2d5d1aa46de77fb2b54ec98ef3a7a14\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla_1.7.13-0ubuntu5.10.1_i386.deb\r\n Size/MD5: 1032 a3f4871c955138dd6d6e759ea114e4c8\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr-dev_1.7.13-0ubuntu5.10.1_powerpc.deb\r\n Size/MD5: 168048 852ade578c01f279b8aff0a794a268a3\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr4_1.7.13-0ubuntu5.10.1_powerpc.deb\r\n Size/MD5: 130906 df3dd2deffe59449bf2442cf00f6689e\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss-dev_1.7.13-0ubuntu5.10.1_powerpc.deb\r\n Size/MD5: 184932 4e6345c82ae5563193e1b5b201ef3043\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss3_1.7.13-0ubuntu5.10.1_powerpc.deb\r\n Size/MD5: 696888 902ed7ec1cf327ea9931948f756d60e6\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-browser_1.7.13-0ubuntu5.10.1_powerpc.deb\r\n Size/MD5: 9263244 87d38e3da8f8e9174e87552155add753\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-calendar_1.7.13-0ubuntu5.10.1_powerpc.deb\r\n Size/MD5: 403284 3a37460373177133ba2c687501b574a1\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-chatzilla_1.7.13-0ubuntu5.10.1_powerpc.deb\r\n Size/MD5: 158326 092102dfb58bfe5ea20ff0969f7f56f2\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-dev_1.7.13-0ubuntu5.10.1_powerpc.deb\r\n Size/MD5: 3336540 8f37d1620049b2fefc1b651fd51c43b7\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-dom-inspector_1.7.13-0ubuntu5.10.1_powerpc.deb\r\n Size/MD5: 115348 bef4e6c32a92c26fa06395801657e367\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-js-debugger_1.7.13-0ubuntu5.10.1_powerpc.deb\r\n Size/MD5: 204158 60731a37272e50a8660ecb2cfae9aabf\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-mailnews_1.7.13-0ubuntu5.10.1_powerpc.deb\r\n Size/MD5: 1671422 3b3f3bedfbba4263f26773d93436e769\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-psm_1.7.13-0ubuntu5.10.1_powerpc.deb\r\n Size/MD5: 175906 c6b918fa89cd2423d47b018f279c4d68\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla_1.7.13-0ubuntu5.10.1_powerpc.deb\r\n Size/MD5: 1032 cc69d04f87b79ff659067186cab9cfd9\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr-dev_1.7.13-0ubuntu5.10.1_sparc.deb\r\n Size/MD5: 168054 0d954bebca6ea4131c28e11337bba7ad\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr4_1.7.13-0ubuntu5.10.1_sparc.deb\r\n Size/MD5: 127450 521963b1b21999ff9f42d35b884c23ed\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss-dev_1.7.13-0ubuntu5.10.1_sparc.deb\r\n Size/MD5: 184948 74d53204904bf8bf02928f6cb0b3e787\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss3_1.7.13-0ubuntu5.10.1_sparc.deb\r\n Size/MD5: 630704 0987af2fe353aff94cefddc61ac1c8e6\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-browser_1.7.13-0ubuntu5.10.1_sparc.deb\r\n Size/MD5: 9013886 08e90ea95c75c3eb03d8533532314fdb\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-calendar_1.7.13-0ubuntu5.10.1_sparc.deb\r\n Size/MD5: 403286 f5a6f817c9926829a4012da7973b3fcc\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-chatzilla_1.7.13-0ubuntu5.10.1_sparc.deb\r\n Size/MD5: 158328 2b884313c4bd382d1609d01568b7013e\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-dev_1.7.13-0ubuntu5.10.1_sparc.deb\r\n Size/MD5: 3336286 f1a166252e7c78d5d90a7ef91b7b6eb0\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-dom-inspector_1.7.13-0ubuntu5.10.1_sparc.deb\r\n Size/MD5: 113834 8df1183b10a5d69c1087634f81178a41\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-js-debugger_1.7.13-0ubuntu5.10.1_sparc.deb\r\n Size/MD5: 204152 e0177e963461936592387a9e6d5171bd\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-mailnews_1.7.13-0ubuntu5.10.1_sparc.deb\r\n Size/MD5: 1629816 a02204343afa9a872f99f63e85170096\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-psm_1.7.13-0ubuntu5.10.1_sparc.deb\r\n Size/MD5: 170382 010d945bfd8636541e8202c036668e18\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla_1.7.13-0ubuntu5.10.1_sparc.deb\r\n Size/MD5: 1032 5d9b7b8e12b9746c44fd3fd41dec9f13", "modified": "2006-07-27T00:00:00", "published": "2006-07-27T00:00:00", "id": "SECURITYVULNS:DOC:13644", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:13644", "title": "[USN-323-1] mozilla vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:18", "bulletinFamily": "software", "description": "=========================================================== \r\nUbuntu Security Notice USN-297-3 July 26, 2006\r\nmozilla-thunderbird vulnerabilities\r\nCVE-2006-2775, CVE-2006-2776, CVE-2006-2778, CVE-2006-2779,\r\nCVE-2006-2780, CVE-2006-2781, CVE-2006-2783, CVE-2006-2784,\r\nCVE-2006-2787\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 5.04\r\nUbuntu 5.10\r\n\r\nThis advisory also applies to the corresponding versions of\r\nKubuntu, Edubuntu, and Xubuntu.\r\n\r\nThe problem can be corrected by upgrading your system to the\r\nfollowing package versions:\r\n\r\nUbuntu 5.04:\r\n mozilla-thunderbird 1.0.8-0ubuntu05.04.1\r\n\r\nUbuntu 5.10:\r\n mozilla-thunderbird 1.0.8-0ubuntu05.10.2\r\n\r\nAfter a standard system upgrade you need to restart Thunderbird to\r\neffect the necessary changes.\r\n\r\nDetails follow:\r\n\r\nUSN-297-1 fixed several vulnerabilities in Thunderbird for the Ubuntu\r\n6.06 LTS release. This update provides the corresponding fixes for\r\nUbuntu 5.04 and Ubuntu 5.10.\r\n\r\nFor reference, these are the details of the original USN:\r\n\r\n Jonas Sicking discovered that under some circumstances persisted XUL\r\n attributes are associated with the wrong URL. A malicious web site\r\n could exploit this to execute arbitrary code with the privileges of\r\n the user. (MFSA 2006-35, CVE-2006-2775)\r\n\r\n Paul Nickerson discovered that content-defined setters on an object\r\n prototype were getting called by privileged UI code. It was\r\n demonstrated that this could be exploited to run arbitrary web\r\n script with full user privileges (MFSA 2006-37, CVE-2006-2776).\r\n\r\n Mikolaj Habryn discovered a buffer overflow in the crypto.signText()\r\n function. By sending an email with malicious JavaScript to an user,\r\n and that user enabled JavaScript in Thunderbird (which is not the\r\n default and not recommended), this could potentially be exploited to\r\n execute arbitrary code with the user's privileges. (MFSA 2006-38,\r\n CVE-2006-2778)\r\n\r\n The Mozilla developer team discovered several bugs that lead to\r\n crashes with memory corruption. These might be exploitable by\r\n malicious web sites to execute arbitrary code with the privileges of\r\n the user. (MFSA 2006-32, CVE-2006-2779, CVE-2006-2780)\r\n\r\n Masatoshi Kimura discovered a memory corruption (double-free) when\r\n processing a large VCard with invalid base64 characters in it. By\r\n sending a maliciously crafted set of VCards to a user, this could\r\n potentially be exploited to execute arbitrary code with the user's\r\n privileges. (MFSA 2006-40, CVE-2006-2781)\r\n\r\n Masatoshi Kimura found a way to bypass web input sanitizers which\r\n filter out JavaScript. By inserting 'Unicode Byte-order-Mark (BOM)'\r\n characters into the HTML code (e. g. '<scr[BOM]ipt>'), these filters\r\n might not recognize the tags anymore; however, Thunderbird would\r\n still execute them since BOM markers are filtered out before\r\n processing a mail containing JavaScript. (MFSA 2006-42,\r\n CVE-2006-2783)\r\n\r\n Kazuho Oku discovered various ways to perform HTTP response\r\n smuggling when used with certain proxy servers. Due to different\r\n interpretation of nonstandard HTTP headers in Thunderbird and the\r\n proxy server, a malicious HTML email can exploit this to send back\r\n two responses to one request. The second response could be used to\r\n steal login cookies or other sensitive data from another opened web\r\n site. (MFSA 2006-33, CVE-2006-2786)\r\n\r\n It was discovered that JavaScript run via EvalInSandbox() can escape\r\n the sandbox. Malicious scripts received in emails containing\r\n JavaScript could use these privileges to execute arbitrary code with\r\n the user's privileges. (MFSA 2006-31, CVE-2006-2787)\r\n\r\n\r\nUpdated packages for Ubuntu 5.04:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.8-0ubuntu05.04.1.diff.gz\r\n Size/MD5: 98300 a4dffa1705bd280224188e7bbc7781dd\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.8-0ubuntu05.04.1.dsc\r\n Size/MD5: 946 7eebd4d62af685dd0ce74d5ff741c92c\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.8.orig.tar.gz\r\n Size/MD5: 32849510 ae345f1b722d8f3a977af4fd358d27b0\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.8-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 3347854 519c296b742dc6e6d5c308b0b6c5a433\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.8-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 145244 9a8d5c4ade62afdb187022df1b188099\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.8-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 27718 aa28f71d2133d0810bbf166d86c68dc7\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.8-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 82728 55ede40f0e71d287cfabe73492b3a71a\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.8-0ubuntu05.04.1_amd64.deb\r\n Size/MD5: 11959242 c6acc1fa0785193f037fb35a14f7505e\r\n\r\n i386 architecture (x86 compatible Intel/AMD)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.8-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 3341642 18916c1156df514eb6b538ec63737a8d\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.8-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 140326 b2f8c499a4b160e6131d2fb2278e54b5\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.8-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 27724 6bab59d8db842eee01a411c256b64cd8\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.8-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 80468 114885d918a10761414adafc506be2e5\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.8-0ubuntu05.04.1_i386.deb\r\n Size/MD5: 10911294 67ab1c44fe9a3d164e0c79755365e2bf\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.8-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 3337162 85e96f1fe254dc69170d3fc814110cd2\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.8-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 139122 0ac4864a4c69045c43b37aad80f3336d\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.8-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 27732 b4103fcdfef1107966f21b8a857dc01f\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.8-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 74682 8f14928b2be37c12e205be1389749e0d\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.8-0ubuntu05.04.1_powerpc.deb\r\n Size/MD5: 10453746 f728c125a4ccf1d556ffd9cc39539055\r\n\r\nUpdated packages for Ubuntu 5.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.8-0ubuntu05.10.2.diff.gz\r\n Size/MD5: 100417 c3f0f93e338ff900b5ccec2515d0c43b\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.8-0ubuntu05.10.2.dsc\r\n Size/MD5: 919 5945fce5d3140112099d74b56537666b\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.8.orig.tar.gz\r\n Size/MD5: 32849510 ae345f1b722d8f3a977af4fd358d27b0\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.8-0ubuntu05.10.2_amd64.deb\r\n Size/MD5: 3294738 7340b5b39e4954d5c6284e04229e6632\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.8-0ubuntu05.10.2_amd64.deb\r\n Size/MD5: 146796 030b130217cd4b0cec9fd2e0c5239a0d\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.8-0ubuntu05.10.2_amd64.deb\r\n Size/MD5: 28266 11631a9ac55712b21a03470fe424e480\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.8-0ubuntu05.10.2_amd64.deb\r\n Size/MD5: 86278 4059ff0cb8da24cbd92d72accd3f2d67\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.8-0ubuntu05.10.2_amd64.deb\r\n Size/MD5: 11977184 6d77be91b8c0e9b06cf0cec0c8483998\r\n\r\n i386 architecture (x86 compatible Intel/AMD)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.8-0ubuntu05.10.2_i386.deb\r\n Size/MD5: 3288954 2ced47739fac731f7347e497492df79e\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.8-0ubuntu05.10.2_i386.deb\r\n Size/MD5: 140348 f8b1ccb61ef81ba4b583f10369b82aee\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.8-0ubuntu05.10.2_i386.deb\r\n Size/MD5: 28262 ed05e4d9845d11e42062acd9d79e3a3b\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.8-0ubuntu05.10.2_i386.deb\r\n Size/MD5: 77656 586525c74b61275a49b3f91a549c31b4\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.8-0ubuntu05.10.2_i386.deb\r\n Size/MD5: 10380218 64dc49a7e9e75326164ca589aad327f1\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.8-0ubuntu05.10.2_powerpc.deb\r\n Size/MD5: 3286824 49338b4f633089ec3119f8a341992751\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.8-0ubuntu05.10.2_powerpc.deb\r\n Size/MD5: 140438 401fc8d07b433ac4d71a9a37c9f086a7\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.8-0ubuntu05.10.2_powerpc.deb\r\n Size/MD5: 28272 900eb236bc7e85f4d99177f12d0084f4\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.8-0ubuntu05.10.2_powerpc.deb\r\n Size/MD5: 77364 c7b1e38a5d83594885bbeb987b477865\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.8-0ubuntu05.10.2_powerpc.deb\r\n Size/MD5: 10489086 b2665fa914781ad11bf4e826c5825a1a\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.8-0ubuntu05.10.2_sparc.deb\r\n Size/MD5: 3286920 dd3b7e55abd608360b81e0db14b4376f\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.8-0ubuntu05.10.2_sparc.deb\r\n Size/MD5: 138920 2709c330b93517f8dfa3676ee1f2aa92\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.8-0ubuntu05.10.2_sparc.deb\r\n Size/MD5: 28268 feba2248d1093bed5fa21f463a8ea3a0\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.8-0ubuntu05.10.2_sparc.deb\r\n Size/MD5: 75314 d609546dfa5ff12c5e5c4a0e33efbf34\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.8-0ubuntu05.10.2_sparc.deb\r\n Size/MD5: 10165076 b9aaeb254fb107435156f01d70b64e9e", "modified": "2006-07-27T00:00:00", "published": "2006-07-27T00:00:00", "id": "SECURITYVULNS:DOC:13643", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:13643", "title": "[USN-297-3] Thunderbird vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T11:26:30", "bulletinFamily": "unix", "description": "This update fixes several security problems in the Mozilla Firefox 1.5 browser, Thunderbird 1.5 mail reader and Seamonkey Suite.\n#### Solution\nThere is no known workaround, please install the update packages.", "modified": "2006-06-23T08:11:46", "published": "2006-06-23T08:11:46", "id": "SUSE-SA:2006:035", "href": "http://lists.opensuse.org/opensuse-security-announce/2006-06/msg00022.html", "type": "suse", "title": "remote code execution in MozillaFirefox,MozillaThunderbird,Seamonkey", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2018-10-19T11:35:59", "bulletinFamily": "NVD", "description": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a \"View Image\" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting \"Show only this frame\" on a frame whose SRC attribute contains a Javascript URL.", "modified": "2018-10-18T12:42:45", "published": "2006-06-02T15:02:00", "id": "CVE-2006-2785", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2785", "title": "CVE-2006-2785", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-19T11:35:59", "bulletinFamily": "NVD", "description": "Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters.", "modified": "2018-10-18T12:42:26", "published": "2006-06-02T15:02:00", "id": "CVE-2006-2781", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2781", "title": "CVE-2006-2781", "type": "cve", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-30T12:23:10", "bulletinFamily": "NVD", "description": "Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.", "modified": "2018-10-18T12:34:33", "published": "2006-04-14T06:02:00", "id": "CVE-2006-1729", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-1729", "title": "CVE-2006-1729", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-10-19T11:35:59", "bulletinFamily": "NVD", "description": "Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via \"jsstr tagify,\" which leads to memory corruption.", "modified": "2018-10-18T12:42:19", "published": "2006-06-02T15:02:00", "id": "CVE-2006-2780", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2780", "title": "CVE-2006-2780", "type": "cve", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-19T11:35:59", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in Mozilla Firefox before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to execute arbitrary code by using the nsISelectionPrivate interface of the Selection object to add a SelectionListener and create notifications that are executed in a privileged context.", "modified": "2018-10-18T12:42:01", "published": "2006-06-02T14:02:00", "id": "CVE-2006-2777", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2777", "title": "CVE-2006-2777", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-19T11:35:59", "bulletinFamily": "NVD", "description": "The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow.", "modified": "2018-10-18T12:42:04", "published": "2006-06-02T14:02:00", "id": "CVE-2006-2778", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2778", "title": "CVE-2006-2778", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-19T11:35:59", "bulletinFamily": "NVD", "description": "Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended.", "modified": "2018-10-18T12:41:53", "published": "2006-06-02T14:02:00", "id": "CVE-2006-2776", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2776", "title": "CVE-2006-2776", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-19T11:35:59", "bulletinFamily": "NVD", "description": "Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) \"Content-implemented tree views,\" (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory corruption.", "modified": "2018-10-18T12:42:11", "published": "2006-06-02T15:02:00", "id": "CVE-2006-2779", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2779", "title": "CVE-2006-2779", "type": "cve", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-11T11:06:11", "bulletinFamily": "NVD", "description": "The Plugin Finder Service (PFS) in Firefox before 1.0.3 allows remote attackers to execute arbitrary code via a javascript: URL in the PLUGINSPAGE attribute of an EMBED tag.", "modified": "2017-10-10T21:30:00", "published": "2005-04-18T00:00:00", "id": "CVE-2005-0752", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0752", "title": "CVE-2005-0752", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-19T11:35:59", "bulletinFamily": "NVD", "description": "Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control.", "modified": "2018-10-18T12:42:30", "published": "2006-06-02T15:02:00", "id": "CVE-2006-2782", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2782", "title": "CVE-2006-2782", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:38:31", "bulletinFamily": "unix", "description": " [1.5.0.8-0.1.1.el4]\n - defaults changed to oracle...\n \n [1.5.0.8-0.1.el4]\n - Update to 1.5.0.8 (RC)\n \n [1.5.0.7-0.1.el4]\n - Update to 1.5.0.7\n \n [1.5.0.5-0.el4.2]\n - Fix the launcher and icons\n \n [1.5.0.5-0.el4.1]\n - Update to 1.5.0.5 ", "modified": "2006-12-07T00:00:00", "published": "2006-12-07T00:00:00", "id": "ELSA-2006-0611", "href": "http://linux.oracle.com/errata/ELSA-2006-0611.html", "title": "Critical thunderbird security update ", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:39:50", "bulletinFamily": "unix", "description": " [1.5.0.8-0.1.1.el4]\n - Replace default-bookmarks.html and default-prefs.js\n \n [1.5.0.8-0.1.el4]\n - Update to 1.5.0.8 (RC)\n \n [1.5.0.7-0.1.el4]\n - Update to 1.5.0.7\n \n [1.5.0.5-0.el4.1]\n - Update to 1.5.0.5 ", "modified": "2006-12-07T00:00:00", "published": "2006-12-07T00:00:00", "id": "ELSA-2006-0610", "href": "http://linux.oracle.com/errata/ELSA-2006-0610.html", "title": "Critical firefox security update ", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2018-03-28T20:54:49", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2006:0611\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\r\n\r\nThe Mozilla Foundation has discontinued support for the Mozilla Thunderbird\r\n1.0 branch. This update deprecates the Mozilla Thunderbird 1.0 branch in\r\nRed Hat Enterprise Linux 4 in favor of the supported Mozilla Thunderbird\r\n1.5 branch.\r\n\r\nThis update also resolves a number of outstanding Thunderbird security issues:\r\n\r\nSeveral flaws were found in the way Thunderbird processed certain\r\njavascript actions. A malicious mail message could execute arbitrary\r\njavascript instructions with the permissions of \"chrome\", allowing the page\r\nto steal sensitive information or install browser malware. (CVE-2006-2776,\r\nCVE-2006-2784, CVE-2006-2785, CVE-2006-2787, CVE-2006-3807, CVE-2006-3809)\r\n\r\nSeveral denial of service flaws were found in the way Thunderbird processed\r\ncertain mail messages. A malicious web page could crash the browser or\r\npossibly execute arbitrary code as the user running Thunderbird.\r\n(CVE-2006-2779, CVE-2006-2780, CVE-2006-3801, CVE-2006-3677,\r\nCVE-2006-3113, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3811)\r\n\r\nSeveral flaws were found in the way Thunderbird processed certain\r\njavascript actions. A malicious mail message could conduct a cross-site\r\nscripting attack or steal sensitive information (such as cookies owned by\r\nother domains). (CVE-2006-3802, CVE-2006-3810)\r\n\r\nA form file upload flaw was found in the way Thunderbird handled javascript\r\ninput object mutation. A malicious mail message could upload an arbitrary\r\nlocal file at form submission time without user interaction. (CVE-2006-2782)\r\n\r\nA denial of service flaw was found in the way Thunderbird called the\r\ncrypto.signText() javascript function. A malicious mail message could crash\r\nthe browser if the victim had a client certificate loaded. (CVE-2006-2778)\r\n\r\nA flaw was found in the way Thunderbird processed Proxy AutoConfig scripts.\r\nA malicious Proxy AutoConfig server could execute arbitrary javascript\r\ninstructions with the permissions of \"chrome\", allowing the page to steal\r\nsensitive information or install client malware. (CVE-2006-3808)\r\n\r\nNote: Please note that JavaScript support is disabled by default in\r\nThunderbird. The above issues are not exploitable with JavaScript disabled. \r\n\r\nTwo flaws were found in the way Thunderbird displayed malformed inline\r\nvcard attachments. If a victim viewed an email message containing a\r\ncarefully crafted vcard it was possible to execute arbitrary code as the\r\nuser running Thunderbird. (CVE-2006-2781, CVE-2006-3804)\r\n\r\nA cross site scripting flaw was found in the way Thunderbird processed\r\nUnicode Byte-order-Mark (BOM) markers in UTF-8 mail messages. A malicious\r\nweb page could execute a script within the browser that a web input\r\nsanitizer could miss due to a malformed \"script\" tag. (CVE-2006-2783)\r\n\r\nTwo HTTP response smuggling flaws were found in the way Thunderbird\r\nprocessed certain invalid HTTP response headers. A malicious web site could\r\nreturn specially crafted HTTP response headers which may bypass HTTP proxy\r\nrestrictions. (CVE-2006-2786)\r\n\r\nA double free flaw was found in the way the nsIX509::getRawDER method was\r\ncalled. If a victim visited a carefully crafted web page, it was possible\r\nto crash Thunderbird. (CVE-2006-2788)\r\n\r\nUsers of Thunderbird are advised to upgrade to this update, which contains\r\nThunderbird version 1.5.0.5 that corrects these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2006-August/013090.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/013073.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/013074.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/013085.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/013086.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2006-0611.html", "modified": "2006-08-01T12:35:08", "published": "2006-07-29T11:51:27", "href": "http://lists.centos.org/pipermail/centos-announce/2006-July/013073.html", "id": "CESA-2006:0611", "title": "thunderbird security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-24T23:01:02", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2006:0594-02\n\n\nSeaMonkey is an open source Web browser, advanced email and newsgroup\r\nclient, IRC chat client, and HTML editor.\r\n\r\nThe Mozilla Foundation has discontinued support for the Mozilla Suite. This\r\nupdate deprecates the Mozilla Suite in Red Hat Enterprise Linux 2.1 in\r\nfavor of the supported SeaMonkey Suite.\r\n\r\nThis update also resolves a number of outstanding Mozilla security issues:\r\n\r\nSeveral flaws were found in the way SeaMonkey processed certain javascript\r\nactions. A malicious web page could execute arbitrary javascript\r\ninstructions with the permissions of \"chrome\", allowing the page to steal\r\nsensitive information or install browser malware. (CVE-2006-2776,\r\nCVE-2006-2784, CVE-2006-2785, CVE-2006-2787, CVE-2006-3807, CVE-2006-3809,\r\nCVE-2006-3812)\r\n\r\nSeveral denial of service flaws were found in the way SeaMonkey processed\r\ncertain web content. A malicious web page could crash the browser or\r\npossibly execute arbitrary code as the user running SeaMonkey.\r\n(CVE-2006-2779, CVE-2006-2780, CVE-2006-3801, CVE-2006-3677, CVE-2006-3113,\r\nCVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3811)\r\n\r\nTwo flaws were found in the way SeaMonkey Messenger displayed malformed\r\ninline vcard attachments. If a victim viewed an email message containing\r\na carefully crafted vcard it was possible to execute arbitrary code as the\r\nuser running SeaMonkey Messenger. (CVE-2006-2781, CVE-2006-3804)\r\n\r\nA cross-site scripting flaw was found in the way SeaMonkey processed\r\nUnicode Byte-Order-Mark (BOM) markers in UTF-8 web pages. A malicious web\r\npage could execute a script within the browser that a web input sanitizer\r\ncould miss due to a malformed \"script\" tag. (CVE-2006-2783)\r\n\r\nSeveral flaws were found in the way SeaMonkey processed certain javascript\r\nactions. A malicious web page could conduct a cross-site scripting attack\r\nor steal sensitive information (such as cookies owned by other domains).\r\n(CVE-2006-3802, CVE-2006-3810)\r\n\r\nA form file upload flaw was found in the way SeaMonkey handled javascript\r\ninput object mutation. A malicious web page could upload an arbitrary local\r\nfile at form submission time without user interaction. (CVE-2006-2782)\r\n\r\nA denial of service flaw was found in the way SeaMonkey called the\r\ncrypto.signText() javascript function. A malicious web page could crash the\r\nbrowser if the victim had a client certificate loaded. (CVE-2006-2778)\r\n\r\nTwo HTTP response smuggling flaws were found in the way SeaMonkey processed\r\ncertain invalid HTTP response headers. A malicious web site could return\r\nspecially crafted HTTP response headers which may bypass HTTP proxy\r\nrestrictions. (CVE-2006-2786)\r\n\r\nA flaw was found in the way SeaMonkey processed Proxy AutoConfig scripts. A\r\nmalicious Proxy AutoConfig server could execute arbitrary javascript\r\ninstructions with the permissions of \"chrome\", allowing the page to steal\r\nsensitive information or install browser malware. (CVE-2006-3808)\r\n\r\nA double free flaw was found in the way the nsIX509::getRawDER method was\r\ncalled. If a victim visited a carefully crafted web page it was possible to\r\nexecute arbitrary code as the user running SeaMonkey. (CVE-2006-2788)\r\n\r\nUsers of Mozilla are advised to upgrade to this update, which contains\r\nSeaMonkey version 1.0.3 that corrects these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2006-September/013188.html\n\n**Affected packages:**\nseamonkey\nseamonkey-chat\nseamonkey-devel\nseamonkey-dom-inspector\nseamonkey-js-debugger\nseamonkey-mail\nseamonkey-nspr\nseamonkey-nspr-devel\nseamonkey-nss\nseamonkey-nss-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "modified": "2006-09-05T00:01:38", "published": "2006-09-05T00:01:38", "href": "http://lists.centos.org/pipermail/centos-announce/2006-September/013188.html", "id": "CESA-2006:0594-02", "title": "seamonkey security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:25:14", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2006:0609\n\n\nSeamonkey is an open source Web browser, advanced email and newsgroup\r\nclient, IRC chat client, and HTML editor.\r\n\r\nThe Mozilla Foundation has discontinued support for the Mozilla Suite. This\r\nupdate deprecates the Mozilla Suite in Red Hat Enterprise Linux 4 in\r\nfavor of the supported Seamonkey Suite.\r\n\r\nThis update also resolves a number of outstanding Mozilla security issues:\r\n\r\nSeveral flaws were found in the way Seamonkey processed certain javascript\r\nactions. A malicious web page could execute arbitrary javascript\r\ninstructions with the permissions of \"chrome\", allowing the page to steal\r\nsensitive information or install browser malware. (CVE-2006-2776,\r\nCVE-2006-2784, CVE-2006-2785, CVE-2006-2787, CVE-2006-3807, CVE-2006-3809,\r\nCVE-2006-3812)\r\n\r\nSeveral denial of service flaws were found in the way Seamonkey processed\r\ncertain web content. A malicious web page could crash the browser or\r\npossibly execute arbitrary code as the user running Seamonkey.\r\n(CVE-2006-2779, CVE-2006-2780, CVE-2006-3801, CVE-2006-3677, CVE-2006-3113,\r\nCVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3811)\r\n\r\nTwo flaws were found in the way Seamonkey-mail displayed malformed\r\ninline vcard attachments. If a victim viewed an email message containing\r\na carefully crafted vcard it was possible to execute arbitrary code as the\r\nuser running Mozilla-mail. (CVE-2006-2781, CVE-2006-3804)\r\n\r\nA cross-site scripting flaw was found in the way Seamonkey processed\r\nUnicode Byte-Order-Mark (BOM) markers in UTF-8 web pages. A malicious web\r\npage could execute a script within the browser that a web input sanitizer\r\ncould miss due to a malformed \"script\" tag. (CVE-2006-2783)\r\n\r\nSeveral flaws were found in the way Seamonkey processed certain javascript\r\nactions. A malicious web page could conduct a cross-site scripting attack\r\nor steal sensitive information (such as cookies owned by other domains).\r\n(CVE-2006-3802, CVE-2006-3810)\r\n\r\nA form file upload flaw was found in the way Seamonkey handled javascript\r\ninput object mutation. A malicious web page could upload an arbitrary local\r\nfile at form submission time without user interaction. (CVE-2006-2782)\r\n\r\nA denial of service flaw was found in the way Seamonkey called the\r\ncrypto.signText() javascript function. A malicious web page could crash the\r\nbrowser if the victim had a client certificate loaded. (CVE-2006-2778)\r\n\r\nTwo HTTP response smuggling flaws were found in the way Seamonkey processed\r\ncertain invalid HTTP response headers. A malicious web site could return\r\nspecially crafted HTTP response headers which may bypass HTTP proxy\r\nrestrictions. (CVE-2006-2786)\r\n\r\nA flaw was found in the way Seamonkey processed Proxy AutoConfig scripts. A\r\nmalicious Proxy AutoConfig server could execute arbitrary javascript\r\ninstructions with the permissions of \"chrome\", allowing the page to steal\r\nsensitive information or install browser malware. (CVE-2006-3808)\r\n\r\nA double free flaw was found in the way the nsIX509::getRawDER method was\r\ncalled. If a victim visited a carefully crafted web page, it was possible\r\nto execute arbitrary code as the user running Mozilla. (CVE-2006-2788)\r\n\r\nUsers of Mozilla are advised to upgrade to this update, which contains\r\nSeamonkey version 1.0.3 that corrects these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2006-August/013116.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-August/013117.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-August/013125.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-August/013126.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-August/013127.html\n\n**Affected packages:**\ndevhelp\ndevhelp-devel\nseamonkey\nseamonkey-chat\nseamonkey-devel\nseamonkey-dom-inspector\nseamonkey-js-debugger\nseamonkey-mail\nseamonkey-nspr\nseamonkey-nspr-devel\nseamonkey-nss\nseamonkey-nss-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2006-0609.html", "modified": "2006-08-06T16:11:30", "published": "2006-08-05T15:16:05", "href": "http://lists.centos.org/pipermail/centos-announce/2006-August/013116.html", "id": "CESA-2006:0609", "title": "devhelp, seamonkey security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-28T20:55:18", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2006:0610\n\n\nMozilla Firefox is an open source Web browser.\r\n\r\nThe Mozilla Foundation has discontinued support for the Mozilla Firefox\r\n1.0 branch. This update deprecates the Mozilla Firefox 1.0 branch in\r\nRed Hat Enterprise Linux 4 in favor of the supported Mozilla Firefox\r\n1.5 branch.\r\n\r\nThis update also resolves a number of outstanding Firefox security issues:\r\n\r\nSeveral flaws were found in the way Firefox processed certain javascript\r\nactions. A malicious web page could execute arbitrary javascript\r\ninstructions with the permissions of \"chrome\", allowing the page to steal\r\nsensitive information or install browser malware. (CVE-2006-2776,\r\nCVE-2006-2784, CVE-2006-2785, CVE-2006-2787, CVE-2006-3807, CVE-2006-3809,\r\nCVE-2006-3812)\r\n\r\nSeveral denial of service flaws were found in the way Firefox processed\r\ncertain web content. A malicious web page could crash the browser or\r\npossibly execute arbitrary code as the user running Firefox.\r\n(CVE-2006-2779, CVE-2006-2780, CVE-2006-3801, CVE-2006-3677, CVE-2006-3113,\r\nCVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3811)\r\n\r\nA cross-site scripting flaw was found in the way Firefox processed\r\nUnicode Byte-Order-Mark (BOM) markers in UTF-8 web pages. A malicious web\r\npage could execute a script within the browser that a web input sanitizer\r\ncould miss due to a malformed \"script\" tag. (CVE-2006-2783)\r\n\r\nSeveral flaws were found in the way Firefox processed certain javascript\r\nactions. A malicious web page could conduct a cross-site scripting attack\r\nor steal sensitive information (such as cookies owned by other domains).\r\n(CVE-2006-3802, CVE-2006-3810)\r\n\r\nA form file upload flaw was found in the way Firefox handled javascript\r\ninput object mutation. A malicious web page could upload an arbitrary local\r\nfile at form submission time without user interaction. (CVE-2006-2782)\r\n\r\nA denial of service flaw was found in the way Firefox called the\r\ncrypto.signText() javascript function. A malicious web page could crash the\r\nbrowser if the victim had a client certificate loaded. (CVE-2006-2778)\r\n\r\nTwo HTTP response smuggling flaws were found in the way Firefox processed\r\ncertain invalid HTTP response headers. A malicious web site could return\r\nspecially crafted HTTP response headers which may bypass HTTP proxy\r\nrestrictions. (CVE-2006-2786)\r\n\r\nA flaw was found in the way Firefox processed Proxy AutoConfig scripts. A\r\nmalicious Proxy AutoConfig server could execute arbitrary javascript\r\ninstructions with the permissions of \"chrome\", allowing the page to steal\r\nsensitive information or install browser malware. (CVE-2006-3808)\r\n\r\nA double free flaw was found in the way the nsIX509::getRawDER method was\r\ncalled. If a victim visited a carefully crafted web page, it was possible\r\nto execute arbitrary code as the user running Firefox. (CVE-2006-2788)\r\n\r\nUsers of Firefox are advised to upgrade to this update, which contains\r\nFirefox version 1.5.0.5 that corrects these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2006-August/013087.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/013071.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/013072.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/013083.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/013084.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2006-0610.html", "modified": "2006-08-01T01:49:26", "published": "2006-07-29T11:51:13", "href": "http://lists.centos.org/pipermail/centos-announce/2006-July/013071.html", "id": "CESA-2006:0610", "title": "firefox security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:21", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nVendor URL: http://www.mozilla.org/\nVendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=325947\nVendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=328566\n[Vendor Specific Advisory URL](http://www.mozilla.org/security/announce/2006/mfsa2006-23.html)\n[Vendor Specific Advisory URL](http://www.us.debian.org/security/2006/dsa-1051)\n[Vendor Specific Advisory URL](ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt)\n[Vendor Specific Advisory URL](ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc)\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1)\n[Vendor Specific Advisory URL](http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:075)\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-275-1)\n[Secunia Advisory ID:19696](https://secuniaresearch.flexerasoftware.com/advisories/19696/)\n[Secunia Advisory ID:19729](https://secuniaresearch.flexerasoftware.com/advisories/19729/)\n[Secunia Advisory ID:19811](https://secuniaresearch.flexerasoftware.com/advisories/19811/)\n[Secunia Advisory ID:19852](https://secuniaresearch.flexerasoftware.com/advisories/19852/)\n[Secunia Advisory ID:19902](https://secuniaresearch.flexerasoftware.com/advisories/19902/)\n[Secunia Advisory ID:22066](https://secuniaresearch.flexerasoftware.com/advisories/22066/)\n[Secunia Advisory ID:19631](https://secuniaresearch.flexerasoftware.com/advisories/19631/)\n[Secunia Advisory ID:19746](https://secuniaresearch.flexerasoftware.com/advisories/19746/)\n[Secunia Advisory ID:19794](https://secuniaresearch.flexerasoftware.com/advisories/19794/)\n[Secunia Advisory ID:19863](https://secuniaresearch.flexerasoftware.com/advisories/19863/)\n[Secunia Advisory ID:21033](https://secuniaresearch.flexerasoftware.com/advisories/21033/)\n[Secunia Advisory ID:21622](https://secuniaresearch.flexerasoftware.com/advisories/21622/)\n[Secunia Advisory ID:19941](https://secuniaresearch.flexerasoftware.com/advisories/19941/)\n[Secunia Advisory ID:19649](https://secuniaresearch.flexerasoftware.com/advisories/19649/)\n[Secunia Advisory ID:19714](https://secuniaresearch.flexerasoftware.com/advisories/19714/)\n[Secunia Advisory ID:19721](https://secuniaresearch.flexerasoftware.com/advisories/19721/)\n[Secunia Advisory ID:19759](https://secuniaresearch.flexerasoftware.com/advisories/19759/)\n[Secunia Advisory ID:19862](https://secuniaresearch.flexerasoftware.com/advisories/19862/)\nRedHat RHSA: RHSA-2006:0328\nRedHat RHSA: RHSA-2006:0329\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html\nOther Advisory URL: http://www.debian.org/security/2006/dsa-1046\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml\nOther Advisory URL: http://www.ubuntu.com/usn/usn-271-1\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1044\nKeyword: MFSA 2006-23\n[CVE-2006-1729](https://vulners.com/cve/CVE-2006-1729)\n", "modified": "2006-04-13T05:32:42", "published": "2006-04-13T05:32:42", "href": "https://vulners.com/osvdb/OSVDB:24678", "id": "OSVDB:24678", "type": "osvdb", "title": "Mozilla Multiple Product Text Box Arbitrary File Access", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-04-28T13:20:22", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://www.caminobrowser.org/releases/1.0.2.php\nVendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=330897\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-323-1)\n[Vendor Specific Advisory URL](http://www.mandriva.com/security/advisories?name=MDKSA-2006:143)\n[Vendor Specific Advisory URL](http://www.mozilla.org/security/announce/2006/mfsa2006-38.html)\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml)\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-297-3)\nSecurity Tracker: 1016214\nSecurity Tracker: 1016202\n[Secunia Advisory ID:20561](https://secuniaresearch.flexerasoftware.com/advisories/20561/)\n[Secunia Advisory ID:21188](https://secuniaresearch.flexerasoftware.com/advisories/21188/)\n[Secunia Advisory ID:21210](https://secuniaresearch.flexerasoftware.com/advisories/21210/)\n[Secunia Advisory ID:22066](https://secuniaresearch.flexerasoftware.com/advisories/22066/)\n[Secunia Advisory ID:20376](https://secuniaresearch.flexerasoftware.com/advisories/20376/)\n[Secunia Advisory ID:21176](https://secuniaresearch.flexerasoftware.com/advisories/21176/)\n[Secunia Advisory ID:21178](https://secuniaresearch.flexerasoftware.com/advisories/21178/)\n[Secunia Advisory ID:21324](https://secuniaresearch.flexerasoftware.com/advisories/21324/)\n[Secunia Advisory ID:21532](https://secuniaresearch.flexerasoftware.com/advisories/21532/)\n[Secunia Advisory ID:21607](https://secuniaresearch.flexerasoftware.com/advisories/21607/)\n[Secunia Advisory ID:22065](https://secuniaresearch.flexerasoftware.com/advisories/22065/)\n[Secunia Advisory ID:20382](https://secuniaresearch.flexerasoftware.com/advisories/20382/)\n[Secunia Advisory ID:20394](https://secuniaresearch.flexerasoftware.com/advisories/20394/)\n[Secunia Advisory ID:20709](https://secuniaresearch.flexerasoftware.com/advisories/20709/)\n[Secunia Advisory ID:21134](https://secuniaresearch.flexerasoftware.com/advisories/21134/)\n[Secunia Advisory ID:21183](https://secuniaresearch.flexerasoftware.com/advisories/21183/)\n[Secunia Advisory ID:21269](https://secuniaresearch.flexerasoftware.com/advisories/21269/)\n[Secunia Advisory ID:21270](https://secuniaresearch.flexerasoftware.com/advisories/21270/)\n[Secunia Advisory ID:21336](https://secuniaresearch.flexerasoftware.com/advisories/21336/)\n[Secunia Advisory ID:21631](https://secuniaresearch.flexerasoftware.com/advisories/21631/)\nRedHat RHSA: RHSA-2006:0578\nRedHat RHSA: RHSA-2006:0609\nRedHat RHSA: RHSA-2006:0611\nRedHat RHSA: RHSA-2006:0610\nRedHat RHSA: RHSA-2006:0594\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1120\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:146\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1118\nOther Advisory URL: http://www.ubuntu.com/usn/usn-296-2\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1134\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0696.html\nFrSIRT Advisory: ADV-2006-2106\n[CVE-2006-2778](https://vulners.com/cve/CVE-2006-2778)\nCERT VU: 421529\nBugtraq ID: 18228\n", "modified": "2006-06-01T06:35:30", "published": "2006-06-01T06:35:30", "href": "https://vulners.com/osvdb/OSVDB:26311", "id": "OSVDB:26311", "type": "osvdb", "title": "Mozilla Multiple Product crypto.signText Function Overflow", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-04-28T13:20:22", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://www.caminobrowser.org/releases/1.0.2.php\nVendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=335535\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-323-1)\n[Vendor Specific Advisory URL](http://www.mandriva.com/security/advisories?name=MDKSA-2006:143)\n[Vendor Specific Advisory URL](http://www.mozilla.org/security/announce/2006/mfsa2006-32.html)\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml)\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-297-3)\nSecurity Tracker: 1016214\nSecurity Tracker: 1016202\n[Secunia Advisory ID:20561](https://secuniaresearch.flexerasoftware.com/advisories/20561/)\n[Secunia Advisory ID:21188](https://secuniaresearch.flexerasoftware.com/advisories/21188/)\n[Secunia Advisory ID:21210](https://secuniaresearch.flexerasoftware.com/advisories/21210/)\n[Secunia Advisory ID:22066](https://secuniaresearch.flexerasoftware.com/advisories/22066/)\n[Secunia Advisory ID:20376](https://secuniaresearch.flexerasoftware.com/advisories/20376/)\n[Secunia Advisory ID:21176](https://secuniaresearch.flexerasoftware.com/advisories/21176/)\n[Secunia Advisory ID:21178](https://secuniaresearch.flexerasoftware.com/advisories/21178/)\n[Secunia Advisory ID:21324](https://secuniaresearch.flexerasoftware.com/advisories/21324/)\n[Secunia Advisory ID:21532](https://secuniaresearch.flexerasoftware.com/advisories/21532/)\n[Secunia Advisory ID:21607](https://secuniaresearch.flexerasoftware.com/advisories/21607/)\n[Secunia Advisory ID:22065](https://secuniaresearch.flexerasoftware.com/advisories/22065/)\n[Secunia Advisory ID:20382](https://secuniaresearch.flexerasoftware.com/advisories/20382/)\n[Secunia Advisory ID:20394](https://secuniaresearch.flexerasoftware.com/advisories/20394/)\n[Secunia Advisory ID:20709](https://secuniaresearch.flexerasoftware.com/advisories/20709/)\n[Secunia Advisory ID:27216](https://secuniaresearch.flexerasoftware.com/advisories/27216/)\n[Secunia Advisory ID:21134](https://secuniaresearch.flexerasoftware.com/advisories/21134/)\n[Secunia Advisory ID:21183](https://secuniaresearch.flexerasoftware.com/advisories/21183/)\n[Secunia Advisory ID:21269](https://secuniaresearch.flexerasoftware.com/advisories/21269/)\n[Secunia Advisory ID:21270](https://secuniaresearch.flexerasoftware.com/advisories/21270/)\n[Secunia Advisory ID:21336](https://secuniaresearch.flexerasoftware.com/advisories/21336/)\n[Secunia Advisory ID:21631](https://secuniaresearch.flexerasoftware.com/advisories/21631/)\n[Related OSVDB ID: 26302](https://vulners.com/osvdb/OSVDB:26302)\nRedHat RHSA: RHSA-2006:0578\nRedHat RHSA: RHSA-2006:0609\nRedHat RHSA: RHSA-2006:0611\nRedHat RHSA: RHSA-2006:0610\nRedHat RHSA: RHSA-2006:0594\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1120\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:146\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1118\nOther Advisory URL: http://www.ubuntu.com/usn/usn-296-2\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1134\nOther Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102943-1\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0696.html\nFrSIRT Advisory: ADV-2006-2106\n[CVE-2006-2780](https://vulners.com/cve/CVE-2006-2780)\nCERT VU: 466673\nBugtraq ID: 18228\n", "modified": "2006-06-01T06:35:30", "published": "2006-06-01T06:35:30", "href": "https://vulners.com/osvdb/OSVDB:26301", "id": "OSVDB:26301", "type": "osvdb", "title": "Mozilla Multiple Product jsstr tagify Overflow", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-04-28T13:20:22", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://www.caminobrowser.org/releases/1.0.2.php\nVendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=324918\n[Vendor Specific Advisory URL](http://www.us.debian.org/security/2006/dsa-1160)\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-323-1)\n[Vendor Specific Advisory URL](http://www.mandriva.com/security/advisories?name=MDKSA-2006:143)\n[Vendor Specific Advisory URL](http://www.mozilla.org/security/announce/2006/mfsa2006-32.html)\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml)\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-297-3)\n[Vendor Specific Advisory URL](http://www.us.debian.org/security/2006/dsa-1159)\nSecurity Tracker: 1016214\nSecurity Tracker: 1016202\n[Secunia Advisory ID:20561](https://secuniaresearch.flexerasoftware.com/advisories/20561/)\n[Secunia Advisory ID:21188](https://secuniaresearch.flexerasoftware.com/advisories/21188/)\n[Secunia Advisory ID:21210](https://secuniaresearch.flexerasoftware.com/advisories/21210/)\n[Secunia Advisory ID:22066](https://secuniaresearch.flexerasoftware.com/advisories/22066/)\n[Secunia Advisory ID:20376](https://secuniaresearch.flexerasoftware.com/advisories/20376/)\n[Secunia Advisory ID:21176](https://secuniaresearch.flexerasoftware.com/advisories/21176/)\n[Secunia Advisory ID:21178](https://secuniaresearch.flexerasoftware.com/advisories/21178/)\n[Secunia Advisory ID:21324](https://secuniaresearch.flexerasoftware.com/advisories/21324/)\n[Secunia Advisory ID:21532](https://secuniaresearch.flexerasoftware.com/advisories/21532/)\n[Secunia Advisory ID:21607](https://secuniaresearch.flexerasoftware.com/advisories/21607/)\n[Secunia Advisory ID:21634](https://secuniaresearch.flexerasoftware.com/advisories/21634/)\n[Secunia Advisory ID:22065](https://secuniaresearch.flexerasoftware.com/advisories/22065/)\n[Secunia Advisory ID:20382](https://secuniaresearch.flexerasoftware.com/advisories/20382/)\n[Secunia Advisory ID:20394](https://secuniaresearch.flexerasoftware.com/advisories/20394/)\n[Secunia Advisory ID:20709](https://secuniaresearch.flexerasoftware.com/advisories/20709/)\n[Secunia Advisory ID:21654](https://secuniaresearch.flexerasoftware.com/advisories/21654/)\n[Secunia Advisory ID:27216](https://secuniaresearch.flexerasoftware.com/advisories/27216/)\n[Secunia Advisory ID:21134](https://secuniaresearch.flexerasoftware.com/advisories/21134/)\n[Secunia Advisory ID:21183](https://secuniaresearch.flexerasoftware.com/advisories/21183/)\n[Secunia Advisory ID:21269](https://secuniaresearch.flexerasoftware.com/advisories/21269/)\n[Secunia Advisory ID:21270](https://secuniaresearch.flexerasoftware.com/advisories/21270/)\n[Secunia Advisory ID:21336](https://secuniaresearch.flexerasoftware.com/advisories/21336/)\n[Secunia Advisory ID:21631](https://secuniaresearch.flexerasoftware.com/advisories/21631/)\n[Related OSVDB ID: 26303](https://vulners.com/osvdb/OSVDB:26303)\n[Related OSVDB ID: 26301](https://vulners.com/osvdb/OSVDB:26301)\n[Related OSVDB ID: 26304](https://vulners.com/osvdb/OSVDB:26304)\n[Related OSVDB ID: 26305](https://vulners.com/osvdb/OSVDB:26305)\n[Related OSVDB ID: 26306](https://vulners.com/osvdb/OSVDB:26306)\n[Related OSVDB ID: 26307](https://vulners.com/osvdb/OSVDB:26307)\nRedHat RHSA: RHSA-2006:0578\nRedHat RHSA: RHSA-2006:0609\nRedHat RHSA: RHSA-2006:0611\nRedHat RHSA: RHSA-2006:0610\nRedHat RHSA: RHSA-2006:0594\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1120\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:146\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1118\nOther Advisory URL: http://www.ubuntu.com/usn/usn-296-2\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1134\nOther Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102943-1\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0696.html\n[CVE-2006-2779](https://vulners.com/cve/CVE-2006-2779)\nCERT VU: 466673\nBugtraq ID: 18228\n", "modified": "2006-06-01T06:35:30", "published": "2006-06-01T06:35:30", "href": "https://vulners.com/osvdb/OSVDB:26302", "id": "OSVDB:26302", "type": "osvdb", "title": "Mozilla Multiple Product Select Tag Nested Option Memory Corruption", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-04-28T13:20:11", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nVendor URL: http://www.mozilla.org/\nVendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=288556\nVendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=289171\n[Vendor Specific Advisory URL](http://www.novell.com/linux/security/advisories/2005_28_mozilla_firefox.html)\n[Vendor Specific Advisory URL](http://www.mozilla.org/security/announce/mfsa2005-34.html)\n[Secunia Advisory ID:22066](https://secuniaresearch.flexerasoftware.com/advisories/22066/)\n[Secunia Advisory ID:15002](https://secuniaresearch.flexerasoftware.com/advisories/15002/)\n[Secunia Advisory ID:14938](https://secuniaresearch.flexerasoftware.com/advisories/14938/)\n[Secunia Advisory ID:15034](https://secuniaresearch.flexerasoftware.com/advisories/15034/)\nRedHat RHSA: RHSA-2005:383\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200504-18.xml\n[CVE-2005-0752](https://vulners.com/cve/CVE-2005-0752)\n", "modified": "2005-03-31T06:33:21", "published": "2005-03-31T06:33:21", "href": "https://vulners.com/osvdb/OSVDB:15683", "id": "OSVDB:15683", "title": "Mozilla EMBED Tag PLUGINSPAGE Attribute Arbitrary Code Execution", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:22", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://www.caminobrowser.org/releases/1.0.2.php\nVendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=332971\n[Vendor Specific Advisory URL](http://www.us.debian.org/security/2006/dsa-1160)\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-323-1)\n[Vendor Specific Advisory URL](http://www.mandriva.com/security/advisories?name=MDKSA-2006:143)\n[Vendor Specific Advisory URL](http://www.mozilla.org/security/announce/2006/mfsa2006-32.html)\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml)\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-297-3)\n[Vendor Specific Advisory URL](http://www.us.debian.org/security/2006/dsa-1159)\nSecurity Tracker: 1016214\nSecurity Tracker: 1016202\n[Secunia Advisory ID:20561](https://secuniaresearch.flexerasoftware.com/advisories/20561/)\n[Secunia Advisory ID:21188](https://secuniaresearch.flexerasoftware.com/advisories/21188/)\n[Secunia Advisory ID:21210](https://secuniaresearch.flexerasoftware.com/advisories/21210/)\n[Secunia Advisory ID:22066](https://secuniaresearch.flexerasoftware.com/advisories/22066/)\n[Secunia Advisory ID:20376](https://secuniaresearch.flexerasoftware.com/advisories/20376/)\n[Secunia Advisory ID:21176](https://secuniaresearch.flexerasoftware.com/advisories/21176/)\n[Secunia Advisory ID:21178](https://secuniaresearch.flexerasoftware.com/advisories/21178/)\n[Secunia Advisory ID:21324](https://secuniaresearch.flexerasoftware.com/advisories/21324/)\n[Secunia Advisory ID:21532](https://secuniaresearch.flexerasoftware.com/advisories/21532/)\n[Secunia Advisory ID:21607](https://secuniaresearch.flexerasoftware.com/advisories/21607/)\n[Secunia Advisory ID:21634](https://secuniaresearch.flexerasoftware.com/advisories/21634/)\n[Secunia Advisory ID:22065](https://secuniaresearch.flexerasoftware.com/advisories/22065/)\n[Secunia Advisory ID:20382](https://secuniaresearch.flexerasoftware.com/advisories/20382/)\n[Secunia Advisory ID:20394](https://secuniaresearch.flexerasoftware.com/advisories/20394/)\n[Secunia Advisory ID:20709](https://secuniaresearch.flexerasoftware.com/advisories/20709/)\n[Secunia Advisory ID:21654](https://secuniaresearch.flexerasoftware.com/advisories/21654/)\n[Secunia Advisory ID:27216](https://secuniaresearch.flexerasoftware.com/advisories/27216/)\n[Secunia Advisory ID:21134](https://secuniaresearch.flexerasoftware.com/advisories/21134/)\n[Secunia Advisory ID:21183](https://secuniaresearch.flexerasoftware.com/advisories/21183/)\n[Secunia Advisory ID:21269](https://secuniaresearch.flexerasoftware.com/advisories/21269/)\n[Secunia Advisory ID:21270](https://secuniaresearch.flexerasoftware.com/advisories/21270/)\n[Secunia Advisory ID:21336](https://secuniaresearch.flexerasoftware.com/advisories/21336/)\n[Secunia Advisory ID:21631](https://secuniaresearch.flexerasoftware.com/advisories/21631/)\n[Related OSVDB ID: 26303](https://vulners.com/osvdb/OSVDB:26303)\n[Related OSVDB ID: 26301](https://vulners.com/osvdb/OSVDB:26301)\n[Related OSVDB ID: 26304](https://vulners.com/osvdb/OSVDB:26304)\n[Related OSVDB ID: 26305](https://vulners.com/osvdb/OSVDB:26305)\n[Related OSVDB ID: 26306](https://vulners.com/osvdb/OSVDB:26306)\n[Related OSVDB ID: 26302](https://vulners.com/osvdb/OSVDB:26302)\nRedHat RHSA: RHSA-2006:0578\nRedHat RHSA: RHSA-2006:0609\nRedHat RHSA: RHSA-2006:0611\nRedHat RHSA: RHSA-2006:0610\nRedHat RHSA: RHSA-2006:0594\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1120\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:146\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1118\nOther Advisory URL: http://www.ubuntu.com/usn/usn-296-2\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1134\nOther Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102943-1\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0696.html\n[CVE-2006-2779](https://vulners.com/cve/CVE-2006-2779)\nCERT VU: 466673\nBugtraq ID: 18228\n", "modified": "2006-06-01T06:35:30", "published": "2006-06-01T06:35:30", "href": "https://vulners.com/osvdb/OSVDB:26307", "id": "OSVDB:26307", "type": "osvdb", "title": "Mozilla Multiple Product iframe Self Removal Memory Corruption", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-04-28T13:20:22", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://www.caminobrowser.org/releases/1.0.2.php\nVendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=327712\n[Vendor Specific Advisory URL](http://www.us.debian.org/security/2006/dsa-1160)\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-323-1)\n[Vendor Specific Advisory URL](http://www.mandriva.com/security/advisories?name=MDKSA-2006:143)\n[Vendor Specific Advisory URL](http://www.mozilla.org/security/announce/2006/mfsa2006-32.html)\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml)\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-297-3)\n[Vendor Specific Advisory URL](http://www.us.debian.org/security/2006/dsa-1159)\nSecurity Tracker: 1016214\nSecurity Tracker: 1016202\n[Secunia Advisory ID:20561](https://secuniaresearch.flexerasoftware.com/advisories/20561/)\n[Secunia Advisory ID:21188](https://secuniaresearch.flexerasoftware.com/advisories/21188/)\n[Secunia Advisory ID:21210](https://secuniaresearch.flexerasoftware.com/advisories/21210/)\n[Secunia Advisory ID:22066](https://secuniaresearch.flexerasoftware.com/advisories/22066/)\n[Secunia Advisory ID:20376](https://secuniaresearch.flexerasoftware.com/advisories/20376/)\n[Secunia Advisory ID:21176](https://secuniaresearch.flexerasoftware.com/advisories/21176/)\n[Secunia Advisory ID:21178](https://secuniaresearch.flexerasoftware.com/advisories/21178/)\n[Secunia Advisory ID:21324](https://secuniaresearch.flexerasoftware.com/advisories/21324/)\n[Secunia Advisory ID:21532](https://secuniaresearch.flexerasoftware.com/advisories/21532/)\n[Secunia Advisory ID:21607](https://secuniaresearch.flexerasoftware.com/advisories/21607/)\n[Secunia Advisory ID:21634](https://secuniaresearch.flexerasoftware.com/advisories/21634/)\n[Secunia Advisory ID:22065](https://secuniaresearch.flexerasoftware.com/advisories/22065/)\n[Secunia Advisory ID:20382](https://secuniaresearch.flexerasoftware.com/advisories/20382/)\n[Secunia Advisory ID:20394](https://secuniaresearch.flexerasoftware.com/advisories/20394/)\n[Secunia Advisory ID:20709](https://secuniaresearch.flexerasoftware.com/advisories/20709/)\n[Secunia Advisory ID:21654](https://secuniaresearch.flexerasoftware.com/advisories/21654/)\n[Secunia Advisory ID:27216](https://secuniaresearch.flexerasoftware.com/advisories/27216/)\n[Secunia Advisory ID:21134](https://secuniaresearch.flexerasoftware.com/advisories/21134/)\n[Secunia Advisory ID:21183](https://secuniaresearch.flexerasoftware.com/advisories/21183/)\n[Secunia Advisory ID:21269](https://secuniaresearch.flexerasoftware.com/advisories/21269/)\n[Secunia Advisory ID:21270](https://secuniaresearch.flexerasoftware.com/advisories/21270/)\n[Secunia Advisory ID:21336](https://secuniaresearch.flexerasoftware.com/advisories/21336/)\n[Secunia Advisory ID:21631](https://secuniaresearch.flexerasoftware.com/advisories/21631/)\n[Related OSVDB ID: 26303](https://vulners.com/osvdb/OSVDB:26303)\n[Related OSVDB ID: 26301](https://vulners.com/osvdb/OSVDB:26301)\n[Related OSVDB ID: 26304](https://vulners.com/osvdb/OSVDB:26304)\n[Related OSVDB ID: 26305](https://vulners.com/osvdb/OSVDB:26305)\n[Related OSVDB ID: 26307](https://vulners.com/osvdb/OSVDB:26307)\n[Related OSVDB ID: 26302](https://vulners.com/osvdb/OSVDB:26302)\nRedHat RHSA: RHSA-2006:0578\nRedHat RHSA: RHSA-2006:0609\nRedHat RHSA: RHSA-2006:0611\nRedHat RHSA: RHSA-2006:0610\nRedHat RHSA: RHSA-2006:0594\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1120\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:146\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1118\nOther Advisory URL: http://www.ubuntu.com/usn/usn-296-2\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1134\nOther Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102943-1\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0696.html\n[CVE-2006-2779](https://vulners.com/cve/CVE-2006-2779)\nCERT VU: 466673\nBugtraq ID: 18228\n", "modified": "2006-06-01T06:35:30", "published": "2006-06-01T06:35:30", "href": "https://vulners.com/osvdb/OSVDB:26306", "id": "OSVDB:26306", "type": "osvdb", "title": "Mozilla Multiple Product XBL Implementation Memory Corruption", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-04-28T13:20:22", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=334384\nVendor Specific News/Changelog Entry: http://www.caminobrowser.org/releases/1.0.2.php\n[Vendor Specific Advisory URL](http://www.mozilla.org/security/announce/2006/mfsa2006-40.html)\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-323-1)\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-297-3)\nSecurity Tracker: 1016214\n[Secunia Advisory ID:21210](https://secuniaresearch.flexerasoftware.com/advisories/21210/)\n[Secunia Advisory ID:22066](https://secuniaresearch.flexerasoftware.com/advisories/22066/)\n[Secunia Advisory ID:20376](https://secuniaresearch.flexerasoftware.com/advisories/20376/)\n[Secunia Advisory ID:21178](https://secuniaresearch.flexerasoftware.com/advisories/21178/)\n[Secunia Advisory ID:21324](https://secuniaresearch.flexerasoftware.com/advisories/21324/)\n[Secunia Advisory ID:21607](https://secuniaresearch.flexerasoftware.com/advisories/21607/)\n[Secunia Advisory ID:22065](https://secuniaresearch.flexerasoftware.com/advisories/22065/)\n[Secunia Advisory ID:20382](https://secuniaresearch.flexerasoftware.com/advisories/20382/)\n[Secunia Advisory ID:20394](https://secuniaresearch.flexerasoftware.com/advisories/20394/)\n[Secunia Advisory ID:20709](https://secuniaresearch.flexerasoftware.com/advisories/20709/)\n[Secunia Advisory ID:21134](https://secuniaresearch.flexerasoftware.com/advisories/21134/)\n[Secunia Advisory ID:21269](https://secuniaresearch.flexerasoftware.com/advisories/21269/)\n[Secunia Advisory ID:21336](https://secuniaresearch.flexerasoftware.com/advisories/21336/)\n[Secunia Advisory ID:21631](https://secuniaresearch.flexerasoftware.com/advisories/21631/)\nRedHat RHSA: RHSA-2006:0578\nRedHat RHSA: RHSA-2006:0609\nRedHat RHSA: RHSA-2006:0611\nRedHat RHSA: RHSA-2006:0594\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:146\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1134\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0696.html\nFrSIRT Advisory: ADV-2006-2106\n[CVE-2006-2781](https://vulners.com/cve/CVE-2006-2781)\nBugtraq ID: 18228\n", "modified": "2006-06-01T06:35:30", "published": "2006-06-01T06:35:30", "href": "https://vulners.com/osvdb/OSVDB:26312", "id": "OSVDB:26312", "type": "osvdb", "title": "Mozilla Multiple Product VCard Invalid Base64 Character Double-free", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:22", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://www.caminobrowser.org/releases/1.0.2.php\nVendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=329521\nVendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=329468\n[Vendor Specific Advisory URL](http://www.mozilla.org/security/announce/2006/mfsa2006-34.html)\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-323-1)\n[Vendor Specific Advisory URL](http://www.mandriva.com/security/advisories?name=MDKSA-2006:143)\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml)\nSecurity Tracker: 1016202\n[Secunia Advisory ID:20561](https://secuniaresearch.flexerasoftware.com/advisories/20561/)\n[Secunia Advisory ID:21188](https://secuniaresearch.flexerasoftware.com/advisories/21188/)\n[Secunia Advisory ID:22066](https://secuniaresearch.flexerasoftware.com/advisories/22066/)\n[Secunia Advisory ID:20376](https://secuniaresearch.flexerasoftware.com/advisories/20376/)\n[Secunia Advisory ID:21176](https://secuniaresearch.flexerasoftware.com/advisories/21176/)\n[Secunia Advisory ID:21178](https://secuniaresearch.flexerasoftware.com/advisories/21178/)\n[Secunia Advisory ID:21324](https://secuniaresearch.flexerasoftware.com/advisories/21324/)\n[Secunia Advisory ID:21532](https://secuniaresearch.flexerasoftware.com/advisories/21532/)\n[Secunia Advisory ID:22065](https://secuniaresearch.flexerasoftware.com/advisories/22065/)\n[Secunia Advisory ID:20382](https://secuniaresearch.flexerasoftware.com/advisories/20382/)\n[Secunia Advisory ID:20394](https://secuniaresearch.flexerasoftware.com/advisories/20394/)\n[Secunia Advisory ID:21134](https://secuniaresearch.flexerasoftware.com/advisories/21134/)\n[Secunia Advisory ID:21183](https://secuniaresearch.flexerasoftware.com/advisories/21183/)\n[Secunia Advisory ID:21269](https://secuniaresearch.flexerasoftware.com/advisories/21269/)\n[Secunia Advisory ID:21270](https://secuniaresearch.flexerasoftware.com/advisories/21270/)\n[Secunia Advisory ID:21336](https://secuniaresearch.flexerasoftware.com/advisories/21336/)\n[Secunia Advisory ID:21631](https://secuniaresearch.flexerasoftware.com/advisories/21631/)\nRedHat RHSA: RHSA-2006:0578\nRedHat RHSA: RHSA-2006:0609\nRedHat RHSA: RHSA-2006:0611\nRedHat RHSA: RHSA-2006:0610\nRedHat RHSA: RHSA-2006:0594\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1120\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1118\nOther Advisory URL: http://www.ubuntu.com/usn/usn-296-2\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1134\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0696.html\nKeyword: MFSA 2006-34\nFrSIRT Advisory: ADV-2006-2106\n[CVE-2006-2785](https://vulners.com/cve/CVE-2006-2785)\nBugtraq ID: 18228\n", "modified": "2006-06-01T06:35:30", "published": "2006-06-01T06:35:30", "href": "https://vulners.com/osvdb/OSVDB:26299", "id": "OSVDB:26299", "type": "osvdb", "title": "Mozilla Multiple Product View Image/Frame Source Attribute XSS", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-04-28T13:20:22", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://www.caminobrowser.org/releases/1.0.2.php\nVendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=329677\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-323-1)\n[Vendor Specific Advisory URL](http://www.mandriva.com/security/advisories?name=MDKSA-2006:143)\n[Vendor Specific Advisory URL](http://www.mozilla.org/security/announce/2006/mfsa2006-35.html)\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml)\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-297-3)\nSecurity Tracker: 1016214\nSecurity Tracker: 1016202\n[Secunia Advisory ID:20561](https://secuniaresearch.flexerasoftware.com/advisories/20561/)\n[Secunia Advisory ID:21188](https://secuniaresearch.flexerasoftware.com/advisories/21188/)\n[Secunia Advisory ID:21210](https://secuniaresearch.flexerasoftware.com/advisories/21210/)\n[Secunia Advisory ID:22066](https://secuniaresearch.flexerasoftware.com/advisories/22066/)\n[Secunia Advisory ID:20376](https://secuniaresearch.flexerasoftware.com/advisories/20376/)\n[Secunia Advisory ID:21176](https://secuniaresearch.flexerasoftware.com/advisories/21176/)\n[Secunia Advisory ID:21178](https://secuniaresearch.flexerasoftware.com/advisories/21178/)\n[Secunia Advisory ID:21324](https://secuniaresearch.flexerasoftware.com/advisories/21324/)\n[Secunia Advisory ID:21532](https://secuniaresearch.flexerasoftware.com/advisories/21532/)\n[Secunia Advisory ID:21607](https://secuniaresearch.flexerasoftware.com/advisories/21607/)\n[Secunia Advisory ID:22065](https://secuniaresearch.flexerasoftware.com/advisories/22065/)\n[Secunia Advisory ID:20382](https://secuniaresearch.flexerasoftware.com/advisories/20382/)\n[Secunia Advisory ID:20394](https://secuniaresearch.flexerasoftware.com/advisories/20394/)\n[Secunia Advisory ID:20709](https://secuniaresearch.flexerasoftware.com/advisories/20709/)\n[Secunia Advisory ID:21183](https://secuniaresearch.flexerasoftware.com/advisories/21183/)\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1120\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:146\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1118\nOther Advisory URL: http://www.ubuntu.com/usn/usn-296-2\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1134\nOther Advisory URL: http://issues.rpath.com/browse/RPL-398\nOther Advisory URL: http://issues.rpath.com/browse/RPL-341\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0696.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-05/0743.html\nKeyword: rPSA-2006-0091-1\nKeyword: MFSA 2006-35\n[CVE-2006-2775](https://vulners.com/cve/CVE-2006-2775)\nCERT VU: 243153\nBugtraq ID: 18228\n", "modified": "2006-06-01T06:35:30", "published": "2006-06-01T06:35:30", "href": "https://vulners.com/osvdb/OSVDB:26298", "id": "OSVDB:26298", "type": "osvdb", "title": "Mozilla Multiple Product Persistent XUL Attribute Privilege Escalation", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cert": [{"lastseen": "2019-05-01T19:51:50", "bulletinFamily": "info", "description": "### Overview \n\nMozilla products contain a buffer overflow in the `crypto.signText()` method. This may allow a remote attacker to execute arbitrary code.\n\n### Description \n\n**crypto.SignText()**\n\nJavaScript contains a [`crypto.signText()`](<http://devedge-temp.mozilla.org/library/manuals/2000/javascript/1.3/reference/window.html#1202035>) method, which allows the user to digitally sign a text string. \n \n**The problem** \n \nThe Mozilla `crypto.signText()` method contains a buffer overflow. Mozilla Firefox and Thunderbird are reported to be vulnerable. \n \n--- \n \n### Impact \n\nBy convincing a user to view a specially crafted HTML document (e.g., a web page, an HTML email message, or an HTML email attachment), an attacker may be able to execute arbitrary code with the privileges of the user. \n \n--- \n \n### Solution \n\n**Apply an update** \nRefer to Mozilla Foundation Security Advisory[ 2006-38](<http://www.mozilla.org/security/announce/2006/mfsa2006-38.html>) for fixed versions of Mozilla products. \n \n--- \n \n \n**Disable JavaScript** \n \nThis vulnerability can be mitigated by disabling JavaScript. \n \n--- \n \n### Vendor Information\n\n421529\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Vendor has issued information\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n__ Affected __ Unknown __ Unaffected \n\n**Javascript is disabled. Click here to view vendors.**\n\n### __ Mozilla, Inc.\n\nUpdated: June 02, 2006 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease refer to Mozilla Foundation Security Advisory [2006-38](<http://www.mozilla.org/security/announce/2006/mfsa2006-43.html>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23421529 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | N/A | N/A \nTemporal | N/A | N/A \nEnvironmental | | N/A \n \n \n\n\n### References \n\n * <http://www.mozilla.org/security/announce/2006/mfsa2006-38.html>\n * <https://bugzilla.mozilla.org/show_bug.cgi?id=330897>\n * <http://devedge-temp.mozilla.org/library/manuals/2000/javascript/1.3/reference/window.html#1202035>\n * <http://secunia.com/advisories/21188/>\n * <http://www.securityfocus.com/bid/18228>\n\n### Acknowledgements\n\nThanks to the Mozilla Foundation Security Advisory for reporting this vulnerability, who in turn credit Mikolaj J. Habryn. \n\nThis document was written by Will Dormann. \n\n### Other Information\n\n**CVE IDs:** | [CVE-2006-2778](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2778>) \n---|--- \n**Severity Metric:****** | 10.33 \n**Date Public:** | 2006-06-01 \n**Date First Published:** | 2006-06-02 \n**Date Last Updated: ** | 2007-02-09 14:34 UTC \n**Document Revision: ** | 17 \n", "modified": "2007-02-09T14:34:00", "published": "2006-06-02T00:00:00", "id": "VU:421529", "href": "https://www.kb.cert.org/vuls/id/421529", "type": "cert", "title": "Mozilla contains a buffer overflow vulnerability in crypto.signText()", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-01T19:51:50", "bulletinFamily": "info", "description": "### Overview \n\nA privilege escalation vulnerability exists in the Mozilla `addSelectionListener` method. This may allow a remote attacker to execute arbitrary code.\n\n### Description \n\n**addSelectionListener**\n\nWeb content can add a `SelectionListener` to the Selection object by using `addSelectionListener` method of the [`nsISelectionPrivate`](<http://www.xulplanet.com/references/xpcomref/ifaces/nsISelectionPrivate.html>) interface. This listener would be called when the user performs a \"find\" or \"select all\" command. \n \n**The problem** \n \nThe notifications are created in a privileged context, which can be leveraged to execute arbitrary code. Mozilla Firefox and SeaMonkey are reported to be vulnerable. \n \n--- \n \n### Impact \n\nBy convincing a user to view a specially crafted HTML document (e.g., a web page, an HTML email message, or an HTML email attachment), an attacker may be able to execute arbitrary code with the privileges of the user. \n \n--- \n \n### Solution \n\n**Apply an update** \nRefer to Mozilla Foundation Security Advisory [2006-43](<http://www.mozilla.org/security/announce/2006/mfsa2006-43.html>) for fixed versions of Mozilla products. \n \n--- \n \n \n**Disable JavaScript** \n \nThis vulnerability can be mitigated by disabling JavaScript. \n \n--- \n \n### Vendor Information\n\n237257\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Vendor has issued information\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n__ Affected __ Unknown __ Unaffected \n\n**Javascript is disabled. Click here to view vendors.**\n\n### __ Mozilla, Inc.\n\nUpdated: June 02, 2006 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease refer to Mozilla Foundation Security Advisory [2006-43](<http://www.mozilla.org/security/announce/2006/mfsa2006-43.html>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23237257 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | N/A | N/A \nTemporal | N/A | N/A \nEnvironmental | | N/A \n \n \n\n\n### References \n\n * <http://www.mozilla.org/security/announce/2006/mfsa2006-43.html>\n * <https://bugzilla.mozilla.org/show_bug.cgi?id=336830>\n * <http://www.xulplanet.com/references/xpcomref/ifaces/nsISelectionPrivate.html>\n * <http://secunia.com/advisories/21188/>\n * <http://www.securityfocus.com/bid/18228>\n\n### Acknowledgements\n\nThanks to the Mozilla Foundation Security Advisory for reporting this vulnerability, who in turn credit moz_bug_r_a4. \n\nThis document was written by Will Dormann. \n\n### Other Information\n\n**CVE IDs:** | [CVE-2006-2777](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2777>) \n---|--- \n**Severity Metric:****** | 18.36 \n**Date Public:** | 2006-06-01 \n**Date First Published:** | 2006-06-02 \n**Date Last Updated: ** | 2007-02-09 14:34 UTC \n**Document Revision: ** | 17 \n", "modified": "2007-02-09T14:34:00", "published": "2006-06-02T00:00:00", "id": "VU:237257", "href": "https://www.kb.cert.org/vuls/id/237257", "type": "cert", "title": "Mozilla privilege escalation using addSelectionListener", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-01T19:51:50", "bulletinFamily": "info", "description": "### Overview \n\nMozilla contains several memory corruption vulnerabilities. This may allow a remote attacker to execute arbitrary code.\n\n### Description \n\nMozilla team members have discovered multiple vulnerabilities that cause the browser engine to crash. In certain circumstances, these vulnerabilities may allow arbitrary code execution. Mozilla Firefox and Thunderbird are reported to be vulnerable. \n \n--- \n \n### Impact \n\nBy convincing a user to view a specially crafted HTML document (e.g., a web page, an HTML email message, or an HTML email attachment), an attacker may be able to execute arbitrary code with the privileges of the user. \n \n--- \n \n### Solution \n\n**Apply an update**\n\nRefer to Mozilla Foundation Security Advisory[ 2006-32](<http://www.mozilla.org/security/announce/2006/mfsa2006-32.html>) for fixed versions of Mozilla products. \n \n--- \n \n \n**Disable JavaScript** \n \nThis vulnerability can be mitigated by disabling JavaScript. \n \n--- \n \n### Vendor Information\n\n466673\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Vendor has issued information\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n__ Affected __ Unknown __ Unaffected \n\n**Javascript is disabled. Click here to view vendors.**\n\n### __ Mozilla, Inc.\n\nUpdated: June 02, 2006 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease refer to Mozilla Foundation Security Advisory [2006-32](<http://www.mozilla.org/security/announce/2006/mfsa2006-32.html>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23466673 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | N/A | N/A \nTemporal | N/A | N/A \nEnvironmental | | N/A \n \n \n\n\n### References \n\n * <http://www.mozilla.org/security/announce/2006/mfsa2006-32.html>\n * <http://www.securityfocus.com/bid/18228>\n\n### Acknowledgements\n\nThanks to the Mozilla Foundation Security Advisory for reporting this vulnerability. \n\nThis document was written by Will Dormann. \n\n### Other Information\n\n**CVE IDs:** | [CVE-2006-2779](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2779>) \n---|--- \n**Severity Metric:****** | 8.03 \n**Date Public:** | 2006-06-01 \n**Date First Published:** | 2006-06-02 \n**Date Last Updated: ** | 2007-02-09 14:35 UTC \n**Document Revision: ** | 15 \n", "modified": "2007-02-09T14:35:00", "published": "2006-06-02T00:00:00", "id": "VU:466673", "href": "https://www.kb.cert.org/vuls/id/466673", "type": "cert", "title": "Mozilla contains multiple memory corruption vulnerabilities", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-01T19:51:50", "bulletinFamily": "info", "description": "### Overview \n\nMozilla can allow persisted XUL attributes to associate with the wrong URL. This may allow a remote attacker to execute arbitrary code.\n\n### Description \n\n**XUL**\n\n[XUL](<http://www.mozilla.org/projects/xul/>) is an XML-based user interface language, which is used by Mozilla. \n \n**Persisted XUL** \n \nXUL elements with the [`persist`](<http://www.mozilla.org/xpfe/xulref/common.html#persist>) attribute maintain their values after the window is closed. These values are stored in the `localstore.rdf` file. \n \n**The problem** \n \nSome persisted XUL attributes can be associated with the wrong URL. Mozilla Firefox and Thunderbird are reported to be vulnerable. \n \n--- \n \n### Impact \n\nBy convincing a user to view a specially crafted HTML document (e.g., a web page, an HTML email message, or an HTML email attachment), an attacker may be able to execute arbitrary code with the privileges of the user. \n \n--- \n \n### Solution \n\n**Apply an update** \nRefer to Mozilla Foundation Security Advisory[ 2006-35](<http://www.mozilla.org/security/announce/2006/mfsa2006-35.html>) for fixed versions of Mozilla products. \n \n--- \n \n \n**Disable JavaScript** \n \nThis vulnerability can be mitigated by disabling JavaScript. \n \n--- \n \n### Vendor Information\n\n243153\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Vendor has issued information\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n__ Affected __ Unknown __ Unaffected \n\n**Javascript is disabled. Click here to view vendors.**\n\n### __ Mozilla, Inc.\n\nUpdated: June 02, 2006 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease refer to Mozilla Foundation Security Advisory [2006-35](<http://www.mozilla.org/security/announce/2006/mfsa2006-35.html>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23243153 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | N/A | N/A \nTemporal | N/A | N/A \nEnvironmental | | N/A \n \n \n\n\n### References \n\n * <http://www.mozilla.org/security/announce/2006/mfsa2006-35.html>\n * <https://bugzilla.mozilla.org/show_bug.cgi?id=329677>\n * <http://www.mozilla.org/projects/xul/>\n * <http://www.mozilla.org/xpfe/xulref/common.html#persist>\n * <http://www.securityfocus.com/bid/18228>\n\n### Acknowledgements\n\nThanks to Mozilla Foundation Security Advisory for reporting this vulnerability, who in turn credit Jonas Sicking. \n\nThis document was written by Will Dormann. \n\n### Other Information\n\n**CVE IDs:** | [CVE-2006-2775](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2775>) \n---|--- \n**Severity Metric:****** | 11.48 \n**Date Public:** | 2006-06-01 \n**Date First Published:** | 2006-06-02 \n**Date Last Updated: ** | 2007-02-09 14:36 UTC \n**Document Revision: ** | 14 \n", "modified": "2007-02-09T14:36:00", "published": "2006-06-02T00:00:00", "id": "VU:243153", "href": "https://www.kb.cert.org/vuls/id/243153", "type": "cert", "title": "Mozilla may associate persisted XUL attributes with an incorrect URL", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-01T19:51:50", "bulletinFamily": "info", "description": "### Overview \n\nMozilla allows content-defined setters on object prototypes to execute with elevated privileges. This may allow a remote attacker to execute arbitrary code.\n\n### Description \n\n**Setters**\n\nA [setter](<http://developer.mozilla.org/en/docs/Core_JavaScript_1.5_Guide:Creating_New_Objects:Defining_Getters_and_Setters>) is a method in JavaScript that sets the value of a property. \n \n**The problem** \n \nThe setters in Mozilla are called by privileged user interface (UI) code. This elevated privilege can be passed on to the content-provided JavaScript code. Mozilla Firefox and Thunderbird are reported to be vulnerable. \n \n--- \n \n### Impact \n\nThe complete impact of this vulnerability is not yet known. \n \n--- \n \n### Solution \n\n**Apply an update** \nRefer to Mozilla Foundation Security Advisory[ 2006-37](<http://www.mozilla.org/security/announce/2006/mfsa2006-37.html>) for fixed versions of Mozilla products. \n \n--- \n \n \n**Disable JavaScript** \n \nThis vulnerability can be mitigated by disabling JavaScript. \n \n--- \n \n### Vendor Information\n\n575969\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Vendor has issued information\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n__ Affected __ Unknown __ Unaffected \n\n**Javascript is disabled. Click here to view vendors.**\n\n### __ Mozilla, Inc.\n\nUpdated: June 02, 2006 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease refer to Mozilla Foundation Security Advisory [2006-37](<http://www.mozilla.org/security/announce/2006/mfsa2006-37.html>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23575969 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | N/A | N/A \nTemporal | N/A | N/A \nEnvironmental | | N/A \n \n \n\n\n### References \n\n * <http://www.mozilla.org/security/announce/2006/mfsa2006-37.html>\n * <https://bugzilla.mozilla.org/show_bug.cgi?id=330773>\n * <http://developer.mozilla.org/en/docs/Core_JavaScript_1.5_Guide:Creating_New_Objects:Defining_Getters_and_Setters>\n * <http://www.securityfocus.com/bid/18228>\n\n### Acknowledgements\n\nThanks to the Mozilla Foundation Security Advisory for reporting this vulnerability, who in turn credit Paul Nickerson and moz_bug_r_a4. \n\nThis document was written by Will Dormann. \n\n### Other Information\n\n**CVE IDs:** | [CVE-2006-2776](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2776>) \n---|--- \n**Severity Metric:****** | 11.48 \n**Date Public:** | 2006-06-01 \n**Date First Published:** | 2006-06-02 \n**Date Last Updated: ** | 2007-02-09 14:36 UTC \n**Document Revision: ** | 13 \n", "modified": "2007-02-09T14:36:00", "published": "2006-06-02T00:00:00", "id": "VU:575969", "href": "https://www.kb.cert.org/vuls/id/575969", "type": "cert", "title": "Mozilla may process content-defined setters on object prototypes with elevated privileges", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2018-08-31T01:15:59", "bulletinFamily": "unix", "description": "\nA Mozilla Foundation Security Advisory reports:\n\nWhen a webpage requires a plugin that is not installed\n\t the user can click to launch the Plugin Finder Service\n\t (PFS) to find an appropriate plugin. If the service does\n\t not have an appropriate plugin the EMBED tag is checked\n\t for a PLUGINSPAGE attribute, and if one is found the PFS\n\t dialog will contain a \"manual install\" button that will\n\t load the PLUGINSPAGE url.\nOmar Khan reported that if the PLUGINSPAGE attribute\n\t contains a javascript: url then pressing the button could\n\t launch arbitrary code capable of stealing local data or\n\t installing malicious code.\nDoron Rosenberg reported a variant that injects script by\n\t appending it to a malformed URL of any protocol.\n\n", "modified": "2005-03-31T00:00:00", "published": "2005-03-31T00:00:00", "id": "CE6AC624-AEC8-11D9-A788-0001020EED82", "href": "https://vuxml.freebsd.org/freebsd/ce6ac624-aec8-11d9-a788-0001020eed82.html", "title": "firefox -- PLUGINSPAGE privileged javascript execution", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "mozilla": [{"lastseen": "2016-09-05T13:37:50", "bulletinFamily": "software", "description": "Mozilla researcher moz_bug_r_a4 demonstrated that javascript run via\nEvalInSandbox can escape the sandbox and gain elevated privilege by\ncalling valueOf() on objects created outside the sandbox and inserted\ninto it. Malicious scripts could use these privileges to compromise\nyour computer or data.\nIn Mozilla clients the primary use for EvalInSandbox is to run the\nProxy Autoconfig script should one be specified by your network\nadministrator. This is a rare option for home users, it is primarily\nused by institutional networks which have a need for remote configuration.\nThe popular Greasemonkey extension uses EvalInSandbox to run userscripts\nwhich manipulate the web pages you visit on your behalf. Using this\nvulnerability a malicious userscript could gain enough privilege to\ninstall malware, but even when Greasemonkey is working as designed\na malicious userscript can make life miserable. Only install userscripts\nfrom sources you can trust.", "modified": "2006-06-01T00:00:00", "published": "2006-06-01T00:00:00", "id": "MFSA2006-31", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2006-31/", "type": "mozilla", "title": "EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
