{"id": "UB:CVE-2016-1974", "vendorId": null, "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2016-1974", "description": "The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before\n45.0 and Firefox ESR 38.x before 38.7 does not verify that memory\nallocation succeeds, which allows remote attackers to execute arbitrary\ncode or cause a denial of service (out-of-bounds read) via crafted Unicode\ndata in an HTML, XML, or SVG document.", "published": "2016-03-08T00:00:00", "modified": "2016-03-08T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://ubuntu.com/security/CVE-2016-1974", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/", "https://bugzilla.mozilla.org/show_bug.cgi?id=1228103", "https://ubuntu.com/security/notices/USN-2917-1", "https://ubuntu.com/security/notices/USN-2934-1", "https://nvd.nist.gov/vuln/detail/CVE-2016-1974", "https://launchpad.net/bugs/cve/CVE-2016-1974", "https://security-tracker.debian.org/tracker/CVE-2016-1974"], "cvelist": ["CVE-2016-1974"], "immutableFields": [], "lastseen": "2021-11-22T21:47:38", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "archlinux", "idList": ["ASA-201603-21", "ASA-201603-4"]}, {"type": "centos", "idList": ["CESA-2016:0373", "CESA-2016:0460"]}, {"type": "cve", "idList": ["CVE-2016-1974"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3510-1:F3E38", "DEBIAN:DSA-3520-1:A2087"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2016-1974"]}, {"type": "freebsd", "idList": ["2225C5B4-1E5A-44FC-9920-B3201C384A15"]}, {"type": "gentoo", "idList": ["GLSA-201605-06"]}, {"type": "kaspersky", "idList": ["KLA10765"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/LINUXRPM-RHSA-2016-0460/", "MSF:ILITIES/UBUNTU-CVE-2016-1974/", "MSF:ILITIES/UBUNTU-USN-2917-2/", "MSF:ILITIES/UBUNTU-USN-2917-3/"]}, {"type": "mozilla", "idList": ["MFSA2016-34"]}, {"type": "nessus", "idList": ["802023.PRM", "9207.PRM", "CENTOS_RHSA-2016-0373.NASL", "CENTOS_RHSA-2016-0460.NASL", "DEBIAN_DSA-3510.NASL", "DEBIAN_DSA-3520.NASL", "EULEROS_SA-2016-1002.NASL", "FREEBSD_PKG_2225C5B41E5A44FC9920B3201C384A15.NASL", "GENTOO_GLSA-201605-06.NASL", "MACOSX_FIREFOX_38_7_ESR.NASL", "MACOSX_FIREFOX_45.NASL", "MOZILLA_FIREFOX_38_7_ESR.NASL", "MOZILLA_FIREFOX_45.NASL", "OPENSUSE-2016-332.NASL", "OPENSUSE-2016-334.NASL", "OPENSUSE-2016-395.NASL", "OPENSUSE-2016-402.NASL", "OPENSUSE-2016-848.NASL", "OPENSUSE-2016-851.NASL", "ORACLELINUX_ELSA-2016-0373.NASL", "ORACLELINUX_ELSA-2016-0460.NASL", "REDHAT-RHSA-2016-0373.NASL", "REDHAT-RHSA-2016-0460.NASL", "SL_20160309_FIREFOX_ON_SL5_X.NASL", "SL_20160316_THUNDERBIRD_ON_SL5_X.NASL", "SUSE_SU-2016-0727-1.NASL", "SUSE_SU-2016-0777-1.NASL", "SUSE_SU-2016-0820-1.NASL", "SUSE_SU-2016-0909-1.NASL", "UBUNTU_USN-2917-1.NASL", "UBUNTU_USN-2917-2.NASL", "UBUNTU_USN-2917-3.NASL", "UBUNTU_USN-2934-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122896", "OPENVAS:1361412562310122905", "OPENVAS:1361412562310131260", "OPENVAS:1361412562310131268", "OPENVAS:1361412562310703510", "OPENVAS:1361412562310703520", "OPENVAS:1361412562310807520", "OPENVAS:1361412562310807521", "OPENVAS:1361412562310807522", "OPENVAS:1361412562310807523", "OPENVAS:1361412562310807627", "OPENVAS:1361412562310807628", "OPENVAS:1361412562310808695", "OPENVAS:1361412562310808696", "OPENVAS:1361412562310842678", "OPENVAS:1361412562310842718", "OPENVAS:1361412562310842723", "OPENVAS:1361412562310851229", "OPENVAS:1361412562310851230", "OPENVAS:1361412562310851234", "OPENVAS:1361412562310851258", "OPENVAS:1361412562310851261", "OPENVAS:1361412562310851365", "OPENVAS:1361412562310851366", "OPENVAS:1361412562310871568", "OPENVAS:1361412562310871578", "OPENVAS:1361412562310882411", "OPENVAS:1361412562310882413", "OPENVAS:1361412562310882416", "OPENVAS:1361412562310882427", "OPENVAS:1361412562310882429", "OPENVAS:1361412562310882430", "OPENVAS:1361412562311220161002", "OPENVAS:703510", "OPENVAS:703520"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-0373", "ELSA-2016-0460"]}, {"type": "redhat", "idList": ["RHSA-2016:0373", "RHSA-2016:0460"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:0731-1", "OPENSUSE-SU-2016:0733-1", "OPENSUSE-SU-2016:0876-1", "OPENSUSE-SU-2016:0894-1", "OPENSUSE-SU-2016:1767-1", "OPENSUSE-SU-2016:1769-1", "OPENSUSE-SU-2016:1778-1", "SUSE-SU-2016:0727-1", "SUSE-SU-2016:0777-1", "SUSE-SU-2016:0820-1", "SUSE-SU-2016:0909-1"]}, {"type": "ubuntu", "idList": ["USN-2917-1", "USN-2917-2", "USN-2917-3", "USN-2934-1"]}]}, "score": {"value": 6.7, "vector": "NONE"}, "backreferences": {"references": [{"type": "archlinux", "idList": ["ASA-201603-4"]}, {"type": "centos", "idList": ["CESA-2016:0373", "CESA-2016:0460"]}, {"type": "cve", "idList": ["CVE-2016-1974"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3510-1:F3E38"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2016-1974"]}, {"type": "freebsd", "idList": ["2225C5B4-1E5A-44FC-9920-B3201C384A15"]}, {"type": "gentoo", "idList": ["GLSA-201605-06"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2016-0373.NASL", "CENTOS_RHSA-2016-0460.NASL", "DEBIAN_DSA-3510.NASL", "FREEBSD_PKG_2225C5B41E5A44FC9920B3201C384A15.NASL", "MOZILLA_FIREFOX_38_7_ESR.NASL", "MOZILLA_FIREFOX_45.NASL", "OPENSUSE-2016-332.NASL", "OPENSUSE-2016-334.NASL", "OPENSUSE-2016-402.NASL", "ORACLELINUX_ELSA-2016-0373.NASL", "ORACLELINUX_ELSA-2016-0460.NASL", "REDHAT-RHSA-2016-0373.NASL", "REDHAT-RHSA-2016-0460.NASL", "SL_20160309_FIREFOX_ON_SL5_X.NASL", "SL_20160316_THUNDERBIRD_ON_SL5_X.NASL", "SUSE_SU-2016-0727-1.NASL", "SUSE_SU-2016-0777-1.NASL", "UBUNTU_USN-2917-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703510", "OPENVAS:1361412562310882413"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-0373", "ELSA-2016-0460"]}, {"type": "redhat", "idList": ["RHSA-2016:0373"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:1767-1", "SUSE-SU-2016:0777-1"]}, {"type": "ubuntu", "idList": ["USN-2917-2"]}]}, "exploitation": null, "vulnersScore": 6.7}, "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "45.0", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "firefox"}, {"OS": "ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "trusty was released [45.0+build2-0ubuntu0.14.04.1]", "packageFilename": "UNKNOWN", "operator": "lt", "status": "does not exist", "packageName": "firefox"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "38.7", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "thunderbird"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "1:38.7.2+build1-0ubuntu0.16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "thunderbird"}, {"OS": "ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "trusty was released [1:38.7.2+build1-0ubuntu0.14.04.1]", "packageFilename": "UNKNOWN", "operator": "lt", "status": "does not exist", "packageName": "thunderbird"}], "bugs": [], "_state": {"dependencies": 1647589307, "score": 0}}

{"metasploit": [{"lastseen": "2021-08-21T16:00:11", "description": "\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "Ubuntu: (Multiple Advisories) (CVE-2016-1974): Thunderbird vulnerabilities", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1974"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/UBUNTU-CVE-2016-1974/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-05-26T02:09:07", "description": "\n", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "RHSA-2016:0460: thunderbird security update", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1964", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/LINUXRPM-RHSA-2016-0460/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-05-26T02:09:10", "description": "\n", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "Ubuntu: USN-2917-2: Firefox regressions", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1959", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1967", "CVE-2016-1968", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/UBUNTU-USN-2917-2/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-05-26T02:08:48", "description": "\n", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "Ubuntu: USN-2917-3: Firefox regressions", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1959", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1967", "CVE-2016-1968", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/UBUNTU-USN-2917-3/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-03-23T12:56:30", "description": "The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not verify that memory allocation succeeds, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via crafted Unicode data in an HTML, XML, or SVG document.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-03-13T18:59:00", "type": "cve", "title": "CVE-2016-1974", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1974"], "modified": "2019-12-27T16:08:00", "cpe": ["cpe:/a:mozilla:firefox_esr:38.6.0", "cpe:/a:mozilla:thunderbird:38.6.0", "cpe:/a:mozilla:firefox_esr:38.1.0", "cpe:/a:mozilla:firefox:44.0.2", "cpe:/a:mozilla:firefox_esr:38.0.5", "cpe:/a:mozilla:firefox_esr:38.0", "cpe:/a:mozilla:firefox_esr:38.2.1", "cpe:/a:mozilla:firefox_esr:38.6.1", "cpe:/o:opensuse:leap:42.1", "cpe:/o:opensuse:opensuse:13.1", "cpe:/a:mozilla:firefox_esr:38.4.0", "cpe:/a:mozilla:firefox_esr:38.0.1", "cpe:/a:mozilla:firefox_esr:38.1.1", "cpe:/a:mozilla:firefox_esr:38.2.0", "cpe:/a:mozilla:firefox_esr:38.5.0", "cpe:/a:mozilla:firefox_esr:38.5.1", "cpe:/o:oracle:linux:7", "cpe:/o:oracle:linux:5.0", "cpe:/o:opensuse:opensuse:13.2", "cpe:/o:suse:linux_enterprise:12.0", "cpe:/o:oracle:linux:6", "cpe:/a:mozilla:firefox_esr:38.3.0"], "id": "CVE-2016-1974", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1974", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:38.5.0:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:38.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:38.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:38.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:44.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:38.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:38.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"]}], "mozilla": [{"lastseen": "2021-12-29T14:12:32", "description": "Security researcher Ronald Crane reported an out-of-bounds read following a failed allocation in the HTML parser while working with unicode strings. This can also affect the parsing of XML and SVG format data. This leads to a potentially exploitable crash. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-03-08T00:00:00", "type": "mozilla", "title": "Out-of-bounds read in HTML parser following a failed allocation \u2014 Mozilla", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1974"], "modified": "2016-03-08T00:00:00", "id": "MFSA2016-34", "href": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2022-05-21T13:32:52", "description": "The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not verify that memory allocation succeeds, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via crafted Unicode data in an HTML, XML, or SVG document.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-03-13T18:59:00", "type": "debiancve", "title": "CVE-2016-1974", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1974"], "modified": "2016-03-13T18:59:00", "id": "DEBIANCVE:CVE-2016-1974", "href": "https://security-tracker.debian.org/tracker/CVE-2016-1974", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:35:23", "description": "Check the version of thunderbird", "cvss3": {}, "published": "2016-03-17T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2016:0460 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1964"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882427", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882427", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2016:0460 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882427\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-17 05:10:05 +0100 (Thu, 17 Mar 2016)\");\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1960\",\n \"CVE-2016-1961\", \"CVE-2016-1964\", \"CVE-2016-1966\", \"CVE-2016-1974\",\n \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\",\n \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\",\n \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\",\n \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for thunderbird CESA-2016:0460 centos5\");\n script_tag(name:\"summary\", value:\"Check the version of thunderbird\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960,\nCVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped\nwith Thunderbird. A web page containing malicious content could cause\nThunderbird to crash or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2016-1977, CVE-2016-2790,\nCVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795,\nCVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800,\nCVE-2016-2801, CVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew\nMcCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas\nGolubovic, Jose Martinez, Romina Santillan, caonguyen, lokihardt, Nicolas\nGregoire, the Communications Electronics Security Group (UK) of the GCHQ,\nHolger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters\nof these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Thunderbird 38.7.0. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 38.7.0, which corrects these issues. After\ninstalling the update, Thunderbird must be restarted for the changes to\ntake effect.\");\n script_tag(name:\"affected\", value:\"thunderbird on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:0460\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-March/021740.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~38.7.0~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:15", "description": "Check the version of thunderbird", "cvss3": {}, "published": "2016-03-17T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2016:0460 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1964"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882429", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882429", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2016:0460 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882429\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-17 05:10:33 +0100 (Thu, 17 Mar 2016)\");\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1960\",\n \"CVE-2016-1961\", \"CVE-2016-1964\", \"CVE-2016-1966\", \"CVE-2016-1974\",\n \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\",\n \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\",\n \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\",\n \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for thunderbird CESA-2016:0460 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of thunderbird\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960,\nCVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped\nwith Thunderbird. A web page containing malicious content could cause\nThunderbird to crash or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2016-1977, CVE-2016-2790,\nCVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795,\nCVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800,\nCVE-2016-2801, CVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew\nMcCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas\nGolubovic, Jose Martinez, Romina Santillan, caonguyen, lokihardt, Nicolas\nGregoire, the Communications Electronics Security Group (UK) of the GCHQ,\nHolger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters\nof these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Thunderbird 38.7.0. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 38.7.0, which corrects these issues. After\ninstalling the update, Thunderbird must be restarted for the changes to\ntake effect.\");\n script_tag(name:\"affected\", value:\"thunderbird on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:0460\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-March/021738.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~38.7.0~1.el7.centos\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:43", "description": "Mageia Linux Local Security Checks mgasa-2016-0115", "cvss3": {}, "published": "2016-03-17T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2016-0115", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1964"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310131268", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131268", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2016-0115.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131268\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-03-17 16:02:31 +0200 (Thu, 17 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2016-0115\");\n script_tag(name:\"insight\", value:\"Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966). Multiple security flaws were found in the graphite2 font library shipped with Thunderbird. A web page containing malicious content could cause it to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802).\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2016-0115.html\");\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1964\", \"CVE-2016-1966\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2016-0115\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~38.7.0~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"thunderbird-l10n\", rpm:\"thunderbird-l10n~38.7.0~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:17", "description": "Oracle Linux Local Security Checks ELSA-2016-0460", "cvss3": {}, "published": "2016-03-17T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2016-0460", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1964"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310122905", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122905", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2016-0460.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.fi>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://solinor.fi\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122905\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-03-17 16:00:57 +0200 (Thu, 17 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2016-0460\");\n script_tag(name:\"insight\", value:\"ELSA-2016-0460 - thunderbird security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2016-0460\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2016-0460.html\");\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1964\", \"CVE-2016-1966\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(7|5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~38.7.0~1.0.1.el7_2\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~38.7.0~1.0.1.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~38.7.0~1.0.1.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:41", "description": "Check the version of thunderbird", "cvss3": {}, "published": "2016-03-17T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2016:0460 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1964"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882430", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882430", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2016:0460 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882430\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-17 05:10:56 +0100 (Thu, 17 Mar 2016)\");\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1960\",\n \"CVE-2016-1961\", \"CVE-2016-1964\", \"CVE-2016-1966\", \"CVE-2016-1974\",\n \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\",\n \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\",\n \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\",\n \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for thunderbird CESA-2016:0460 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of thunderbird\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960,\nCVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped\nwith Thunderbird. A web page containing malicious content could cause\nThunderbird to crash or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2016-1977, CVE-2016-2790,\nCVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795,\nCVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800,\nCVE-2016-2801, CVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew\nMcCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas\nGolubovic, Jose Martinez, Romina Santillan, caonguyen, lokihardt, Nicolas\nGregoire, the Communications Electronics Security Group (UK) of the GCHQ,\nHolger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters\nof these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Thunderbird 38.7.0. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 38.7.0, which corrects these issues. After\ninstalling the update, Thunderbird must be restarted for the changes to\ntake effect.\");\n script_tag(name:\"affected\", value:\"thunderbird on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:0460\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-March/021739.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~38.7.0~1.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-03-17T00:00:00", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2016:0460-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1964"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871578", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871578", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2016:0460-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871578\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-17 05:09:13 +0100 (Thu, 17 Mar 2016)\");\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1960\",\n \"CVE-2016-1961\", \"CVE-2016-1964\", \"CVE-2016-1966\", \"CVE-2016-1974\",\n \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\",\n \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\",\n \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\",\n \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for thunderbird RHSA-2016:0460-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail\nand newsgroup client.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960,\nCVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped\nwith Thunderbird. A web page containing malicious content could cause\nThunderbird to crash or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2016-1977, CVE-2016-2790,\nCVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795,\nCVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800,\nCVE-2016-2801, CVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew\nMcCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas\nGolubovic, Jose Martinez, Romina Santillan, ca0nguyen, lokihardt, Nicolas\nGrgoire, the Communications Electronics Security Group (UK) of the GCHQ,\nHolger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters\nof these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Thunderbird 38.7.0. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 38.7.0, which corrects these issues. After\ninstalling the update, Thunderbird must be restarted for the changes to\ntake effect.\");\n script_tag(name:\"affected\", value:\"thunderbird on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:0460-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-March/msg00051.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~38.7.0~1.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~38.7.0~1.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:54:49", "description": "Multiple security issues have been found\nin Icedove, Debian", "cvss3": {}, "published": "2016-03-18T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3520-1 (icedove - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1964"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703520", "href": "http://plugins.openvas.org/nasl.php?oid=703520", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3520.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3520-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703520);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1960\",\n \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1966\",\n \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\",\n \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\",\n \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\",\n \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_name(\"Debian Security Advisory DSA 3520-1 (icedove - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-03-18 00:00:00 +0100 (Fri, 18 Mar 2016)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3520.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"icedove on Debian Linux\");\n script_tag(name: \"insight\", value: \"Icedove is an unbranded Thunderbird mail\nclient suitable for free distribution. It supports different mail accounts (POP,\nIMAP, Gmail), has an integrated learning Spam filter, and offers easy organization\nof mails with tagging and virtual folders. Also, more features can be added by\ninstalling extensions.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 38.7.0-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 38.7.0-1~deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 38.7.0-1.\n\nWe recommend that you upgrade your icedove packages.\");\n script_tag(name: \"summary\", value: \"Multiple security issues have been found\nin Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory\nsafety errors, integer overflows, buffer overflows and other implementation errors\nmay lead to the execution of arbitrary code or denial of service.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"calendar-google-provider\", ver:\"38.7.0-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove\", ver:\"38.7.0-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"38.7.0-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"38.7.0-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceowl-extension\", ver:\"38.7.0-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"calendar-google-provider\", ver:\"38.7.0-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove\", ver:\"38.7.0-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"38.7.0-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"38.7.0-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceowl-extension\", ver:\"38.7.0-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:35:45", "description": "Multiple security issues have been found\nin Icedove, Debian", "cvss3": {}, "published": "2016-03-18T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3520-1 (icedove - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1964"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703520", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703520", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3520.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3520-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703520\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1960\",\n \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1966\",\n \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\",\n \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\",\n \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\",\n \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_name(\"Debian Security Advisory DSA 3520-1 (icedove - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-18 00:00:00 +0100 (Fri, 18 Mar 2016)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3520.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(7|8)\");\n script_tag(name:\"affected\", value:\"icedove on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 38.7.0-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 38.7.0-1~deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 38.7.0-1.\n\nWe recommend that you upgrade your icedove packages.\");\n script_tag(name:\"summary\", value:\"Multiple security issues have been found\nin Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory\nsafety errors, integer overflows, buffer overflows and other implementation errors\nmay lead to the execution of arbitrary code or denial of service.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"calendar-google-provider\", ver:\"38.7.0-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedove\", ver:\"38.7.0-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"38.7.0-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"38.7.0-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceowl-extension\", ver:\"38.7.0-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"calendar-google-provider\", ver:\"38.7.0-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedove\", ver:\"38.7.0-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"38.7.0-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"38.7.0-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceowl-extension\", ver:\"38.7.0-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-09T15:19:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for thunderbird USN-2934-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1950", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1964"], "modified": "2019-10-07T00:00:00", "id": "OPENVAS:1361412562310842723", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842723", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for thunderbird USN-2934-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842723\");\n script_version(\"2019-10-07T14:34:48+0000\");\n script_tag(name:\"last_modification\", value:\"2019-10-07 14:34:48 +0000 (Mon, 07 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-05-06 15:29:31 +0530 (Fri, 06 May 2016)\");\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1960\",\n\t\t\"CVE-2016-1961\", \"CVE-2016-1964\", \"CVE-2016-1966\", \"CVE-2016-1974\",\n\t\t\"CVE-2016-1950\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\",\n\t\t\"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\",\n\t\t\"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\",\n\t\t\"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for thunderbird USN-2934-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Bob Clary, Christoph Diehl, Christian Holler,\n Andrew McCreight, Daniel Holbert, Jesse Ruderman, and Randell Jesup discovered\n multiple memory safety issues in Thunderbird. If a user were tricked in to\n opening a specially crafted message, an attacker could potentially exploit these\n to cause a denial of service via application crash, or execute arbitrary code\n with the privileges of the user invoking Thunderbird. (CVE-2016-1952)\n\n Nicolas Golubovic discovered that CSP violation reports can be used to\n overwrite local files. If a user were tricked in to opening a specially\n crafted website in a browsing context with addon signing disabled and\n unpacked addons installed, an attacker could potentially exploit this to\n gain additional privileges. (CVE-2016-1954)\n\n Jose Martinez and Romina Santillan discovered a memory leak in\n libstagefright during MPEG4 video file processing in some circumstances.\n If a user were tricked in to opening a specially crafted website in a\n browsing context, an attacker could potentially exploit this to cause a\n denial of service via memory exhaustion. (CVE-2016-1957)\n\n A use-after-free was discovered in the HTML5 string parser. If a user were\n tricked in to opening a specially crafted website in a browsing context, an\n attacker could potentially exploit this to cause a denial of service via\n application crash, or execute arbitrary code with the privileges of the user\n invoking Thunderbird. (CVE-2016-1960)\n\n A use-after-free was discovered in the SetBody function of HTMLDocument.\n If a user were tricked in to opening a specially crafted website in a\n browsing context, an attacker could potentially exploit this to cause a\n denial of service via application crash, or execute arbitrary code with\n the privileges of the user invoking Thunderbird. (CVE-2016-1961)\n\n Nicolas Gr&#233 goire discovered a use-after-free during XML transformations.\n If a user were tricked in to opening a specially crafted website in a\n browsing context, an attacker could potentially exploit this to cause a\n denial of service via application crash, or execute arbitrary code with\n the privileges of the user invoking Thunderbird. (CVE-2016-1964)\n\n A memory corruption issue was discovered in the NPAPI subsystem. If\n a user were tricked in to opening a specially crafted website in a\n browsing context with a malicious plugin installed, an attacker could\n potentially exploit this to cause a denial of service via application\n crash, or execute arbitrary code with the privileges of the user invoking\n Thunderbird. (CVE-2016-1966)\n\n Ronald Crane discovered an out-of-bounds read following a failed\n ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"thunderbird on Ubuntu 15.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2934-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2934-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|15\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:38.7.2+build1-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:38.7.2+build1-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:38.7.2+build1-0ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-06-25T14:49:49", "description": "This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-04-01T00:00:00", "type": "openvas", "title": "Mozilla Thunderbird Security Updates(mfsa_2016-16_2016-38)-MAC OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1950", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1964"], "modified": "2019-06-25T00:00:00", "id": "OPENVAS:1361412562310807628", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807628", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Thunderbird Security Updates(mfsa_2016-16_2016-38)-MAC OS X\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:thunderbird\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807628\");\n script_version(\"2019-06-25T08:25:15+0000\");\n script_cve_id(\"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\",\n\t\t\"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\",\n\t\t\"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\",\n\t\t\"CVE-2016-2801\", \"CVE-2016-2802\", \"CVE-2016-1953\", \"CVE-2016-1950\",\n\t\t\"CVE-2016-1974\", \"CVE-2016-1966\", \"CVE-2016-1964\", \"CVE-2016-1961\",\n\t\t\"CVE-2016-1960\", \"CVE-2016-1957\", \"CVE-2016-1954\", \"CVE-2016-1952\");\n script_bugtraq_id(84222, 84221, 84223, 84219, 84218);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-06-25 08:25:15 +0000 (Tue, 25 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-04-01 13:19:29 +0530 (Fri, 01 Apr 2016)\");\n script_name(\"Mozilla Thunderbird Security Updates(mfsa_2016-16_2016-38)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to,\n\n - The 'nsScannerString::AppendUnicodeTo' function does not verify that memory\n allocation succeeds.\n\n - A memory corruption vulnerability in NPAPI plugin.\n\n - An use-after-free vulnerability in the 'AtomicBaseIncDec' function.\n\n - An use-after-free vulnerability in the 'nsHTMLDocument::SetBody' function in\n 'dom/html/nsHTMLDocument.cpp' script.\n\n - Memory leak in libstagefright when deleting an array during MP4 processing.\n\n - The 'nsCSPContext::SendReports' function in 'dom/security/nsCSPContext.cpp'\n script does not prevent use of a non-HTTP report-uri for a (CSP) violation report.\n\n - The multiple unspecified vulnerabilities in the browser engine.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerabilities will allow remote attackers to cause a denial of service\n (memory corruption and application crash) or possibly execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Thunderbird version before\n 38.7 on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Thunderbird version 38.7\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Thunderbird/MacOSX/Version\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/thunderbird\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!tbVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:tbVer, test_version:\"38.7\"))\n{\n report = report_fixed_ver(installed_version:tbVer, fixed_version:\"38.7\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:10", "description": "This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-04-01T00:00:00", "type": "openvas", "title": "Mozilla Thunderbird Security Updates(mfsa_2016-16_2016-38)-Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1950", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1964"], "modified": "2018-10-29T00:00:00", "id": "OPENVAS:1361412562310807627", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807627", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_thunderbird_mfsa_2016-16_2016-38_win.nasl 12149 2018-10-29 10:48:30Z asteins $\n#\n# Mozilla Thunderbird Security Updates(mfsa_2016-16_2016-38)-Windows\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:thunderbird\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807627\");\n script_version(\"$Revision: 12149 $\");\n script_cve_id(\"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\",\n\t\t\"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\",\n\t\t\"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\",\n\t\t\"CVE-2016-2801\", \"CVE-2016-2802\", \"CVE-2016-1953\", \"CVE-2016-1950\",\n\t\t\"CVE-2016-1974\", \"CVE-2016-1966\", \"CVE-2016-1964\", \"CVE-2016-1961\",\n\t\t\"CVE-2016-1960\", \"CVE-2016-1957\", \"CVE-2016-1954\", \"CVE-2016-1952\");\n script_bugtraq_id(84222, 84221, 84223, 84219, 84218);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-29 11:48:30 +0100 (Mon, 29 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-04-01 13:19:33 +0530 (Fri, 01 Apr 2016)\");\n script_name(\"Mozilla Thunderbird Security Updates(mfsa_2016-16_2016-38)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to,\n\n - The 'nsScannerString::AppendUnicodeTo' function does not verify that memory\n allocation succeeds.\n\n - A memory corruption vulnerability in NPAPI plugin.\n\n - An use-after-free vulnerability in the 'AtomicBaseIncDec' function.\n\n - An use-after-free vulnerability in the 'nsHTMLDocument::SetBody' function in\n 'dom/html/nsHTMLDocument.cpp' script.\n\n - Memory leak in libstagefright when deleting an array during MP4 processing.\n\n - The 'nsCSPContext::SendReports' function in 'dom/security/nsCSPContext.cpp'\n script does not prevent use of a non-HTTP report-uri for a (CSP) violation report.\n\n - The multiple unspecified vulnerabilities in the browser engine.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerabilities will allow remote attackers to cause a denial of service\n (memory corruption and application crash) or possibly execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Thunderbird version before\n 38.7 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Thunderbird version 38.7\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_thunderbird_detect_portable_win.nasl\");\n script_mandatory_keys(\"Thunderbird/Win/Ver\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/thunderbird\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!tbVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:tbVer, test_version:\"38.7\"))\n{\n report = report_fixed_ver(installed_version:tbVer, fixed_version:\"38.7\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-06-25T14:50:16", "description": "This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-09-07T00:00:00", "type": "openvas", "title": "Mozilla Thunderbird Security Updates( mfsa_2016-16_2016-38_1 )-MAC OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1950", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1964"], "modified": "2019-06-25T00:00:00", "id": "OPENVAS:1361412562310808696", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808696", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Thunderbird Security Updates( mfsa_2016-16_2016-38_1 )-MAC OS X\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:thunderbird\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808696\");\n script_version(\"2019-06-25T08:25:15+0000\");\n script_cve_id(\"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\",\n\t\t\"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\",\n\t\t\"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\",\n\t\t\"CVE-2016-2801\", \"CVE-2016-2802\", \"CVE-2016-1979\", \"CVE-2016-1950\",\n\t\t\"CVE-2016-1974\", \"CVE-2016-1953\", \"CVE-2016-1964\", \"CVE-2016-1961\",\n\t\t\"CVE-2016-1960\", \"CVE-2016-1957\", \"CVE-2016-1956\", \"CVE-2016-1955\",\n\t\t\"CVE-2016-1954\", \"CVE-2016-1952\");\n script_bugtraq_id(84222, 84221, 84223, 84219, 84218);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-06-25 08:25:15 +0000 (Tue, 25 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-09-07 12:03:08 +0530 (Wed, 07 Sep 2016)\");\n script_name(\"Mozilla Thunderbird Security Updates( mfsa_2016-16_2016-38_1 )-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist. Please see the references for more information.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to cause a denial of service\n (memory corruption and application crash) or possibly execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Thunderbird version before\n 45 on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Thunderbird version 45\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Thunderbird/MacOSX/Version\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/thunderbird\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!tbVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:tbVer, test_version:\"45\"))\n{\n report = report_fixed_ver(installed_version:tbVer, fixed_version:\"45\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:35", "description": "Check the version of firefox", "cvss3": {}, "published": "2016-03-10T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2016:0373 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882413", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882413", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2016:0373 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882413\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-10 06:15:29 +0100 (Thu, 10 Mar 2016)\");\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\",\n \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\",\n \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1973\", \"CVE-2016-1974\",\n \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\",\n \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\",\n \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\",\n \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for firefox CESA-2016:0373 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of firefox\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser.\nXULRunner provides the XUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958,\nCVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1973, CVE-2016-1974,\nCVE-2016-1964, CVE-2016-1965, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped\nwith Firefox. A web page containing malicious content could cause Firefox\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791,\nCVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796,\nCVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801,\nCVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew\nMcCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas\nGolubovic, Jose Martinez, Romina Santillan, Abdulrahman Alqabandi,\nca0nguyen, lokihardt, Dominique Hazael-Massieux, Nicolas Gregoire, Tsubasa\nIinuma, the Communications Electronics Security Group (UK) of the GCHQ,\nHolger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters\nof these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 38.7.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:0373\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-March/021723.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.7.0~1.el7.centos\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:41:25", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for firefox (EulerOS-SA-2016-1002)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220161002", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220161002", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2016.1002\");\n script_version(\"2020-01-23T10:36:53+0000\");\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:36:53 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:36:53 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for firefox (EulerOS-SA-2016-1002)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2016-1002\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1002\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'firefox' package(s) announced via the EulerOS-SA-2016-1002 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1973, CVE-2016-1974, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802)\");\n\n script_tag(name:\"affected\", value:\"'firefox' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.7.0~1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:26", "description": "Check the version of firefox", "cvss3": {}, "published": "2016-03-10T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2016:0373 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882411", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882411", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2016:0373 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882411\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-10 06:14:56 +0100 (Thu, 10 Mar 2016)\");\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\",\n \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\",\n \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1973\", \"CVE-2016-1974\",\n \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\",\n \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\",\n \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\",\n \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for firefox CESA-2016:0373 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of firefox\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser.\nXULRunner provides the XUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958,\nCVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1973, CVE-2016-1974,\nCVE-2016-1964, CVE-2016-1965, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped\nwith Firefox. A web page containing malicious content could cause Firefox\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791,\nCVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796,\nCVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801,\nCVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew\nMcCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas\nGolubovic, Jose Martinez, Romina Santillan, Abdulrahman Alqabandi,\nca0nguyen, lokihardt, Dominique Hazael-Massieux, Nicolas Gregoire, Tsubasa\nIinuma, the Communications Electronics Security Group (UK) of the GCHQ,\nHolger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters\nof these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 38.7.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:0373\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-March/021724.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.7.0~1.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:54:08", "description": "Multiple security issues have been found\nin Iceweasel, Debian", "cvss3": {}, "published": "2016-03-09T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3510-1 (iceweasel - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703510", "href": "http://plugins.openvas.org/nasl.php?oid=703510", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3510.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3510-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703510);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\",\n \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\",\n \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1974\",\n \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\",\n \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\",\n \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\",\n \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_name(\"Debian Security Advisory DSA 3510-1 (iceweasel - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-03-09 00:00:00 +0100 (Wed, 09 Mar 2016)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3510.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"iceweasel on Debian Linux\");\n script_tag(name: \"insight\", value: \"Iceweasel is Firefox, rebranded. It is\na powerful, extensible web browser with support for modern web application\ntechnologies.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 38.7.0esr-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 38.7.0esr-1~deb8u1.\n\nFor the unstable distribution (sid), Debian is in the process of moving\nback towards using the Firefox name. These problems will soon be fixed\nin the firefox-esr source package.\n\nWe recommend that you upgrade your iceweasel packages.\");\n script_tag(name: \"summary\", value: \"Multiple security issues have been found\nin Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory\nsafety errors, buffer overflows, use-after-frees and other implementation errors may\nlead to the execution of arbitrary code, denial of service, address bar\nspoofing and overwriting local files.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"iceweasel\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-dbg\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-dev\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ach\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-af\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-all\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-an\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ar\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-as\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ast\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-az\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-be\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bg\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-bd\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-in\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-br\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bs\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ca\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-cs\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-cy\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-da\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-de\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-dsb\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-el\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-gb\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-za\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-eo\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-ar\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-cl\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-es\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-mx\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-et\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-eu\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fa\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ff\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fi\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fr\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fy-nl\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ga-ie\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-gd\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-gl\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-gu-in\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-he\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hi-in\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hr\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hsb\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hu\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hy-am\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-id\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-is\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-it\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ja\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-kk\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-km\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-kn\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ko\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-lij\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-lt\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-lv\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-mai\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-mk\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ml\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-mr\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ms\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-nb-no\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-nl\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-nn-no\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-or\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pa-in\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pl\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-br\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-pt\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-rm\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ro\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ru\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-si\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sk\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sl\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-son\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sq\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sr\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sv-se\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ta\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-te\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-th\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-tr\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-uk\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-uz\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-vi\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-xh\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-cn\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-tw\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs17d\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs17d-dbg\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-17.0\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-17.0-dbg\", ver:\"38.7.0esr-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-dbg\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-dev\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ach\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-af\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-all\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-an\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ar\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-as\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ast\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-az\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-be\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bg\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-bd\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-in\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-br\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-bs\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ca\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-cs\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-csb\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-cy\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-da\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-de\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-dsb\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-el\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-gb\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-za\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-eo\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-ar\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-cl\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-es\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-mx\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-et\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-eu\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fa\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ff\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fi\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fr\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-fy-nl\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ga-ie\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-gd\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-gl\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-gu-in\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-he\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hi-in\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hr\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hsb\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hu\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-hy-am\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-id\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-is\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-it\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ja\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-kk\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-km\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-kn\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ko\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ku\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-lij\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-lt\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-lv\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-mai\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-mk\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ml\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-mr\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ms\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-nb-no\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-nl\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-nn-no\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-or\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pa-in\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pl\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-br\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-pt\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-rm\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ro\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ru\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-si\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sk\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sl\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-son\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sq\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sr\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-sv-se\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-ta\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-te\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-th\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-tr\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-uk\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-uz\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-vi\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-xh\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-cn\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-tw\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-l10n-zu\", ver:\"38.7.0esr-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:35:18", "description": "Oracle Linux Local Security Checks ELSA-2016-0373", "cvss3": {}, "published": "2016-03-11T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2016-0373", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310122896", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122896", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2016-0373.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.fi>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://solinor.fi\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122896\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-03-11 07:06:40 +0200 (Fri, 11 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2016-0373\");\n script_tag(name:\"insight\", value:\"ELSA-2016-0373 - firefox security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2016-0373\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2016-0373.html\");\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(7|5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.7.0~1.0.1.el7_2\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.7.0~1.0.1.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.7.0~1.0.1.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:42", "description": "Multiple security issues have been found\nin Iceweasel, Debian", "cvss3": {}, "published": "2016-03-09T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3510-1 (iceweasel - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703510", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703510", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3510.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3510-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703510\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\",\n \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\",\n \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1974\",\n \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\",\n \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\",\n \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\",\n \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_name(\"Debian Security Advisory DSA 3510-1 (iceweasel - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-09 00:00:00 +0100 (Wed, 09 Mar 2016)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3510.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(7|8)\");\n script_tag(name:\"affected\", value:\"iceweasel on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 38.7.0esr-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 38.7.0esr-1~deb8u1.\n\nFor the unstable distribution (sid), Debian is in the process of moving\nback towards using the Firefox name. These problems will soon be fixed\nin the firefox-esr source package.\n\nWe recommend that you upgrade your iceweasel packages.\");\n script_tag(name:\"summary\", value:\"Multiple security issues have been found\nin Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory\nsafety errors, buffer overflows, use-after-frees and other implementation errors may\nlead to the execution of arbitrary code, denial of service, address bar\nspoofing and overwriting local files.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"iceweasel\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-dbg\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-dev\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ach\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-af\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-all\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-an\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ar\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-as\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ast\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-az\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-be\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bg\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-bd\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-in\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-br\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bs\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ca\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-cs\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-cy\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-da\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-de\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-dsb\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-el\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-gb\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-za\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-eo\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-ar\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-cl\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-es\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-mx\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-et\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-eu\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fa\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ff\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fi\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fr\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fy-nl\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ga-ie\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-gd\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-gl\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-gu-in\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-he\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hi-in\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hr\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hsb\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hu\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hy-am\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-id\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-is\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-it\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ja\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-kk\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-km\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-kn\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ko\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-lij\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-lt\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-lv\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-mai\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-mk\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ml\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-mr\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ms\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-nb-no\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-nl\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-nn-no\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-or\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pa-in\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pl\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-br\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-pt\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-rm\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ro\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ru\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-si\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sk\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sl\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-son\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sq\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sr\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sv-se\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ta\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-te\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-th\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-tr\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-uk\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-uz\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-vi\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-xh\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-cn\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-tw\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmozjs17d\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmozjs17d-dbg\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xulrunner-17.0\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xulrunner-17.0-dbg\", ver:\"38.7.0esr-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-dbg\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-dev\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ach\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-af\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-all\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-an\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ar\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-as\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ast\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-az\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-be\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bg\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-bd\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-in\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-br\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-bs\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ca\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-cs\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-csb\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-cy\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-da\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-de\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-dsb\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-el\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-gb\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-en-za\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-eo\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-ar\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-cl\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-es\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-es-mx\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-et\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-eu\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fa\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ff\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fi\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fr\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-fy-nl\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ga-ie\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-gd\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-gl\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-gu-in\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-he\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hi-in\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hr\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hsb\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hu\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-hy-am\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-id\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-is\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-it\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ja\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-kk\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-km\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-kn\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ko\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ku\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-lij\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-lt\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-lv\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-mai\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-mk\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ml\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-mr\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ms\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-nb-no\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-nl\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-nn-no\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-or\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pa-in\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pl\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-br\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-pt\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-rm\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ro\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ru\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-si\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sk\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sl\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-son\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sq\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sr\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-sv-se\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-ta\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-te\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-th\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-tr\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-uk\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-uz\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-vi\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-xh\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-cn\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-tw\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-l10n-zu\", ver:\"38.7.0esr-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:34", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-03-10T00:00:00", "type": "openvas", "title": "RedHat Update for firefox RHSA-2016:0373-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871568", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871568", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for firefox RHSA-2016:0373-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871568\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-10 06:14:03 +0100 (Thu, 10 Mar 2016)\");\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\",\n \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\",\n \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1973\", \"CVE-2016-1974\",\n \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\",\n \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\",\n \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\",\n \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for firefox RHSA-2016:0373-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web\n browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Firefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958,\n CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1973, CVE-2016-1974,\n CVE-2016-1964, CVE-2016-1965, CVE-2016-1966)\n\n Multiple security flaws were found in the graphite2 font library shipped\n with Firefox. A web page containing malicious content could cause Firefox\n to crash or, potentially, execute arbitrary code with the privileges of the\n user running Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791,\n CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796,\n CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801,\n CVE-2016-2802)\n\n Red Hat would like to thank the Mozilla project for reporting these issues.\n Upstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew\n McCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas\n Golubovic, Jose Martinez, Romina Santillan, Abdulrahman Alqabandi,\n caonguyen, lokihardt, Dominique Hazael-Massieux, Nicolas Gregoire, Tsubasa\n Iinuma, the Communications Electronics Security Group (UK) of the GCHQ,\n Holger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters\n of these issues.\n\n All Firefox users should upgrade to these updated packages, which contain\n Firefox version 38.7.0 ESR, which corrects these issues. After installing\n the update, Firefox must be restarted for the changes to take effect.\");\n\n script_tag(name:\"affected\", value:\"firefox on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:0373-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-March/msg00029.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6|5)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.7.0~1.el7_2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~38.7.0~1.el7_2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.7.0~1.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~38.7.0~1.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.7.0~1.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~38.7.0~1.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:41", "description": "Check the version of firefox", "cvss3": {}, "published": "2016-03-10T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2016:0373 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882416", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882416", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2016:0373 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882416\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-10 06:16:01 +0100 (Thu, 10 Mar 2016)\");\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\",\n \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\",\n \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1973\", \"CVE-2016-1974\",\n \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\",\n \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\",\n \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\",\n \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for firefox CESA-2016:0373 centos5\");\n script_tag(name:\"summary\", value:\"Check the version of firefox\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser.\nXULRunner provides the XUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958,\nCVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1973, CVE-2016-1974,\nCVE-2016-1964, CVE-2016-1965, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped\nwith Firefox. A web page containing malicious content could cause Firefox\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791,\nCVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796,\nCVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801,\nCVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew\nMcCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas\nGolubovic, Jose Martinez, Romina Santillan, Abdulrahman Alqabandi,\nca0nguyen, lokihardt, Dominique Hazael-Massieux, Nicolas Gregoire, Tsubasa\nIinuma, the Communications Electronics Security Group (UK) of the GCHQ,\nHolger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters\nof these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 38.7.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:0373\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-March/021725.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.7.0~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:58", "description": "This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-09-07T00:00:00", "type": "openvas", "title": "Mozilla Thunderbird Security Updates( mfsa_2016-16_2016-38_1 )-Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1950", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1964"], "modified": "2019-05-03T00:00:00", "id": "OPENVAS:1361412562310808695", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808695", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Thunderbird Security Updates( mfsa_2016-16_2016-38_1 )-Windows\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:thunderbird\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808695\");\n script_version(\"2019-05-03T13:51:56+0000\");\n script_cve_id(\"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\",\n\t\t\"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\",\n\t\t\"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\",\n\t\t\"CVE-2016-2801\", \"CVE-2016-2802\", \"CVE-2016-1979\", \"CVE-2016-1950\",\n\t\t\"CVE-2016-1974\", \"CVE-2016-1953\", \"CVE-2016-1964\", \"CVE-2016-1961\",\n\t\t\"CVE-2016-1960\", \"CVE-2016-1957\", \"CVE-2016-1956\", \"CVE-2016-1955\",\n\t\t\"CVE-2016-1954\", \"CVE-2016-1952\");\n script_bugtraq_id(84222, 84221, 84223, 84219, 84218);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-03 13:51:56 +0000 (Fri, 03 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-09-07 11:44:05 +0530 (Wed, 07 Sep 2016)\");\n script_name(\"Mozilla Thunderbird Security Updates( mfsa_2016-16_2016-38_1 )-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist. Please see the references for more information.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to cause a denial of service\n (memory corruption and application crash) or possibly execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Thunderbird version before\n 45 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Thunderbird version 45 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_thunderbird_detect_portable_win.nasl\");\n script_mandatory_keys(\"Thunderbird/Win/Ver\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/thunderbird\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!tbVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:tbVer, test_version:\"45\"))\n{\n report = report_fixed_ver(installed_version:tbVer, fixed_version:\"45\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-19T22:12:06", "description": "This host is installed with Mozilla\n Firefox ESR and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-03-14T00:00:00", "type": "openvas", "title": "Mozilla Firefox ESR Multiple Vulnerabilities - Mar16 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1969", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310807523", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807523", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Firefox ESR Multiple Vulnerabilities - Mar16 (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:firefox_esr\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807523\");\n script_version(\"2019-07-17T11:14:11+0000\");\n script_cve_id(\"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\",\n \"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1961\", \"CVE-2016-1962\",\n \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1969\",\n \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\",\n \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\",\n \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\",\n \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 11:14:11 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-03-14 18:44:58 +0530 (Mon, 14 Mar 2016)\");\n script_name(\"Mozilla Firefox ESR Multiple Vulnerabilities - Mar16 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Firefox ESR and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - The 'nsCSPContext::SendReports' function in 'dom/security/nsCSPContext.cpp'\n script does not prevent use of a non-HTTP report-uri for a CSP violation\n report.\n\n - A memory leak in the libstagefright library when array destruction occurs\n during MPEG4 video file processing.\n\n - An error in 'browser/base/content/browser.js' script.\n\n - Multiple use-after-free issues.\n\n - Multiple out-of-bounds read errors\n\n - The mishandling of a navigation sequence that returns to the original page.\n\n - A memory corruption issue in NPAPI plugin in 'nsNPObjWrapper::GetNewOrUsed'\n function in 'dom/plugins/base/nsJSNPRuntime.cpp' script.\n\n - A race condition in the 'GetStaticInstance' function in the WebRTC\n implementation.\n\n - Multiple Heap-based buffer overflow vulnerabilities.\n\n - The multiple unspecified vulnerabilities in the browser engine.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code or to cause a denial of service,\n possibly gain privileges, to bypass the Same Origin Policy, to obtain\n sensitive information and to do spoofing attacks.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Firefox ESR version 38.x\n before 38.7 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox ESR version\n 38.7 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-25\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox-ESR/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!ffVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(ffVer =~ \"^38\")\n{\n if(version_is_less(version:ffVer, test_version:\"38.7\"))\n {\n report = report_fixed_ver(installed_version:ffVer, fixed_version:\"38.7\");\n security_message(data:report);\n exit(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:36:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-03-27T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2016:0894-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2015-7207", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1952", "CVE-2015-4477", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851261", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851261", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851261\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-03-27 05:17:33 +0200 (Sun, 27 Mar 2016)\");\n script_cve_id(\"CVE-2015-4477\", \"CVE-2015-7207\", \"CVE-2016-1952\", \"CVE-2016-1954\",\n \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\",\n \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\",\n \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\",\n \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\",\n \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\",\n \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2016:0894-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'MozillaThunderbird'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"MozillaThunderbird was updated to 38.7.0 to fix the following issues:\n\n * Update to Thunderbird 38.7.0 (boo#969894)\n\n * MFSA 2015-81/CVE-2015-4477 (bmo#1179484) Use-after-free in MediaStream\n playback\n\n * MFSA 2015-136/CVE-2015-7207 (bmo#1185256) Same-origin policy violation\n using performance.getEntries and history navigation\n\n * MFSA 2016-16/CVE-2016-1952 Miscellaneous memory safety hazards\n\n * MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and\n potential privilege escalation through CSP reports\n\n * MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in libstagefright\n when deleting an array during MP4 processing\n\n * MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be\n overridden\n\n * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free\n in HTML5 string parser\n\n * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free\n in SetBody\n\n * MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using\n multiple WebRTC data channels\n\n * MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML\n transformations\n\n * MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though\n history navigation and Location protocol property\n\n * MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with\n malicious NPAPI plugin\n\n * MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML\n parser following a failed allocation\n\n * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the\n Graphite 2 library\");\n\n script_tag(name:\"affected\", value:\"MozillaThunderbird on openSUSE 13.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:0894-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.1\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird\", rpm:\"MozillaThunderbird~38.7.0~70.80.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-buildsymbols\", rpm:\"MozillaThunderbird-buildsymbols~38.7.0~70.80.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-debuginfo\", rpm:\"MozillaThunderbird-debuginfo~38.7.0~70.80.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-debugsource\", rpm:\"MozillaThunderbird-debugsource~38.7.0~70.80.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-devel\", rpm:\"MozillaThunderbird-devel~38.7.0~70.80.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-common\", rpm:\"MozillaThunderbird-translations-common~38.7.0~70.80.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-other\", rpm:\"MozillaThunderbird-translations-other~38.7.0~70.80.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:35:43", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-03-25T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2016:0876-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2015-7207", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1952", "CVE-2015-4477", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851258", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851258", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851258\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-03-25 06:13:53 +0100 (Fri, 25 Mar 2016)\");\n script_cve_id(\"CVE-2015-4477\", \"CVE-2015-7207\", \"CVE-2016-1952\", \"CVE-2016-1954\",\n \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\",\n \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\",\n \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\",\n \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\",\n \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\",\n \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2016:0876-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'MozillaThunderbird'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"MozillaThunderbird was updated to 38.7.0 to fix the following issues:\n\n * Update to Thunderbird 38.7.0 (boo#969894)\n\n * MFSA 2015-81/CVE-2015-4477 (bmo#1179484) Use-after-free in MediaStream\n playback\n\n * MFSA 2015-136/CVE-2015-7207 (bmo#1185256) Same-origin policy violation\n using performance.getEntries and history navigation\n\n * MFSA 2016-16/CVE-2016-1952 Miscellaneous memory safety hazards\n\n * MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and\n potential privilege escalation through CSP reports\n\n * MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in libstagefright\n when deleting an array during MP4 processing\n\n * MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be\n overridden\n\n * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free\n in HTML5 string parser\n\n * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free\n in SetBody\n\n * MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using\n multiple WebRTC data channels\n\n * MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML\n transformations\n\n * MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though\n history navigation and Location protocol property\n\n * MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with\n malicious NPAPI plugin\n\n * MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML\n parser following a failed allocation\n\n * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the\n Graphite 2 library\");\n\n script_tag(name:\"affected\", value:\"MozillaThunderbird on openSUSE Leap 42.1, openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:0876-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird\", rpm:\"MozillaThunderbird~38.7.0~40.2\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-buildsymbols\", rpm:\"MozillaThunderbird-buildsymbols~38.7.0~40.2\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-debuginfo\", rpm:\"MozillaThunderbird-debuginfo~38.7.0~40.2\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-debugsource\", rpm:\"MozillaThunderbird-debugsource~38.7.0~40.2\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-devel\", rpm:\"MozillaThunderbird-devel~38.7.0~40.2\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-common\", rpm:\"MozillaThunderbird-translations-common~38.7.0~40.2\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-other\", rpm:\"MozillaThunderbird-translations-other~38.7.0~40.2\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-19T22:11:14", "description": "This host is installed with Mozilla\n Firefox ESR and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-03-14T00:00:00", "type": "openvas", "title": "Mozilla Firefox ESR Multiple Vulnerabilities - Mar16 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1969", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310807522", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807522", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Firefox ESR Multiple Vulnerabilities - Mar16 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:firefox_esr\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807522\");\n script_version(\"2019-07-17T11:14:11+0000\");\n script_cve_id(\"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\",\n \"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1961\", \"CVE-2016-1962\",\n \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1969\",\n \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\",\n \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\",\n \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\",\n \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 11:14:11 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-03-14 18:44:58 +0530 (Mon, 14 Mar 2016)\");\n script_name(\"Mozilla Firefox ESR Multiple Vulnerabilities - Mar16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Firefox ESR and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - The 'nsCSPContext::SendReports' function in 'dom/security/nsCSPContext.cpp'\n script does not prevent use of a non-HTTP report-uri for a CSP violation\n report.\n\n - A memory leak in the libstagefright library when array destruction occurs\n during MPEG4 video file processing.\n\n - An error in 'browser/base/content/browser.js' script.\n\n - Multiple use-after-free issues.\n\n - Multiple out-of-bounds read errors\n\n - The mishandling of a navigation sequence that returns to the original page.\n\n - A memory corruption issue in NPAPI plugin in 'nsNPObjWrapper::GetNewOrUsed'\n function in 'dom/plugins/base/nsJSNPRuntime.cpp' script.\n\n - A race condition in the 'GetStaticInstance' function in the WebRTC\n implementation.\n\n - Multiple Heap-based buffer overflow vulnerabilities.\n\n - The multiple unspecified vulnerabilities in the browser engine.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code or to cause a denial of service,\n possibly gain privileges, to bypass the Same Origin Policy, to obtain\n sensitive information and to do spoofing attacks.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Firefox ESR version 38.x\n before 38.7 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox ESR version\n 38.7 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-25\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\");\n script_mandatory_keys(\"Firefox-ESR/Win/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!ffVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(ffVer =~ \"^38\")\n{\n if(version_is_less(version:ffVer, test_version:\"38.7\"))\n {\n report = report_fixed_ver(installed_version:ffVer, fixed_version:\"38.7\");\n security_message(data:report);\n exit(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:35:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-07-11T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2016:1778-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-2815", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-2818", "CVE-2016-1952", "CVE-2016-2807", "CVE-2016-2806", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1964"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851366", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851366", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851366\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-07-11 05:26:25 +0200 (Mon, 11 Jul 2016)\");\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1955\",\n \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1960\", \"CVE-2016-1961\",\n \"CVE-2016-1964\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\",\n \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\",\n \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\",\n \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\",\n \"CVE-2016-2806\", \"CVE-2016-2807\", \"CVE-2016-2815\", \"CVE-2016-2818\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2016:1778-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'MozillaThunderbird'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update contains Mozilla Thunderbird 45.2. (boo#983549)\n\n It fixes security issues mostly affecting the e-mail program when used in\n a browser context, such as viewing a web page or HTMl formatted e-mail.\n\n The following vulnerabilities were fixed:\n\n - CVE-2016-2818, CVE-2016-2815: Memory safety bugs (boo#983549,\n MFSA2016-49)\n\n Contains the following security fixes from the 45.1 release: (boo#977333)\n\n - CVE-2016-2806, CVE-2016-2807: Miscellaneous memory safety hazards\n (boo#977375, boo#977376, MFSA 2016-39)\n\n Contains the following security fixes from the 45.0 release: (boo#969894)\n\n - CVE-2016-1952, CVE-2016-1953: Miscellaneous memory safety hazards (MFSA\n 2016-16)\n\n - CVE-2016-1954: Local file overwriting and potential privilege escalation\n through CSP reports (MFSA 2016-17)\n\n - CVE-2016-1955: CSP reports fail to strip location information for\n embedded iframe pages (MFSA 2016-18)\n\n - CVE-2016-1956: Linux video memory DOS with Intel drivers (MFSA 2016-19)\n\n - CVE-2016-1957: Memory leak in libstagefright when deleting an array\n during MP4 processing (MFSA 2016-20)\n\n - CVE-2016-1960: Use-after-free in HTML5 string parser (MFSA 2016-23)\n\n - CVE-2016-1961: Use-after-free in SetBody (MFSA 2016-24)\n\n - CVE-2016-1964: Use-after-free during XML transformations (MFSA 2016-27)\n\n - CVE-2016-1974: Out-of-bounds read in HTML parser following a failed\n allocation (MFSA 2016-34)\n\n The graphite font shaping library was disabled, addressing the following\n font vulnerabilities:\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802\n\n The following tracked packaging changes are included:\n\n - fix build issues with gcc/binutils combination used in Leap 42.2\n (boo#984637)\n\n - gcc6 fixes (boo#986162)\n\n - running on 48bit va aarch64 (boo#984126)\");\n\n script_tag(name:\"affected\", value:\"MozillaThunderbird on openSUSE Leap 42.1, openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:1778-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird\", rpm:\"MozillaThunderbird~45.2~43.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-buildsymbols\", rpm:\"MozillaThunderbird-buildsymbols~45.2~43.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-debuginfo\", rpm:\"MozillaThunderbird-debuginfo~45.2~43.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-debugsource\", rpm:\"MozillaThunderbird-debugsource~45.2~43.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-devel\", rpm:\"MozillaThunderbird-devel~45.2~43.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-common\", rpm:\"MozillaThunderbird-translations-common~45.2~43.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-other\", rpm:\"MozillaThunderbird-translations-other~45.2~43.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-04T17:41:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-03-12T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for MozillaFirefox (SUSE-SU-2016:0727-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1978", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2020-06-03T00:00:00", "id": "OPENVAS:1361412562310851229", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851229", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851229\");\n script_version(\"2020-06-03T08:38:58+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-03 08:38:58 +0000 (Wed, 03 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-03-12 06:13:25 +0100 (Sat, 12 Mar 2016)\");\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\",\n \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\",\n \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\",\n \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-1978\", \"CVE-2016-1979\",\n \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\",\n \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\",\n \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\",\n \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for MozillaFirefox (SUSE-SU-2016:0727-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'MozillaFirefox'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the\n following issues:\n\n Mozilla Firefox was updated to 38.7.0 ESR (bsc#969894), fixing following\n security issues:\n\n * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety\n hazards (rv:45.0 / rv:38.7)\n\n * MFSA 2016-17/CVE-2016-1954 Local file overwriting and potential\n privilege escalation through CSP reports\n\n * MFSA 2016-20/CVE-2016-1957 Memory leak in libstagefright when deleting\n an array during MP4 processing\n\n * MFSA 2016-21/CVE-2016-1958 Displayed page address can be overridden\n\n * MFSA 2016-23/CVE-2016-1960 Use-after-free in HTML5 string parser\n\n * MFSA 2016-24/CVE-2016-1961 Use-after-free in SetBody\n\n * MFSA 2016-25/CVE-2016-1962 Use-after-free when using multiple WebRTC\n data channels\n\n * MFSA 2016-27/CVE-2016-1964 Use-after-free during XML transformations\n\n * MFSA 2016-28/CVE-2016-1965 Addressbar spoofing though history navigation\n and Location protocol property\n\n * MFSA 2016-31/CVE-2016-1966 Memory corruption with malicious NPAPI plugin\n\n * MFSA 2016-34/CVE-2016-1974 Out-of-bounds read in HTML parser following a\n failed allocation\n\n * MFSA 2016-35/CVE-2016-1950 Buffer overflow during ASN.1 decoding in NSS\n\n * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the\n Graphite 2 library\n\n Mozilla NSPR was updated to version 4.12 (bsc#969894), fixing following\n bugs:\n\n * added a PR_GetEnvSecure function, which attempts to detect if the\n program is being executed with elevated privileges, and returns NULL if\n detected. It is recommended to use this function in general purpose\n library code.\n\n * fixed a memory allocation bug related to the PR_*printf functions\n\n * exported API PR_DuplicateEnvironment, which had already been added in\n NSPR 4.10.9\n\n * added support for FreeBSD aarch64\n\n * several minor correctness and compatibility fixes\n\n Mozilla NSS was updated to fix security issues (bsc#969894):\n\n * MFSA 2016-15/CVE-2016-1978 Use-after-free in NSS during SSL connections\n in low memory\n\n * MFSA 2016-35/CVE-2016-1950 Buffer overflow during ASN.1 decoding in NSS\n\n * MFSA 2016-36/CVE-2016-1979 Use-after-free during processing of DER\n encoded keys in NSS\");\n\n script_tag(name:\"affected\", value:\"MozillaFirefox, on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Desktop 12\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"SUSE-SU\", value:\"2016:0727-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(SLED12\\.0SP0|SLES12\\.0SP0)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLED12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~38.7.0esr~63.3\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debuginfo\", rpm:\"MozillaFirefox-debuginfo~38.7.0esr~63.3\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debugsource\", rpm:\"MozillaFirefox-debugsource~38.7.0esr~63.3\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~38.7.0esr~63.3\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3\", rpm:\"libfreebl3~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-32bit\", rpm:\"libfreebl3-32bit~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo\", rpm:\"libfreebl3-debuginfo~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo-32bit\", rpm:\"libfreebl3-debuginfo-32bit~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3\", rpm:\"libsoftokn3~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-32bit\", rpm:\"libsoftokn3-32bit~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo\", rpm:\"libsoftokn3-debuginfo~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo-32bit\", rpm:\"libsoftokn3-debuginfo-32bit~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-32bit\", rpm:\"mozilla-nspr-32bit~4.12~12.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr\", rpm:\"mozilla-nspr~4.12~12.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debuginfo-32bit\", rpm:\"mozilla-nspr-debuginfo-32bit~4.12~12.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debuginfo\", rpm:\"mozilla-nspr-debuginfo~4.12~12.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debugsource\", rpm:\"mozilla-nspr-debugsource~4.12~12.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-32bit\", rpm:\"mozilla-nss-32bit~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs\", rpm:\"mozilla-nss-certs~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-32bit\", rpm:\"mozilla-nss-certs-32bit~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo\", rpm:\"mozilla-nss-certs-debuginfo~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo-32bit\", rpm:\"mozilla-nss-certs-debuginfo-32bit~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo\", rpm:\"mozilla-nss-debuginfo~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo-32bit\", rpm:\"mozilla-nss-debuginfo-32bit~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debugsource\", rpm:\"mozilla-nss-debugsource~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit\", rpm:\"mozilla-nss-sysinit~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-32bit\", rpm:\"mozilla-nss-sysinit-32bit~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-debuginfo\", rpm:\"mozilla-nss-sysinit-debuginfo~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-debuginfo-32bit\", rpm:\"mozilla-nss-sysinit-debuginfo-32bit~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools\", rpm:\"mozilla-nss-tools~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools-debuginfo\", rpm:\"mozilla-nss-tools-debuginfo~3.20.2~40.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"SLES12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~38.7.0esr~63.3\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debuginfo\", rpm:\"MozillaFirefox-debuginfo~38.7.0esr~63.3\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debugsource\", rpm:\"MozillaFirefox-debugsource~38.7.0esr~63.3\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~38.7.0esr~63.3\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3\", rpm:\"libfreebl3~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo\", rpm:\"libfreebl3-debuginfo~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-hmac\", rpm:\"libfreebl3-hmac~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3\", rpm:\"libsoftokn3~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo\", rpm:\"libsoftokn3-debuginfo~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-hmac\", rpm:\"libsoftokn3-hmac~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr\", rpm:\"mozilla-nspr~4.12~12.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debuginfo\", rpm:\"mozilla-nspr-debuginfo~4.12~12.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debugsource\", rpm:\"mozilla-nspr-debugsource~4.12~12.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs\", rpm:\"mozilla-nss-certs~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo\", rpm:\"mozilla-nss-certs-debuginfo~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo\", rpm:\"mozilla-nss-debuginfo~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debugsource\", rpm:\"mozilla-nss-debugsource~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit\", rpm:\"mozilla-nss-sysinit~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-debuginfo\", rpm:\"mozilla-nss-sysinit-debuginfo~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools\", rpm:\"mozilla-nss-tools~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools-debuginfo\", rpm:\"mozilla-nss-tools-debuginfo~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-32bit\", rpm:\"libfreebl3-32bit~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo-32bit\", rpm:\"libfreebl3-debuginfo-32bit~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-hmac-32bit\", rpm:\"libfreebl3-hmac-32bit~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-32bit\", rpm:\"libsoftokn3-32bit~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo-32bit\", rpm:\"libsoftokn3-debuginfo-32bit~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-hmac-32bit\", rpm:\"libsoftokn3-hmac-32bit~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-32bit\", rpm:\"mozilla-nspr-32bit~4.12~12.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debuginfo-32bit\", rpm:\"mozilla-nspr-debuginfo-32bit~4.12~12.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-32bit\", rpm:\"mozilla-nss-32bit~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-32bit\", rpm:\"mozilla-nss-certs-32bit~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo-32bit\", rpm:\"mozilla-nss-certs-debuginfo-32bit~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo-32bit\", rpm:\"mozilla-nss-debuginfo-32bit~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-32bit\", rpm:\"mozilla-nss-sysinit-32bit~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-debuginfo-32bit\", rpm:\"mozilla-nss-sysinit-debuginfo-32bit~3.20.2~40.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:36:30", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-07-11T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for Mozilla Thunderbird (openSUSE-SU-2016:1767-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-2815", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-2818", "CVE-2016-1952", "CVE-2016-2807", "CVE-2016-2806", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1964"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851365", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851365", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851365\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-07-11 05:25:35 +0200 (Mon, 11 Jul 2016)\");\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1955\",\n \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1960\", \"CVE-2016-1961\",\n \"CVE-2016-1964\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\",\n \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\",\n \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\",\n \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\",\n \"CVE-2016-2806\", \"CVE-2016-2807\", \"CVE-2016-2815\", \"CVE-2016-2818\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for Mozilla Thunderbird (openSUSE-SU-2016:1767-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Mozilla Thunderbird'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update contains Mozilla Thunderbird 45.2. (boo#983549)\n\n It fixes security issues mostly affecting the e-mail program when used in\n a browser context, such as viewing a web page or HTMl formatted e-mail.\n\n The following vulnerabilities were fixed:\n\n - CVE-2016-2818, CVE-2016-2815: Memory safety bugs (boo#983549,\n MFSA2016-49)\n\n Contains the following security fixes from the 45.1 release: (boo#977333)\n\n - CVE-2016-2806, CVE-2016-2807: Miscellaneous memory safety hazards\n (boo#977375, boo#977376, MFSA 2016-39)\n\n Contains the following security fixes from the 45.0 release: (boo#969894)\n\n - CVE-2016-1952, CVE-2016-1953: Miscellaneous memory safety hazards (MFSA\n 2016-16)\n\n - CVE-2016-1954: Local file overwriting and potential privilege escalation\n through CSP reports (MFSA 2016-17)\n\n - CVE-2016-1955: CSP reports fail to strip location information for\n embedded iframe pages (MFSA 2016-18)\n\n - CVE-2016-1956: Linux video memory DOS with Intel drivers (MFSA 2016-19)\n\n - CVE-2016-1957: Memory leak in libstagefright when deleting an array\n during MP4 processing (MFSA 2016-20)\n\n - CVE-2016-1960: Use-after-free in HTML5 string parser (MFSA 2016-23)\n\n - CVE-2016-1961: Use-after-free in SetBody (MFSA 2016-24)\n\n - CVE-2016-1964: Use-after-free during XML transformations (MFSA 2016-27)\n\n - CVE-2016-1974: Out-of-bounds read in HTML parser following a failed\n allocation (MFSA 2016-34)\n\n The graphite font shaping library was disabled, addressing the following\n font vulnerabilities:\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802\n\n The following tracked packaging changes are included:\n\n - fix build issues with gcc/binutils combination used in Leap 42.2\n (boo#984637)\n\n - gcc6 fixes (boo#986162)\n\n - running on 48bit va aarch64 (boo#984126)\");\n\n script_tag(name:\"affected\", value:\"Mozilla Thunderbird on openSUSE 13.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:1767-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.1\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird\", rpm:\"MozillaThunderbird~45.2~70.83.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-buildsymbols\", rpm:\"MozillaThunderbird-buildsymbols~45.2~70.83.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-debuginfo\", rpm:\"MozillaThunderbird-debuginfo~45.2~70.83.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-debugsource\", rpm:\"MozillaThunderbird-debugsource~45.2~70.83.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-devel\", rpm:\"MozillaThunderbird-devel~45.2~70.83.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-common\", rpm:\"MozillaThunderbird-translations-common~45.2~70.83.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-other\", rpm:\"MozillaThunderbird-translations-other~45.2~70.83.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:50", "description": "Mageia Linux Local Security Checks mgasa-2016-0105", "cvss3": {}, "published": "2016-03-10T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2016-0105", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2015-7207", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1952", "CVE-2015-4477", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310131260", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131260", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2016-0105.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131260\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-03-10 07:17:42 +0200 (Thu, 10 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2016-0105\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2016-0105.html\");\n script_cve_id(\"CVE-2015-4477\", \"CVE-2015-7207\", \"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-1979\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2016-0105\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.12~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.21.1~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~38.7.0~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"firefox-l10n\", rpm:\"firefox-l10n~38.7.0~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-04-20T00:00:00", "type": "openvas", "title": "Ubuntu Update for firefox USN-2917-3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842718", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842718", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for firefox USN-2917-3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842718\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-04-20 05:18:30 +0200 (Wed, 20 Apr 2016)\");\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\",\n \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1958\",\n\t\t\"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\",\n\t\t\"CVE-2016-1963\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\",\n\t\t\"CVE-2016-1967\", \"CVE-2016-1968\", \"CVE-2016-1973\", \"CVE-2016-1974\",\n\t\t\"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\",\n\t\t\"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\",\n\t\t\"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\",\n\t\t\"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for firefox USN-2917-3\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-2917-1 fixed vulnerabilities in Firefox.\n This update caused several web compatibility regressions.\n\n This update fixes the problem.\n\n We apologize for the inconvenience.\n\n Original advisory details:\n\n Francis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS.\n If a user were tricked in to opening a specially crafted website, an\n attacker could potentially exploit this to cause a denial of service via\n application crash, or execute arbitrary code with the privileges of the\n user invoking Firefox. (CVE-2016-1950)\n\n Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel\n Holbert, Jesse Ruderman, Randell Jesup, Carsten Book, Gian-Carlo Pascutto,\n Tyson Smith, Andrea Marchesini, and Jukka Jyl&#228 nki discovered multiple\n memory safety issues in Firefox. If a user were tricked in to opening a\n specially crafted website, an attacker could potentially exploit these to\n cause a denial of service via application crash, or execute arbitrary code\n with the privileges of the user invoking Firefox. (CVE-2016-1952,\n CVE-2016-1953)\n\n Nicolas Golubovic discovered that CSP violation reports can be used to\n overwrite local files. If a user were tricked in to opening a specially\n crafted website with addon signing disabled and unpacked addons installed,\n an attacker could potentially exploit this to gain additional privileges.\n (CVE-2016-1954)\n\n Muneaki Nishimura discovered that CSP violation reports contained full\n paths for cross-origin iframe navigations. An attacker could potentially\n exploit this to steal confidential data. (CVE-2016-1955)\n\n Ucha Gobejishvili discovered that performing certain WebGL operations\n resulted in memory resource exhaustion with some Intel GPUs, requiring\n a reboot. If a user were tricked in to opening a specially crafted\n website, an attacker could potentially exploit this to cause a denial\n of service. (CVE-2016-1956)\n\n Jose Martinez and Romina Santillan discovered a memory leak in\n libstagefright during MPEG4 video file processing in some circumstances.\n If a user were tricked in to opening a specially crafted website, an\n attacker could potentially exploit this to cause a denial of service via\n memory exhaustion. (CVE-2016-1957)\n\n Abdulrahman Alqabandi discovered that the addressbar could be blank or\n filled with page defined content in some circumstances. If a user were\n tricked in to opening a specially crafted website, an attacker could\n potentially exploit this to conduct URL spoofing attacks. (CVE-2016-1958)\n\n Looben Yang discovered an out-of-bounds read in Service Worker Manager. If\n a user were tricked in to opening a specially craf ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"firefox on Ubuntu 15.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2917-3\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2917-3/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|15\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"45.0.2+build1-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"45.0.2+build1-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"45.0.2+build1-0ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:32", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-03-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for firefox USN-2917-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842678", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842678", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for firefox USN-2917-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842678\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-10 06:16:26 +0100 (Thu, 10 Mar 2016)\");\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\",\n \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1958\",\n \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\",\n \"CVE-2016-1963\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\",\n \"CVE-2016-1967\", \"CVE-2016-1968\", \"CVE-2016-1973\", \"CVE-2016-1974\",\n \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\",\n \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\",\n \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\",\n \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for firefox USN-2917-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Francis Gabriel discovered a buffer overflow\n during ASN.1 decoding in NSS. If a user were tricked in to opening a specially\n crafted website, an attacker could potentially exploit this to cause a denial\n of service via application crash, or execute arbitrary code with the privileges\n of the user invoking Firefox. (CVE-2016-1950)\n\n Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel\n Holbert, Jesse Ruderman, Randell Jesup, Carsten Book, Gian-Carlo Pascutto,\n Tyson Smith, Andrea Marchesini, and Jukka Jyl&#228 nki discovered multiple\n memory safety issues in Firefox. If a user were tricked in to opening a\n specially crafted website, an attacker could potentially exploit these to\n cause a denial of service via application crash, or execute arbitrary code\n with the privileges of the user invoking Firefox. (CVE-2016-1952,\n CVE-2016-1953)\n\n Nicolas Golubovic discovered that CSP violation reports can be used to\n overwrite local files. If a user were tricked in to opening a specially\n crafted website with addon signing disabled and unpacked addons installed,\n an attacker could potentially exploit this to gain additional privileges.\n (CVE-2016-1954)\n\n Muneaki Nishimura discovered that CSP violation reports contained full\n paths for cross-origin iframe navigations. An attacker could potentially\n exploit this to steal confidential data. (CVE-2016-1955)\n\n Ucha Gobejishvili discovered that performing certain WebGL operations\n resulted in memory resource exhaustion with some Intel GPUs, requiring\n areboot. If a user were tricked in to opening a specially crafted\n website, an attacker could potentially exploit this to cause a denial\n of service. (CVE-2016-1956)\n\n Jose Martinez and Romina Santillan discovered a memory leak in\n libstagefright during MPEG4 video file processing in some circumstances.\n If a user were tricked in to opening a specially crafted website, an\n attacker could potentially exploit this to cause a denial of service via\n memory exhaustion. (CVE-2016-1957)\n\n Abdulrahman Alqabandi discovered that the addressbar could be blank or\n filled with page defined content in some circumstances. If a user were\n tricked in to opening a specially crafted website, an attacker could\n potentially exploit this to conduct URL spoofing attacks. (CVE-2016-1958)\n\n Looben Yang discovered an out-of-bounds read in Service Worker Manager. If\n a user were tricked in to opening a specially crafted website, an attacker\n could potentially exploit this to cause a denial of service via\n application crash, or execute arbitrary code with the privileges of the\n user invoking Firefox. (CVE-2016-1959)\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"firefox on Ubuntu 15.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2917-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2917-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|15\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"45.0+build2-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"45.0+build2-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"45.0+build2-0ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-19T22:11:16", "description": "This host is installed with Mozilla\n Firefox and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-03-14T00:00:00", "type": "openvas", "title": "Mozilla Firefox Multiple Vulnerabilities - Mar16 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-1969", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310807521", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807521", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Firefox Multiple Vulnerabilities - Mar16 (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:firefox\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807521\");\n script_version(\"2019-07-17T11:14:11+0000\");\n script_cve_id(\"CVE-2016-1954\", \"CVE-2016-1955\", \"CVE-2016-1957\", \"CVE-2016-1958\",\n \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1950\", \"CVE-2016-1952\",\n \"CVE-2016-1953\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1963\",\n \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1967\",\n \"CVE-2016-1968\", \"CVE-2016-1969\", \"CVE-2016-1973\", \"CVE-2016-1974\",\n \"CVE-2016-1977\", \"CVE-2016-1979\", \"CVE-2016-2790\", \"CVE-2016-2791\",\n \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\",\n \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\",\n \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 11:14:11 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-03-14 18:18:51 +0530 (Mon, 14 Mar 2016)\");\n script_name(\"Mozilla Firefox Multiple Vulnerabilities - Mar16 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Firefox and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - The 'nsCSPContext::SendReports' function in 'dom/security/nsCSPContext.cpp'\n script does not prevent use of a non-HTTP report-uri for a CSP violation\n report.\n\n - The CSP violation reports contained full path information for cross-origin\n iframe navigations in violation of the CSP specification.\n\n - A memory leak in the libstagefright library when array destruction occurs\n during MPEG4 video file processing.\n\n - An error in 'browser/base/content/browser.js' script.\n\n - Multiple use-after-free issues.\n\n - Multiple out-of-bounds read errors\n\n - A memory corruption vulnerability in the FileReader class.\n\n - The mishandling of a navigation sequence that returns to the original page.\n\n - Improper restriction of the availability of IFRAME Resource Timing API times.\n\n - Integer underflow in Brotli library's decompression.\n\n - A memory corruption issue in NPAPI plugin in 'nsNPObjWrapper::GetNewOrUsed'\n function in 'dom/plugins/base/nsJSNPRuntime.cpp' script.\n\n - A race condition in the 'GetStaticInstance' function in the WebRTC\n implementation.\n\n - Multiple Heap-based buffer overflow vulnerabilities.\n\n - The multiple unspecified vulnerabilities in the browser engine.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code or to cause a denial of service,\n possibly gain privileges, to bypass the Same Origin Policy, to obtain\n sensitive information and to do spoofing attacks.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Firefox version before 45.0 on\n Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox version 45.0\n or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-22\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-25\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-19\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!ffVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:ffVer, test_version:\"45.0\"))\n{\n report = report_fixed_ver(installed_version:ffVer, fixed_version:\"45.0\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-19T22:11:55", "description": "This host is installed with Mozilla\n Firefox and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-03-14T00:00:00", "type": "openvas", "title": "Mozilla Firefox Multiple Vulnerabilities - Mar16 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1971", "CVE-2016-1957", "CVE-2016-1972", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-1975", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-1969", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1976", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310807520", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807520", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Firefox Multiple Vulnerabilities - Mar16 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:firefox\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807520\");\n script_version(\"2019-07-17T11:14:11+0000\");\n script_cve_id(\"CVE-2016-1954\", \"CVE-2016-1955\", \"CVE-2016-1957\", \"CVE-2016-1958\",\n \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1950\", \"CVE-2016-1952\",\n \"CVE-2016-1953\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1963\",\n \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1967\",\n \"CVE-2016-1968\", \"CVE-2016-1969\", \"CVE-2016-1970\", \"CVE-2016-1971\",\n \"CVE-2016-1972\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1975\",\n \"CVE-2016-1976\", \"CVE-2016-1977\", \"CVE-2016-1979\", \"CVE-2016-2790\",\n \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\",\n \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\",\n \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 11:14:11 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-03-14 16:41:40 +0530 (Mon, 14 Mar 2016)\");\n script_name(\"Mozilla Firefox Multiple Vulnerabilities - Mar16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Firefox and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - The 'nsCSPContext::SendReports' function in 'dom/security/nsCSPContext.cpp'\n script does not prevent use of a non-HTTP report-uri for a CSP violation\n report.\n\n - The CSP violation reports contained full path information for cross-origin\n iframe navigations in violation of the CSP specification.\n\n - A memory leak in the libstagefright library when array destruction occurs\n during MPEG4 video file processing.\n\n - An error in 'browser/base/content/browser.js' script.\n\n - Multiple use-after-free issues.\n\n - Multiple out-of-bounds read errors\n\n - A memory corruption vulnerability in the FileReader class.\n\n - The mishandling of a navigation sequence that returns to the original page.\n\n - Improper restriction of the availability of IFRAME Resource Timing API times.\n\n - Integer underflow in Brotli library's decompression.\n\n - A memory corruption issue in NPAPI plugin in 'nsNPObjWrapper::GetNewOrUsed'\n function in 'dom/plugins/base/nsJSNPRuntime.cpp' script.\n\n - A race condition in the 'GetStaticInstance' function in the WebRTC\n implementation.\n\n - Multiple Heap-based buffer overflow vulnerabilities.\n\n - The multiple unspecified vulnerabilities in the browser engine.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code or to cause a denial of service,\n possibly gain privileges, to bypass the Same Origin Policy, to obtain\n sensitive information and to do spoofing attacks.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Firefox version before 45.0 on\n Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox version 45.0\n or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-22\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-25\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-19\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\");\n script_mandatory_keys(\"Firefox/Win/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!ffVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:ffVer, test_version:\"45.0\"))\n{\n report = report_fixed_ver(installed_version:ffVer, fixed_version:\"45.0\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:36:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-03-13T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for Firefox (openSUSE-SU-2016:0733-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1971", "CVE-2016-1957", "CVE-2016-1972", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-1975", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1976", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851234", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851234", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851234\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-03-13 06:16:27 +0100 (Sun, 13 Mar 2016)\");\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\",\n \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1958\",\n \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\",\n \"CVE-2016-1963\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\",\n \"CVE-2016-1967\", \"CVE-2016-1968\", \"CVE-2016-1970\", \"CVE-2016-1971\",\n \"CVE-2016-1972\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1975\",\n \"CVE-2016-1976\", \"CVE-2016-1977\", \"CVE-2016-1979\", \"CVE-2016-2790\",\n \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\",\n \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\",\n \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for Firefox (openSUSE-SU-2016:0733-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Firefox'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the\n following issues:\n\n MozillaFirefox was updated to Firefox 45.0 (boo#969894)\n\n * requires NSPR 4.12 / NSS 3.21.1\n\n * Instant browser tab sharing through Hello\n\n * Synced Tabs button in button bar\n\n * Tabs synced via Firefox Accounts from other devices are now shown in\n dropdown area of Awesome Bar when searching\n\n * Introduce a new preference (network.dns.blockDotOnion) to allow\n blocking .onion at the DNS level\n\n * Tab Groups (Panorama) feature removed\n\n * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety\n hazards\n\n * MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and\n potential privilege escalation through CSP reports\n\n * MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports fail to strip\n location information for embedded iframe pages\n\n * MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video memory DOS with\n Intel drivers\n\n * MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in\n libstagefright when deleting an array during MP4 processing\n\n * MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be\n overridden\n\n * MFSA 2016-22/CVE-2016-1959 (bmo#1234949) Service Worker Manager\n out-of-bounds read in Service Worker Manager\n\n * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free\n in HTML5 string parser\n\n * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free\n in SetBody\n\n * MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using\n multiple WebRTC data channels\n\n * MFSA 2016-26/CVE-2016-1963 (bmo#1238440) Memory corruption when\n modifying a file being read by FileReader\n\n * MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML\n transformations\n\n * MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though\n history navigation and Location protocol property\n\n * MFSA 2016-29/CVE-2016-1967 (bmo#1246956) Same-origin policy violation\n using performance.getEntries and history navigation with session\n restore\n\n * MFSA 2016-30/CVE-2016-1968 (bmo#1246742) Buffer overflow in Brotli\n decompression\n\n * MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with\n malicious NPAPI plugin\n\n * MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/\n CVE-2016-1976/CVE-2016-1972 WebRTC and LibVPX vulnerabilities found\n through code inspection\n\n * MFSA 2016-33/CVE-2016-1973 (bmo#1219339) Use-after-free in\n GetStaticInstance in WebRTC\n\n * MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML\n parser following a failed allocation\n\n * MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"Firefox on openSUSE 13.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:0733-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.1\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~45.0~109.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~45.0~109.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-buildsymbols\", rpm:\"MozillaFirefox-buildsymbols~45.0~109.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debuginfo\", rpm:\"MozillaFirefox-debuginfo~45.0~109.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debugsource\", rpm:\"MozillaFirefox-debugsource~45.0~109.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-devel\", rpm:\"MozillaFirefox-devel~45.0~109.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-common\", rpm:\"MozillaFirefox-translations-common~45.0~109.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-other\", rpm:\"MozillaFirefox-translations-other~45.0~109.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3\", rpm:\"libfreebl3~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo\", rpm:\"libfreebl3-debuginfo~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3\", rpm:\"libsoftokn3~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo\", rpm:\"libsoftokn3-debuginfo~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr\", rpm:\"mozilla-nspr~4.12~34.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debuginfo\", rpm:\"mozilla-nspr-debuginfo~4.12~34.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debugsource\", rpm:\"mozilla-nspr-debugsource~4.12~34.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-devel\", rpm:\"mozilla-nspr-devel~4.12~34.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs\", rpm:\"mozilla-nss-certs~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo\", rpm:\"mozilla-nss-certs-debuginfo~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo\", rpm:\"mozilla-nss-debuginfo~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debugsource\", rpm:\"mozilla-nss-debugsource~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-devel\", rpm:\"mozilla-nss-devel~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit\", rpm:\"mozilla-nss-sysinit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-debuginfo\", rpm:\"mozilla-nss-sysinit-debuginfo~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools\", rpm:\"mozilla-nss-tools~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools-debuginfo\", rpm:\"mozilla-nss-tools-debuginfo~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-32bit\", rpm:\"libfreebl3-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo-32bit\", rpm:\"libfreebl3-debuginfo-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-32bit\", rpm:\"libsoftokn3-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo-32bit\", rpm:\"libsoftokn3-debuginfo-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-32bit\", rpm:\"mozilla-nspr-32bit~4.12~34.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debuginfo-32bit\", rpm:\"mozilla-nspr-debuginfo-32bit~4.12~34.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-32bit\", rpm:\"mozilla-nss-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-32bit\", rpm:\"mozilla-nss-certs-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo-32bit\", rpm:\"mozilla-nss-certs-debuginfo-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo-32bit\", rpm:\"mozilla-nss-debuginfo-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-32bit\", rpm:\"mozilla-nss-sysinit-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-debuginfo-32bit\", rpm:\"mozilla-nss-sysinit-debuginfo-32bit~3.21.1~74.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-04T17:41:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-03-12T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2016:0731-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1971", "CVE-2016-1957", "CVE-2016-1972", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-1975", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1979", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1950", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1976", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2020-06-03T00:00:00", "id": "OPENVAS:1361412562310851230", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851230", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851230\");\n script_version(\"2020-06-03T08:38:58+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-03 08:38:58 +0000 (Wed, 03 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-03-12 06:14:00 +0100 (Sat, 12 Mar 2016)\");\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\",\n \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1958\",\n \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\",\n \"CVE-2016-1963\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\",\n \"CVE-2016-1967\", \"CVE-2016-1968\", \"CVE-2016-1970\", \"CVE-2016-1971\",\n \"CVE-2016-1972\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1975\",\n \"CVE-2016-1976\", \"CVE-2016-1977\", \"CVE-2016-1979\", \"CVE-2016-2790\",\n \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\",\n \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\",\n \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2016:0731-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'MozillaFirefox'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the\n following issues:\n\n MozillaFirefox was updated to Firefox 45.0 (boo#969894)\n\n * requires NSPR 4.12 / NSS 3.21.1\n\n * Instant browser tab sharing through Hello\n\n * Synced Tabs button in button bar\n\n * Tabs synced via Firefox Accounts from other devices are now shown in\n dropdown area of Awesome Bar when searching\n\n * Introduce a new preference (network.dns.blockDotOnion) to allow blocking\n .onion at the DNS level\n\n * Tab Groups (Panorama) feature removed\n\n * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety\n hazards\n\n * MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and\n potential privilege escalation through CSP reports\n\n * MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports fail to strip\n location information for embedded iframe pages\n\n * MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video memory DOS with\n Intel drivers\n\n * MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in libstagefright\n when deleting an array during MP4 processing\n\n * MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be\n overridden\n\n * MFSA 2016-22/CVE-2016-1959 (bmo#1234949) Service Worker Manager\n out-of-bounds read in Service Worker Manager\n\n * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free in\n HTML5 string parser\n\n * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free in\n SetBody\n\n * MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using\n multiple WebRTC data channels\n\n * MFSA 2016-26/CVE-2016-1963 (bmo#1238440) Memory corruption when\n modifying a file being read by FileReader\n\n * MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML\n transformations\n\n * MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though\n history navigation and Location protocol property\n\n * MFSA 2016-29/CVE-2016-1967 (bmo#1246956) Same-origin policy violation\n using performance.getEntries and history navigation with session restore\n\n * MFSA 2016-30/CVE-2016-1968 (bmo#1246742) Buffer overflow in Brotli\n decompression\n\n * MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with\n malicious NPAPI plugin\n\n * MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/\n CVE-2016-1976/CVE-2016-1972 WebRTC and LibVPX vulnerabilities found\n through code inspection\n\n * MFSA 2016-33/CVE-2016-1973 (bmo#1219339) Use-after-free in\n GetStaticInstance in WebRTC\n\n * MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML\n parser following a failed allocation\n\n * MFSA 2016-35/CVE-2016-1950 (bmo ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"MozillaFirefox, on openSUSE Leap 42.1, openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:0731-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~45.0~65.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~45.0~65.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-buildsymbols\", rpm:\"MozillaFirefox-buildsymbols~45.0~65.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debuginfo\", rpm:\"MozillaFirefox-debuginfo~45.0~65.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debugsource\", rpm:\"MozillaFirefox-debugsource~45.0~65.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-devel\", rpm:\"MozillaFirefox-devel~45.0~65.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-common\", rpm:\"MozillaFirefox-translations-common~45.0~65.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-other\", rpm:\"MozillaFirefox-translations-other~45.0~65.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3\", rpm:\"libfreebl3~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo\", rpm:\"libfreebl3-debuginfo~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3\", rpm:\"libsoftokn3~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo\", rpm:\"libsoftokn3-debuginfo~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr\", rpm:\"mozilla-nspr~4.12~15.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debuginfo\", rpm:\"mozilla-nspr-debuginfo~4.12~15.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debugsource\", rpm:\"mozilla-nspr-debugsource~4.12~15.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-devel\", rpm:\"mozilla-nspr-devel~4.12~15.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs\", rpm:\"mozilla-nss-certs~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo\", rpm:\"mozilla-nss-certs-debuginfo~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo\", rpm:\"mozilla-nss-debuginfo~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debugsource\", rpm:\"mozilla-nss-debugsource~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-devel\", rpm:\"mozilla-nss-devel~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit\", rpm:\"mozilla-nss-sysinit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-debuginfo\", rpm:\"mozilla-nss-sysinit-debuginfo~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools\", rpm:\"mozilla-nss-tools~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools-debuginfo\", rpm:\"mozilla-nss-tools-debuginfo~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-32bit\", rpm:\"libfreebl3-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo-32bit\", rpm:\"libfreebl3-debuginfo-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-32bit\", rpm:\"libsoftokn3-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo-32bit\", rpm:\"libsoftokn3-debuginfo-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-32bit\", rpm:\"mozilla-nspr-32bit~4.12~15.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nspr-debuginfo-32bit\", rpm:\"mozilla-nspr-debuginfo-32bit~4.12~15.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-32bit\", rpm:\"mozilla-nss-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-32bit\", rpm:\"mozilla-nss-certs-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo-32bit\", rpm:\"mozilla-nss-certs-debuginfo-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo-32bit\", rpm:\"mozilla-nss-debuginfo-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-32bit\", rpm:\"mozilla-nss-sysinit-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-debuginfo-32bit\", rpm:\"mozilla-nss-sysinit-debuginfo-32bit~3.21.1~28.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966). Multiple security flaws were found in the graphite2 font library shipped with Thunderbird. A web page containing malicious content could cause it to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802). \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-03-16T18:07:23", "type": "mageia", "title": "Updated thunderbird packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1964", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2016-03-16T18:07:23", "id": "MGASA-2016-0115", "href": "https://advisories.mageia.org/MGASA-2016-0115.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-18T11:19:34", "description": "Updated nss and firefox packages fix security vulnerabilities: Security researcher SkyLined reported a use-after-free issue in how audio is handled through the Web Audio API during MediaStream playback through interactions with the Web Audio API. This results in a potentially exploitable crash (CVE-2015-4477). Security researcher cgvwzq reported that it is possible to read cross-origin URLs following a redirect if performance.getEntries() is used along with an iframe to host a page. Navigating back in history through script, content is pulled from the browser cache for the redirected location instead of going to the original location. This is a same-origin policy violation and could allow for data theft (CVE-2015-7207). A heap-based buffer overflow flaw was found in the way NSS parsed certain ASN.1 structures. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash, or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library (CVE-2016-1950). Mozilla developer Tim Taubert used the Address Sanitizer tool and software fuzzing to discover a use-after-free vulnerability while processing DER encoded keys in the Network Security Services (NSS) libraries. The vulnerability overwrites the freed memory with zeroes (CVE-2016-1979). Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1974, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966). Multiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-03-09T22:57:53", "type": "mageia", "title": "Updated firefox packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4477", "CVE-2015-7207", "CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-1979", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2016-03-09T22:57:53", "id": "MGASA-2016-0105", "href": "https://advisories.mageia.org/MGASA-2016-0105.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2022-04-11T15:11:18", "description": "Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped with Thunderbird. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.\n(CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802)\n\nAfter installing the update, Thunderbird must be restarted for the changes to take effect.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-03-17T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : thunderbird on SL5.x, SL6.x, SL7.x i386/x86_64 (20160316)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1964", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:thunderbird", "p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20160316_THUNDERBIRD_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/89988", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89988);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1964\", \"CVE-2016-1966\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n\n script_name(english:\"Scientific Linux Security Update : thunderbird on SL5.x, SL6.x, SL7.x i386/x86_64 (20160316)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Thunderbird to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2016-1952, CVE-2016-1954,\nCVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1974,\nCVE-2016-1964, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library\nshipped with Thunderbird. A web page containing malicious content\ncould cause Thunderbird to crash or, potentially, execute arbitrary\ncode with the privileges of the user running Thunderbird.\n(CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792,\nCVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796,\nCVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800,\nCVE-2016-2801, CVE-2016-2802)\n\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1603&L=scientific-linux-errata&F=&S=&P=5856\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?52f8da9c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"thunderbird-38.7.0-1.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"thunderbird-debuginfo-38.7.0-1.el5_11\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"thunderbird-38.7.0-1.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"thunderbird-debuginfo-38.7.0-1.el6_7\")) flag++;\n\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"thunderbird-38.7.0-1.el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-38.7.0-1.el7_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:12:57", "description": "An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped with Thunderbird. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.\n(CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas Golubovic, Jose Martinez, Romina Santillan, ca0nguyen, lokihardt, Nicolas Gregoire, the Communications Electronics Security Group (UK) of the GCHQ, Holger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 38.7.0. You can find a link to the Mozilla advisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which contains Thunderbird version 38.7.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes to take effect.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-03-17T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 / 7 : thunderbird (RHSA-2016:0460)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1964", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2020-05-29T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:thunderbird", "p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.7", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.2", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2016-0460.NASL", "href": "https://www.tenable.com/plugins/nessus/89986", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:0460. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89986);\n script_version(\"2.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1964\", \"CVE-2016-1966\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_xref(name:\"RHSA\", value:\"2016:0460\");\n\n script_name(english:\"RHEL 5 / 6 / 7 : thunderbird (RHSA-2016:0460)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An updated thunderbird package that fixes multiple security issues is\nnow available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Thunderbird to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2016-1952, CVE-2016-1954,\nCVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1974,\nCVE-2016-1964, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library\nshipped with Thunderbird. A web page containing malicious content\ncould cause Thunderbird to crash or, potentially, execute arbitrary\ncode with the privileges of the user running Thunderbird.\n(CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792,\nCVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796,\nCVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800,\nCVE-2016-2801, CVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Bob Clary, Christoph Diehl, Christian\nHoller, Andrew McCreight, Daniel Holbert, Jesse Ruderman, Randell\nJesup, Nicolas Golubovic, Jose Martinez, Romina Santillan, ca0nguyen,\nlokihardt, Nicolas Gregoire, the Communications Electronics Security\nGroup (UK) of the GCHQ, Holger Fuhrmannek, Ronald Crane, and Tyson\nSmith as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Thunderbird 38.7.0. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 38.7.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n # https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f3138c54\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:0460\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1966\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1960\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1961\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1964\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2795\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2796\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2797\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2791\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2793\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1957\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1954\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1952\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1974\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1977\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2801\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2802\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:0460\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"thunderbird-38.7.0-1.el5_11\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"thunderbird-38.7.0-1.el5_11\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"thunderbird-debuginfo-38.7.0-1.el5_11\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-38.7.0-1.el5_11\", allowmaj:TRUE)) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-38.7.0-1.el6_7\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-38.7.0-1.el6_7\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-38.7.0-1.el6_7\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-debuginfo-38.7.0-1.el6_7\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-debuginfo-38.7.0-1.el6_7\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-38.7.0-1.el6_7\", allowmaj:TRUE)) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"thunderbird-38.7.0-1.el7_2\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-38.7.0-1.el7_2\", allowmaj:TRUE)) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:11:18", "description": "From Red Hat Security Advisory 2016:0460 :\n\nAn updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped with Thunderbird. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.\n(CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas Golubovic, Jose Martinez, Romina Santillan, ca0nguyen, lokihardt, Nicolas Gregoire, the Communications Electronics Security Group (UK) of the GCHQ, Holger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 38.7.0. You can find a link to the Mozilla advisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which contains Thunderbird version 38.7.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes to take effect.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-03-17T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : thunderbird (ELSA-2016-0460)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1964", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:thunderbird", "cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2016-0460.NASL", "href": "https://www.tenable.com/plugins/nessus/89981", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2016:0460 and \n# Oracle Linux Security Advisory ELSA-2016-0460 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89981);\n script_version(\"2.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1964\", \"CVE-2016-1966\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_xref(name:\"RHSA\", value:\"2016:0460\");\n\n script_name(english:\"Oracle Linux 6 / 7 : thunderbird (ELSA-2016-0460)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"From Red Hat Security Advisory 2016:0460 :\n\nAn updated thunderbird package that fixes multiple security issues is\nnow available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Thunderbird to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2016-1952, CVE-2016-1954,\nCVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1974,\nCVE-2016-1964, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library\nshipped with Thunderbird. A web page containing malicious content\ncould cause Thunderbird to crash or, potentially, execute arbitrary\ncode with the privileges of the user running Thunderbird.\n(CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792,\nCVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796,\nCVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800,\nCVE-2016-2801, CVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Bob Clary, Christoph Diehl, Christian\nHoller, Andrew McCreight, Daniel Holbert, Jesse Ruderman, Randell\nJesup, Nicolas Golubovic, Jose Martinez, Romina Santillan, ca0nguyen,\nlokihardt, Nicolas Gregoire, the Communications Electronics Security\nGroup (UK) of the GCHQ, Holger Fuhrmannek, Ronald Crane, and Tyson\nSmith as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Thunderbird 38.7.0. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 38.7.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-March/005867.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-March/005868.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6 / 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"thunderbird-38.7.0-1.0.1.el6_7\", allowmaj:TRUE)) flag++;\n\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"thunderbird-38.7.0-1.0.1.el7_2\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:11:20", "description": "An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped with Thunderbird. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.\n(CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas Golubovic, Jose Martinez, Romina Santillan, ca0nguyen, lokihardt, Nicolas Gregoire, the Communications Electronics Security Group (UK) of the GCHQ, Holger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 38.7.0. You can find a link to the Mozilla advisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which contains Thunderbird version 38.7.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes to take effect.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-03-17T00:00:00", "type": "nessus", "title": "CentOS 5 / 6 / 7 : thunderbird (CESA-2016:0460)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1964", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:thunderbird", "cpe:/o:centos:centos:5", "cpe:/o:centos:centos:6", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2016-0460.NASL", "href": "https://www.tenable.com/plugins/nessus/89971", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:0460 and \n# CentOS Errata and Security Advisory 2016:0460 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89971);\n script_version(\"2.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1964\", \"CVE-2016-1966\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_xref(name:\"RHSA\", value:\"2016:0460\");\n\n script_name(english:\"CentOS 5 / 6 / 7 : thunderbird (CESA-2016:0460)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An updated thunderbird package that fixes multiple security issues is\nnow available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Thunderbird to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2016-1952, CVE-2016-1954,\nCVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1974,\nCVE-2016-1964, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library\nshipped with Thunderbird. A web page containing malicious content\ncould cause Thunderbird to crash or, potentially, execute arbitrary\ncode with the privileges of the user running Thunderbird.\n(CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792,\nCVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796,\nCVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800,\nCVE-2016-2801, CVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Bob Clary, Christoph Diehl, Christian\nHoller, Andrew McCreight, Daniel Holbert, Jesse Ruderman, Randell\nJesup, Nicolas Golubovic, Jose Martinez, Romina Santillan, ca0nguyen,\nlokihardt, Nicolas Gregoire, the Communications Electronics Security\nGroup (UK) of the GCHQ, Holger Fuhrmannek, Ronald Crane, and Tyson\nSmith as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Thunderbird 38.7.0. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 38.7.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-March/021738.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?31e76a6f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-March/021739.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?41731503\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-March/021740.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?78654149\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-2794\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x / 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"thunderbird-38.7.0-1.el5.centos\", allowmaj:TRUE)) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"thunderbird-38.7.0-1.el6.centos\", allowmaj:TRUE)) flag++;\n\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"thunderbird-38.7.0-1.el7.centos\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:12:04", "description": "Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors, integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code or denial of service.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-21T00:00:00", "type": "nessus", "title": "Debian DSA-3520-1 : icedove - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1950", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:icedove", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3520.NASL", "href": "https://www.tenable.com/plugins/nessus/90031", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3520. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90031);\n script_version(\"2.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1966\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_xref(name:\"DSA\", value:\"3520\");\n\n script_name(english:\"Debian DSA-3520-1 : icedove - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been found in Icedove, Debian's version\nof the Mozilla Thunderbird mail client: Multiple memory safety errors,\ninteger overflows, buffer overflows and other implementation errors\nmay lead to the execution of arbitrary code or denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/icedove\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/icedove\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3520\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the icedove packages.\n\nFor the oldstable distribution (wheezy), these problems have been\nfixed in version 38.7.0-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 38.7.0-1~deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"calendar-google-provider\", reference:\"38.7.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove\", reference:\"38.7.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-dbg\", reference:\"38.7.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-dev\", reference:\"38.7.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-extension\", reference:\"38.7.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"calendar-google-provider\", reference:\"38.7.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove\", reference:\"38.7.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-dbg\", reference:\"38.7.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-dev\", reference:\"38.7.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-extension\", reference:\"38.7.0-1~deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:17:25", "description": "Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, and Randell Jesup discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird.\n(CVE-2016-1952)\n\nNicolas Golubovic discovered that CSP violation reports can be used to overwrite local files. If a user were tricked in to opening a specially crafted website in a browsing context with addon signing disabled and unpacked addons installed, an attacker could potentially exploit this to gain additional privileges. (CVE-2016-1954)\n\nJose Martinez and Romina Santillan discovered a memory leak in libstagefright during MPEG4 video file processing in some circumstances. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit this to cause a denial of service via memory exhaustion.\n(CVE-2016-1957)\n\nA use-after-free was discovered in the HTML5 string parser. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2016-1960)\n\nA use-after-free was discovered in the SetBody function of HTMLDocument. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird.\n(CVE-2016-1961)\n\nNicolas Gregoire discovered a use-after-free during XML transformations. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2016-1964)\n\nA memory corruption issues was discovered in the NPAPI subsystem. If a user were tricked in to opening a specially crafted website in a browsing context with a malicious plugin installed, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2016-1966)\n\nRonald Crane discovered an out-of-bounds read following a failed allocation in the HTML parser in some circumstances. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2016-1974)\n\nFrancis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS. A remote attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2016-1950)\n\nHolger Fuhrmannek, Tyson Smith and Holger Fuhrmannek reported multiple memory safety issues in the Graphite 2 library. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-05-02T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : thunderbird vulnerabilities (USN-2934-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1964", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:thunderbird", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.10", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-2934-1.NASL", "href": "https://www.tenable.com/plugins/nessus/90822", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2934-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90822);\n script_version(\"2.10\");\n script_cvs_date(\"Date: 2019/09/18 12:31:45\");\n\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1964\", \"CVE-2016-1966\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_xref(name:\"USN\", value:\"2934-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : thunderbird vulnerabilities (USN-2934-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel\nHolbert, Jesse Ruderman, and Randell Jesup discovered multiple memory\nsafety issues in Thunderbird. If a user were tricked in to opening a\nspecially crafted message, an attacker could potentially exploit these\nto cause a denial of service via application crash, or execute\narbitrary code with the privileges of the user invoking Thunderbird.\n(CVE-2016-1952)\n\nNicolas Golubovic discovered that CSP violation reports can be used to\noverwrite local files. If a user were tricked in to opening a\nspecially crafted website in a browsing context with addon signing\ndisabled and unpacked addons installed, an attacker could potentially\nexploit this to gain additional privileges. (CVE-2016-1954)\n\nJose Martinez and Romina Santillan discovered a memory leak in\nlibstagefright during MPEG4 video file processing in some\ncircumstances. If a user were tricked in to opening a specially\ncrafted website in a browsing context, an attacker could potentially\nexploit this to cause a denial of service via memory exhaustion.\n(CVE-2016-1957)\n\nA use-after-free was discovered in the HTML5 string parser. If a user\nwere tricked in to opening a specially crafted website in a browsing\ncontext, an attacker could potentially exploit this to cause a denial\nof service via application crash, or execute arbitrary code with the\nprivileges of the user invoking Thunderbird. (CVE-2016-1960)\n\nA use-after-free was discovered in the SetBody function of\nHTMLDocument. If a user were tricked in to opening a specially crafted\nwebsite in a browsing context, an attacker could potentially exploit\nthis to cause a denial of service via application crash, or execute\narbitrary code with the privileges of the user invoking Thunderbird.\n(CVE-2016-1961)\n\nNicolas Gregoire discovered a use-after-free during XML\ntransformations. If a user were tricked in to opening a specially\ncrafted website in a browsing context, an attacker could potentially\nexploit this to cause a denial of service via application crash, or\nexecute arbitrary code with the privileges of the user invoking\nThunderbird. (CVE-2016-1964)\n\nA memory corruption issues was discovered in the NPAPI subsystem. If a\nuser were tricked in to opening a specially crafted website in a\nbrowsing context with a malicious plugin installed, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the user\ninvoking Thunderbird. (CVE-2016-1966)\n\nRonald Crane discovered an out-of-bounds read following a failed\nallocation in the HTML parser in some circumstances. If a user were\ntricked in to opening a specially crafted website in a browsing\ncontext, an attacker could potentially exploit this to cause a denial\nof service via application crash, or execute arbitrary code with the\nprivileges of the user invoking Thunderbird. (CVE-2016-1974)\n\nFrancis Gabriel discovered a buffer overflow during ASN.1 decoding in\nNSS. A remote attacker could potentially exploit this to cause a\ndenial of service via application crash, or execute arbitrary code\nwith the privileges of the user invoking Thunderbird. (CVE-2016-1950)\n\nHolger Fuhrmannek, Tyson Smith and Holger Fuhrmannek reported multiple\nmemory safety issues in the Graphite 2 library. If a user were tricked\nin to opening a specially crafted message, an attacker could\npotentially exploit these to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the user\ninvoking Thunderbird. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791,\nCVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795,\nCVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799,\nCVE-2016-2800, CVE-2016-2801, CVE-2016-2802).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2934-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.10|16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.10 / 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"thunderbird\", pkgver:\"1:38.7.2+build1-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"thunderbird\", pkgver:\"1:38.7.2+build1-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"thunderbird\", pkgver:\"1:38.7.2+build1-0ubuntu0.15.10.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"thunderbird\", pkgver:\"1:38.7.2+build1-0ubuntu0.16.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:11:18", "description": "Mozilla Foundation reports :\n\nMFSA 2016-16 Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)\n\nMFSA 2016-17 Local file overwriting and potential privilege escalation through CSP reports\n\nMFSA 2016-18 CSP reports fail to strip location information for embedded iframe pages\n\nMFSA 2016-19 Linux video memory DOS with Intel drivers\n\nMFSA 2016-20 Memory leak in libstagefright when deleting an array during MP4 processing\n\nMFSA 2016-21 Displayed page address can be overridden\n\nMFSA 2016-22 Service Worker Manager out-of-bounds read in Service Worker Manager\n\nMFSA 2016-23 Use-after-free in HTML5 string parser\n\nMFSA 2016-24 Use-after-free in SetBody\n\nMFSA 2016-25 Use-after-free when using multiple WebRTC data channels\n\nMFSA 2016-26 Memory corruption when modifying a file being read by FileReader\n\nMFSA 2016-27 Use-after-free during XML transformations\n\nMFSA 2016-28 Addressbar spoofing though history navigation and Location protocol property\n\nMFSA 2016-29 Same-origin policy violation using perfomance.getEntries and history navigation with session restore\n\nMFSA 2016-31 Memory corruption with malicious NPAPI plugin\n\nMFSA 2016-32 WebRTC and LibVPX vulnerabilities found through code inspection\n\nMFSA 2016-33 Use-after-free in GetStaticInstance in WebRTC\n\nMFSA 2016-34 Out-of-bounds read in HTML parser following a failed allocation", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-09T00:00:00", "type": "nessus", "title": "FreeBSD : mozilla -- multiple vulnerabilities (2225c5b4-1e5a-44fc-9920-b3201c384a15)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1959", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1967", "CVE-2016-1970", "CVE-2016-1971", "CVE-2016-1972", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1975", "CVE-2016-1976"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:firefox", "p-cpe:/a:freebsd:freebsd:firefox-esr", "p-cpe:/a:freebsd:freebsd:libxul", "p-cpe:/a:freebsd:freebsd:linux-firefox", "p-cpe:/a:freebsd:freebsd:linux-seamonkey", "p-cpe:/a:freebsd:freebsd:linux-thunderbird", "p-cpe:/a:freebsd:freebsd:seamonkey", "p-cpe:/a:freebsd:freebsd:thunderbird", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_2225C5B41E5A44FC9920B3201C384A15.NASL", "href": "https://www.tenable.com/plugins/nessus/89765", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89765);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1963\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1967\", \"CVE-2016-1970\", \"CVE-2016-1971\", \"CVE-2016-1972\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1975\", \"CVE-2016-1976\");\n\n script_name(english:\"FreeBSD : mozilla -- multiple vulnerabilities (2225c5b4-1e5a-44fc-9920-b3201c384a15)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Foundation reports :\n\nMFSA 2016-16 Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)\n\nMFSA 2016-17 Local file overwriting and potential privilege escalation\nthrough CSP reports\n\nMFSA 2016-18 CSP reports fail to strip location information for\nembedded iframe pages\n\nMFSA 2016-19 Linux video memory DOS with Intel drivers\n\nMFSA 2016-20 Memory leak in libstagefright when deleting an array\nduring MP4 processing\n\nMFSA 2016-21 Displayed page address can be overridden\n\nMFSA 2016-22 Service Worker Manager out-of-bounds read in Service\nWorker Manager\n\nMFSA 2016-23 Use-after-free in HTML5 string parser\n\nMFSA 2016-24 Use-after-free in SetBody\n\nMFSA 2016-25 Use-after-free when using multiple WebRTC data channels\n\nMFSA 2016-26 Memory corruption when modifying a file being read by\nFileReader\n\nMFSA 2016-27 Use-after-free during XML transformations\n\nMFSA 2016-28 Addressbar spoofing though history navigation and\nLocation protocol property\n\nMFSA 2016-29 Same-origin policy violation using perfomance.getEntries\nand history navigation with session restore\n\nMFSA 2016-31 Memory corruption with malicious NPAPI plugin\n\nMFSA 2016-32 WebRTC and LibVPX vulnerabilities found through code\ninspection\n\nMFSA 2016-33 Use-after-free in GetStaticInstance in WebRTC\n\nMFSA 2016-34 Out-of-bounds read in HTML parser following a failed\nallocation\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-16/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-17/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-18/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-19/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-20/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-21/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-21/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-22/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-22/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-23/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-24/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-25/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-25/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-26/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-26/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-27/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-28/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-28/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-29/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-29/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-31/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-32/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-32/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-33/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-33/\"\n );\n # https://www.mozilla.org/security/advisories/mfsa2016-34/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/\"\n );\n # https://vuxml.freebsd.org/freebsd/2225c5b4-1e5a-44fc-9920-b3201c384a15.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6acefea3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:firefox-esr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libxul\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"firefox<45.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-firefox<45.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"seamonkey<2.42\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-seamonkey<2.42\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"firefox-esr<38.7.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"libxul<38.7.0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"thunderbird<38.7.0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-thunderbird<38.7.0\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:12:57", "description": "Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1973, CVE-2016-1974, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas Golubovic, Jose Martinez, Romina Santillan, Abdulrahman Alqabandi, ca0nguyen, lokihardt, Dominique Hazael-Massieux, Nicolas Gregoire, Tsubasa Iinuma, the Communications Electronics Security Group (UK) of the GCHQ, Holger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain Firefox version 38.7.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-09T00:00:00", "type": "nessus", "title": "CentOS 5 / 6 / 7 : firefox (CESA-2016:0373)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:firefox", "cpe:/o:centos:centos:5", "cpe:/o:centos:centos:6", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2016-0373.NASL", "href": "https://www.tenable.com/plugins/nessus/89763", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:0373 and \n# CentOS Errata and Security Advisory 2016:0373 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89763);\n script_version(\"2.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_xref(name:\"RHSA\", value:\"2016:0373\");\n\n script_name(english:\"CentOS 5 / 6 / 7 : firefox (CESA-2016:0373)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated firefox packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957,\nCVE-2016-1958, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962,\nCVE-2016-1973, CVE-2016-1974, CVE-2016-1964, CVE-2016-1965,\nCVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library\nshipped with Firefox. A web page containing malicious content could\ncause Firefox to crash or, potentially, execute arbitrary code with\nthe privileges of the user running Firefox. (CVE-2016-1977,\nCVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793,\nCVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797,\nCVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801,\nCVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Bob Clary, Christoph Diehl, Christian\nHoller, Andrew McCreight, Daniel Holbert, Jesse Ruderman, Randell\nJesup, Nicolas Golubovic, Jose Martinez, Romina Santillan, Abdulrahman\nAlqabandi, ca0nguyen, lokihardt, Dominique Hazael-Massieux, Nicolas\nGregoire, Tsubasa Iinuma, the Communications Electronics Security\nGroup (UK) of the GCHQ, Holger Fuhrmannek, Ronald Crane, and Tyson\nSmith as the original reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 38.7.0 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-March/021723.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6c80efde\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-March/021724.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?42bbb98c\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-March/021725.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dc548dc7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1962\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x / 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"firefox-38.7.0-1.el5.centos\", allowmaj:TRUE)) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"firefox-38.7.0-1.el6.centos\", allowmaj:TRUE)) flag++;\n\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"firefox-38.7.0-1.el7.centos\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:13:44", "description": "The version of Mozilla Firefox ESR installed on the remote Windows host is prior to 38.7. It is, therefore, affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these issues by convincing a user to visit a specially crafted website, resulting in the execution of arbitrary code in the context of the current user.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-11T00:00:00", "type": "nessus", "title": "Firefox ESR < 38.7 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:mozilla:firefox_esr"], "id": "MOZILLA_FIREFOX_38_7_ESR.NASL", "href": "https://www.tenable.com/plugins/nessus/89874", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89874);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2016-1950\",\n \"CVE-2016-1952\",\n \"CVE-2016-1954\",\n \"CVE-2016-1957\",\n \"CVE-2016-1958\",\n \"CVE-2016-1960\",\n \"CVE-2016-1961\",\n \"CVE-2016-1962\",\n \"CVE-2016-1964\",\n \"CVE-2016-1965\",\n \"CVE-2016-1966\",\n \"CVE-2016-1974\",\n \"CVE-2016-1977\",\n \"CVE-2016-2790\",\n \"CVE-2016-2791\",\n \"CVE-2016-2792\",\n \"CVE-2016-2793\",\n \"CVE-2016-2794\",\n \"CVE-2016-2795\",\n \"CVE-2016-2796\",\n \"CVE-2016-2797\",\n \"CVE-2016-2798\",\n \"CVE-2016-2799\",\n \"CVE-2016-2800\",\n \"CVE-2016-2801\",\n \"CVE-2016-2802\"\n );\n script_xref(name:\"MFSA\", value:\"2016-16\");\n script_xref(name:\"MFSA\", value:\"2016-17\");\n script_xref(name:\"MFSA\", value:\"2016-20\");\n script_xref(name:\"MFSA\", value:\"2016-21\");\n script_xref(name:\"MFSA\", value:\"2016-23\");\n script_xref(name:\"MFSA\", value:\"2016-24\");\n script_xref(name:\"MFSA\", value:\"2016-25\");\n script_xref(name:\"MFSA\", value:\"2016-27\");\n script_xref(name:\"MFSA\", value:\"2016-28\");\n script_xref(name:\"MFSA\", value:\"2016-31\");\n script_xref(name:\"MFSA\", value:\"2016-34\");\n script_xref(name:\"MFSA\", value:\"2016-35\");\n script_xref(name:\"MFSA\", value:\"2016-37\");\n\n script_name(english:\"Firefox ESR < 38.7 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Firefox.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Mozilla Firefox ESR installed on the remote Windows\nhost is prior to 38.7. It is, therefore, affected by multiple\nvulnerabilities, the majority of which are remote code execution\nvulnerabilities. An unauthenticated, remote attacker can exploit these\nissues by convincing a user to visit a specially crafted website,\nresulting in the execution of arbitrary code in the context of the\ncurrent user.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-21/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-25/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-28/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Firefox ESR version 38.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1962\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox_esr\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\n\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\ninstalls = get_kb_list(\"SMB/Mozilla/Firefox/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Firefox\");\n\nmozilla_check_version(installs:installs, product:'firefox', esr:TRUE, fix:'38.7', severity:SECURITY_HOLE);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:13:44", "description": "Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1973, CVE-2016-1974, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802)\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-10T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : firefox on SL5.x, SL6.x, SL7.x i386/x86_64 (20160309)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:firefox", "p-cpe:/a:fermilab:scientific_linux:firefox-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20160309_FIREFOX_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/89822", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89822);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n\n script_name(english:\"Scientific Linux Security Update : firefox on SL5.x, SL6.x, SL7.x i386/x86_64 (20160309)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957,\nCVE-2016-1958, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962,\nCVE-2016-1973, CVE-2016-1974, CVE-2016-1964, CVE-2016-1965,\nCVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library\nshipped with Firefox. A web page containing malicious content could\ncause Firefox to crash or, potentially, execute arbitrary code with\nthe privileges of the user running Firefox. (CVE-2016-1977,\nCVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793,\nCVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797,\nCVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801,\nCVE-2016-2802)\n\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1603&L=scientific-linux-errata&F=&S=&P=2902\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ec90bc98\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox and / or firefox-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:firefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"firefox-38.7.0-1.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"firefox-debuginfo-38.7.0-1.el5_11\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"firefox-38.7.0-1.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"firefox-debuginfo-38.7.0-1.el6_7\")) flag++;\n\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"firefox-38.7.0-1.el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"firefox-debuginfo-38.7.0-1.el7_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / firefox-debuginfo\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:12:10", "description": "From Red Hat Security Advisory 2016:0373 :\n\nUpdated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1973, CVE-2016-1974, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas Golubovic, Jose Martinez, Romina Santillan, Abdulrahman Alqabandi, ca0nguyen, lokihardt, Dominique Hazael-Massieux, Nicolas Gregoire, Tsubasa Iinuma, the Communications Electronics Security Group (UK) of the GCHQ, Holger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain Firefox version 38.7.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-10T00:00:00", "type": "nessus", "title": "Oracle Linux 5 / 6 / 7 : firefox (ELSA-2016-0373)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:firefox", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2016-0373.NASL", "href": "https://www.tenable.com/plugins/nessus/89816", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2016:0373 and \n# Oracle Linux Security Advisory ELSA-2016-0373 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89816);\n script_version(\"2.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_xref(name:\"RHSA\", value:\"2016:0373\");\n\n script_name(english:\"Oracle Linux 5 / 6 / 7 : firefox (ELSA-2016-0373)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"From Red Hat Security Advisory 2016:0373 :\n\nUpdated firefox packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957,\nCVE-2016-1958, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962,\nCVE-2016-1973, CVE-2016-1974, CVE-2016-1964, CVE-2016-1965,\nCVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library\nshipped with Firefox. A web page containing malicious content could\ncause Firefox to crash or, potentially, execute arbitrary code with\nthe privileges of the user running Firefox. (CVE-2016-1977,\nCVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793,\nCVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797,\nCVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801,\nCVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Bob Clary, Christoph Diehl, Christian\nHoller, Andrew McCreight, Daniel Holbert, Jesse Ruderman, Randell\nJesup, Nicolas Golubovic, Jose Martinez, Romina Santillan, Abdulrahman\nAlqabandi, ca0nguyen, lokihardt, Dominique Hazael-Massieux, Nicolas\nGregoire, Tsubasa Iinuma, the Communications Electronics Security\nGroup (UK) of the GCHQ, Holger Fuhrmannek, Ronald Crane, and Tyson\nSmith as the original reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 38.7.0 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-March/005846.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-March/005847.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-March/005850.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected firefox package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6 / 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"firefox-38.7.0-1.0.1.el5_11\", allowmaj:TRUE)) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"firefox-38.7.0-1.0.1.el6_7\", allowmaj:TRUE)) flag++;\n\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"firefox-38.7.0-1.0.1.el7_2\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:11:17", "description": "Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1973, CVE-2016-1974, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas Golubovic, Jose Martinez, Romina Santillan, Abdulrahman Alqabandi, ca0nguyen, lokihardt, Dominique Hazael-Massieux, Nicolas Gregoire, Tsubasa Iinuma, the Communications Electronics Security Group (UK) of the GCHQ, Holger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain Firefox version 38.7.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-09T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 / 7 : firefox (RHSA-2016:0373)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2020-05-29T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:firefox", "p-cpe:/a:redhat:enterprise_linux:firefox-debuginfo", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.7", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.2", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2016-0373.NASL", "href": "https://www.tenable.com/plugins/nessus/89774", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:0373. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89774);\n script_version(\"2.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_xref(name:\"RHSA\", value:\"2016:0373\");\n\n script_name(english:\"RHEL 5 / 6 / 7 : firefox (RHSA-2016:0373)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated firefox packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957,\nCVE-2016-1958, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962,\nCVE-2016-1973, CVE-2016-1974, CVE-2016-1964, CVE-2016-1965,\nCVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library\nshipped with Firefox. A web page containing malicious content could\ncause Firefox to crash or, potentially, execute arbitrary code with\nthe privileges of the user running Firefox. (CVE-2016-1977,\nCVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793,\nCVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797,\nCVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801,\nCVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Bob Clary, Christoph Diehl, Christian\nHoller, Andrew McCreight, Daniel Holbert, Jesse Ruderman, Randell\nJesup, Nicolas Golubovic, Jose Martinez, Romina Santillan, Abdulrahman\nAlqabandi, ca0nguyen, lokihardt, Dominique Hazael-Massieux, Nicolas\nGregoire, Tsubasa Iinuma, the Communications Electronics Security\nGroup (UK) of the GCHQ, Holger Fuhrmannek, Ronald Crane, and Tyson\nSmith as the original reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 38.7.0 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n # https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8b5eaff4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:0373\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1966\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1962\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1960\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1961\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1964\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1965\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2795\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2796\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2797\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2791\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2793\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1958\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1957\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1954\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1952\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1973\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1974\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1977\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2801\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2802\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected firefox and / or firefox-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:0373\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"firefox-38.7.0-1.el5_11\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"firefox-debuginfo-38.7.0-1.el5_11\", allowmaj:TRUE)) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"firefox-38.7.0-1.el6_7\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"firefox-debuginfo-38.7.0-1.el6_7\", allowmaj:TRUE)) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", reference:\"firefox-38.7.0-1.el7_2\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"firefox-debuginfo-38.7.0-1.el7_2\", allowmaj:TRUE)) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / firefox-debuginfo\");\n }\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:11:20", "description": "Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, denial of service, address bar spoofing and overwriting local files.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-10T00:00:00", "type": "nessus", "title": "Debian DSA-3510-1 : iceweasel - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:iceweasel", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3510.NASL", "href": "https://www.tenable.com/plugins/nessus/89792", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3510. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89792);\n script_version(\"2.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_xref(name:\"DSA\", value:\"3510\");\n\n script_name(english:\"Debian DSA-3510-1 : iceweasel - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been found in Iceweasel, Debian's\nversion of the Mozilla Firefox web browser: Multiple memory safety\nerrors, buffer overflows, use-after-frees and other implementation\nerrors may lead to the execution of arbitrary code, denial of service,\naddress bar spoofing and overwriting local files.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/iceweasel\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/iceweasel\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3510\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the iceweasel packages.\n\nFor the oldstable distribution (wheezy), these problems have been\nfixed in version 38.7.0esr-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 38.7.0esr-1~deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-dbg\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-dev\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ach\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-af\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-all\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-an\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ar\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-as\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ast\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-be\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bg\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bn-bd\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bn-in\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-br\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bs\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ca\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-cs\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-csb\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-cy\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-da\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-de\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-el\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-en-gb\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-en-za\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-eo\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-ar\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-cl\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-es\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-mx\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-et\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-eu\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fa\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ff\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fi\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fr\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fy-nl\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ga-ie\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-gd\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-gl\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-gu-in\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-he\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hi-in\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hr\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hsb\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hu\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hy-am\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-id\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-is\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-it\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ja\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-kk\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-km\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-kn\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ko\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ku\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-lij\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-lt\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-lv\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-mai\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-mk\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ml\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-mr\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ms\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-nb-no\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-nl\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-nn-no\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-or\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pa-in\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pl\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pt-br\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pt-pt\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-rm\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ro\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ru\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-si\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sk\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sl\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-son\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sq\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sr\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sv-se\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ta\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-te\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-th\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-tr\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-uk\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-vi\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-xh\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-zh-cn\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-zh-tw\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-zu\", reference:\"38.7.0esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-dbg\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-dev\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ach\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-af\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-all\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-an\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ar\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-as\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ast\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-be\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-bg\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-bn-bd\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-bn-in\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-br\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-bs\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ca\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-cs\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-csb\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-cy\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-da\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-de\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-el\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-en-gb\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-en-za\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-eo\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-es-ar\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-es-cl\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-es-es\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-es-mx\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-et\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-eu\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-fa\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ff\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-fi\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-fr\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-fy-nl\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ga-ie\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-gd\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-gl\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-gu-in\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-he\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-hi-in\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-hr\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-hsb\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-hu\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-hy-am\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-id\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-is\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-it\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ja\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-kk\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-km\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-kn\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ko\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ku\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-lij\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-lt\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-lv\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-mai\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-mk\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ml\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-mr\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ms\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-nb-no\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-nl\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-nn-no\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-or\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-pa-in\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-pl\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-pt-br\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-pt-pt\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-rm\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ro\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ru\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-si\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-sk\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-sl\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-son\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-sq\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-sr\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-sv-se\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-ta\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-te\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-th\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-tr\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-uk\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-vi\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-xh\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-zh-cn\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-zh-tw\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceweasel-l10n-zu\", reference:\"38.7.0esr-1~deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:10:32", "description": "The version of Firefox ESR installed on the remote Mac OS X host is prior to 38.7. It is, therefore, affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these issues by convincing a user to visit a specially crafted website, resulting in the execution of arbitrary code in the context of the current user.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-11T00:00:00", "type": "nessus", "title": "Firefox ESR < 38.7 Multiple Vulnerabilities (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:mozilla:firefox_esr"], "id": "MACOSX_FIREFOX_38_7_ESR.NASL", "href": "https://www.tenable.com/plugins/nessus/89872", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89872);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2016-1950\",\n \"CVE-2016-1952\",\n \"CVE-2016-1954\",\n \"CVE-2016-1957\",\n \"CVE-2016-1958\",\n \"CVE-2016-1960\",\n \"CVE-2016-1961\",\n \"CVE-2016-1962\",\n \"CVE-2016-1964\",\n \"CVE-2016-1965\",\n \"CVE-2016-1966\",\n \"CVE-2016-1974\",\n \"CVE-2016-1977\",\n \"CVE-2016-2790\",\n \"CVE-2016-2791\",\n \"CVE-2016-2792\",\n \"CVE-2016-2793\",\n \"CVE-2016-2794\",\n \"CVE-2016-2795\",\n \"CVE-2016-2796\",\n \"CVE-2016-2797\",\n \"CVE-2016-2798\",\n \"CVE-2016-2799\",\n \"CVE-2016-2800\",\n \"CVE-2016-2801\",\n \"CVE-2016-2802\"\n );\n script_xref(name:\"MFSA\", value:\"2016-16\");\n script_xref(name:\"MFSA\", value:\"2016-17\");\n script_xref(name:\"MFSA\", value:\"2016-20\");\n script_xref(name:\"MFSA\", value:\"2016-21\");\n script_xref(name:\"MFSA\", value:\"2016-23\");\n script_xref(name:\"MFSA\", value:\"2016-24\");\n script_xref(name:\"MFSA\", value:\"2016-25\");\n script_xref(name:\"MFSA\", value:\"2016-27\");\n script_xref(name:\"MFSA\", value:\"2016-28\");\n script_xref(name:\"MFSA\", value:\"2016-31\");\n script_xref(name:\"MFSA\", value:\"2016-34\");\n script_xref(name:\"MFSA\", value:\"2016-35\");\n script_xref(name:\"MFSA\", value:\"2016-37\");\n\n script_name(english:\"Firefox ESR < 38.7 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks the version of Firefox.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox ESR installed on the remote Mac OS X host is\nprior to 38.7. It is, therefore, affected by multiple\nvulnerabilities, the majority of which are remote code execution\nvulnerabilities. An unauthenticated, remote attacker can exploit these\nissues by convincing a user to visit a specially crafted website,\nresulting in the execution of arbitrary code in the context of the\ncurrent user.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-21/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-25/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-28/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Firefox ESR version 38.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1962\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox_esr\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_firefox_installed.nasl\");\n script_require_keys(\"MacOSX/Firefox/Installed\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\n\nkb_base = \"MacOSX/Firefox\";\nget_kb_item_or_exit(kb_base+\"/Installed\");\n\nversion = get_kb_item_or_exit(kb_base+\"/Version\", exit_code:1);\npath = get_kb_item_or_exit(kb_base+\"/Path\", exit_code:1);\n\nis_esr = get_kb_item(kb_base+\"/is_esr\");\nif (isnull(is_esr)) audit(AUDIT_NOT_INST, \"Mozilla Firefox ESR\");\n\nmozilla_check_version(product:'firefox', version:version, path:path, esr:TRUE, fix:'38.7', severity:SECURITY_HOLE);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:12:21", "description": "According to the versions of the firefox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1973, CVE-2016-1974, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966)\n\n - Multiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-05-01T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP1 : firefox (EulerOS-SA-2016-1002)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:firefox", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2016-1002.NASL", "href": "https://www.tenable.com/plugins/nessus/99765", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99765);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-1952\",\n \"CVE-2016-1954\",\n \"CVE-2016-1957\",\n \"CVE-2016-1958\",\n \"CVE-2016-1960\",\n \"CVE-2016-1961\",\n \"CVE-2016-1962\",\n \"CVE-2016-1964\",\n \"CVE-2016-1965\",\n \"CVE-2016-1966\",\n \"CVE-2016-1973\",\n \"CVE-2016-1974\",\n \"CVE-2016-1977\",\n \"CVE-2016-2790\",\n \"CVE-2016-2791\",\n \"CVE-2016-2792\",\n \"CVE-2016-2793\",\n \"CVE-2016-2794\",\n \"CVE-2016-2795\",\n \"CVE-2016-2796\",\n \"CVE-2016-2797\",\n \"CVE-2016-2798\",\n \"CVE-2016-2799\",\n \"CVE-2016-2800\",\n \"CVE-2016-2801\",\n \"CVE-2016-2802\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : firefox (EulerOS-SA-2016-1002)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the firefox package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Several flaws were found in the processing of malformed\n web content. A web page containing malicious content\n could cause Firefox to crash or, potentially, execute\n arbitrary code with the privileges of the user running\n Firefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957,\n CVE-2016-1958, CVE-2016-1960, CVE-2016-1961,\n CVE-2016-1962, CVE-2016-1973, CVE-2016-1974,\n CVE-2016-1964, CVE-2016-1965, CVE-2016-1966)\n\n - Multiple security flaws were found in the graphite2\n font library shipped with Firefox. A web page\n containing malicious content could cause Firefox to\n crash or, potentially, execute arbitrary code with the\n privileges of the user running Firefox. (CVE-2016-1977,\n CVE-2016-2790, CVE-2016-2791, CVE-2016-2792,\n CVE-2016-2793, CVE-2016-2794, CVE-2016-2795,\n CVE-2016-2796, CVE-2016-2797, CVE-2016-2798,\n CVE-2016-2799, CVE-2016-2800, CVE-2016-2801,\n CVE-2016-2802)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1002\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7258a8f1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"firefox-38.7.0-1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg, allowmaj:TRUE)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:11:17", "description": "MozillaThunderbird was updated to 38.7.0 to fix the following issues :\n\n - Update to Thunderbird 38.7.0 (boo#969894)\n\n - MFSA 2015-81/CVE-2015-4477 (bmo#1179484) Use-after-free in MediaStream playback\n\n - MFSA 2015-136/CVE-2015-7207 (bmo#1185256) Same-origin policy violation using performance.getEntries and history navigation\n\n - MFSA 2016-16/CVE-2016-1952 Miscellaneous memory safety hazards\n\n - MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and potential privilege escalation through CSP reports\n\n - MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in libstagefright when deleting an array during MP4 processing\n\n - MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be overridden\n\n - MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free in HTML5 string parser\n\n - MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free in SetBody\n\n - MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using multiple WebRTC data channels\n\n - MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML transformations\n\n - MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though history navigation and Location protocol property\n\n - MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with malicious NPAPI plugin\n\n - MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML parser following a failed allocation\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the Graphite 2 library", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-25T00:00:00", "type": "nessus", "title": "openSUSE Security Update : MozillaThunderbird (openSUSE-2016-395)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4477", "CVE-2015-7207", "CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaThunderbird", "p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other", "cpe:/o:novell:opensuse:13.2", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-395.NASL", "href": "https://www.tenable.com/plugins/nessus/90170", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-395.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90170);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-4477\", \"CVE-2015-7207\", \"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n\n script_name(english:\"openSUSE Security Update : MozillaThunderbird (openSUSE-2016-395)\");\n script_summary(english:\"Check for the openSUSE-2016-395 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"MozillaThunderbird was updated to 38.7.0 to fix the following issues :\n\n - Update to Thunderbird 38.7.0 (boo#969894)\n\n - MFSA 2015-81/CVE-2015-4477 (bmo#1179484) Use-after-free\n in MediaStream playback\n\n - MFSA 2015-136/CVE-2015-7207 (bmo#1185256) Same-origin\n policy violation using performance.getEntries and\n history navigation\n\n - MFSA 2016-16/CVE-2016-1952 Miscellaneous memory safety\n hazards\n\n - MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file\n overwriting and potential privilege escalation through\n CSP reports\n\n - MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in\n libstagefright when deleting an array during MP4\n processing\n\n - MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page\n address can be overridden\n\n - MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014)\n Use-after-free in HTML5 string parser\n\n - MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377)\n Use-after-free in SetBody\n\n - MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free\n when using multiple WebRTC data channels\n\n - MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free\n during XML transformations\n\n - MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar\n spoofing though history navigation and Location protocol\n property\n\n - MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory\n corruption with malicious NPAPI plugin\n\n - MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds\n read in HTML parser following a failed allocation\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font\n vulnerabilities in the Graphite 2 library\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969894\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaThunderbird packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-38.7.0-40.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-buildsymbols-38.7.0-40.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-debuginfo-38.7.0-40.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-debugsource-38.7.0-40.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-devel-38.7.0-40.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-translations-common-38.7.0-40.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-translations-other-38.7.0-40.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaThunderbird-38.7.0-13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaThunderbird-buildsymbols-38.7.0-13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaThunderbird-debuginfo-38.7.0-13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaThunderbird-debugsource-38.7.0-13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaThunderbird-devel-38.7.0-13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaThunderbird-translations-common-38.7.0-13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaThunderbird-translations-other-38.7.0-13.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaThunderbird / MozillaThunderbird-buildsymbols / etc\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:11:18", "description": "MozillaThunderbird was updated to 38.7.0 to fix the following issues :\n\n - Update to Thunderbird 38.7.0 (boo#969894)\n\n - MFSA 2015-81/CVE-2015-4477 (bmo#1179484) Use-after-free in MediaStream playback\n\n - MFSA 2015-136/CVE-2015-7207 (bmo#1185256) Same-origin policy violation using performance.getEntries and history navigation\n\n - MFSA 2016-16/CVE-2016-1952 Miscellaneous memory safety hazards\n\n - MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and potential privilege escalation through CSP reports\n\n - MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in libstagefright when deleting an array during MP4 processing\n\n - MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be overridden\n\n - MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free in HTML5 string parser\n\n - MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free in SetBody\n\n - MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using multiple WebRTC data channels\n\n - MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML transformations\n\n - MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though history navigation and Location protocol property\n\n - MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with malicious NPAPI plugin\n\n - MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML parser following a failed allocation\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the Graphite 2 library", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-28T00:00:00", "type": "nessus", "title": "openSUSE Security Update : MozillaThunderbird (openSUSE-2016-402)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4477", "CVE-2015-7207", "CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaThunderbird", "p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2016-402.NASL", "href": "https://www.tenable.com/plugins/nessus/90240", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-402.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90240);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-4477\", \"CVE-2015-7207\", \"CVE-2016-1952\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n\n script_name(english:\"openSUSE Security Update : MozillaThunderbird (openSUSE-2016-402)\");\n script_summary(english:\"Check for the openSUSE-2016-402 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"MozillaThunderbird was updated to 38.7.0 to fix the following issues :\n\n - Update to Thunderbird 38.7.0 (boo#969894)\n\n - MFSA 2015-81/CVE-2015-4477 (bmo#1179484) Use-after-free\n in MediaStream playback\n\n - MFSA 2015-136/CVE-2015-7207 (bmo#1185256) Same-origin\n policy violation using performance.getEntries and\n history navigation\n\n - MFSA 2016-16/CVE-2016-1952 Miscellaneous memory safety\n hazards\n\n - MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file\n overwriting and potential privilege escalation through\n CSP reports\n\n - MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in\n libstagefright when deleting an array during MP4\n processing\n\n - MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page\n address can be overridden\n\n - MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014)\n Use-after-free in HTML5 string parser\n\n - MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377)\n Use-after-free in SetBody\n\n - MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free\n when using multiple WebRTC data channels\n\n - MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free\n during XML transformations\n\n - MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar\n spoofing though history navigation and Location protocol\n property\n\n - MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory\n corruption with malicious NPAPI plugin\n\n - MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds\n read in HTML parser following a failed allocation\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font\n vulnerabilities in the Graphite 2 library\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969894\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaThunderbird packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-38.7.0-70.80.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-buildsymbols-38.7.0-70.80.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-debuginfo-38.7.0-70.80.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-debugsource-38.7.0-70.80.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-devel-38.7.0-70.80.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-translations-common-38.7.0-70.80.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-translations-other-38.7.0-70.80.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaThunderbird / MozillaThunderbird-buildsymbols / etc\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T15:39:31", "description": "This update contains Mozilla Thunderbird 45.2. (boo#983549)\n\nIt fixes security issues mostly affecting the e-mail program when used in a browser context, such as viewing a web page or HTMl formatted e-mail.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2016-2818, CVE-2016-2815: Memory safety bugs (boo#983549, MFSA2016-49)\n\nContains the following security fixes from the 45.1 release:\n(boo#977333)\n\n - CVE-2016-2806, CVE-2016-2807: Miscellaneous memory safety hazards (boo#977375, boo#977376, MFSA 2016-39)\n\nContains the following security fixes from the 45.0 release:\n(boo#969894)\n\n - CVE-2016-1952, CVE-2016-1953: Miscellaneous memory safety hazards (MFSA 2016-16)\n\n - CVE-2016-1954: Local file overwriting and potential privilege escalation through CSP reports (MFSA 2016-17)\n\n - CVE-2016-1955: CSP reports fail to strip location information for embedded iframe pages (MFSA 2016-18)\n\n - CVE-2016-1956: Linux video memory DOS with Intel drivers (MFSA 2016-19)\n\n - CVE-2016-1957: Memory leak in libstagefright when deleting an array during MP4 processing (MFSA 2016-20)\n\n - CVE-2016-1960: Use-after-free in HTML5 string parser (MFSA 2016-23)\n\n - CVE-2016-1961: Use-after-free in SetBody (MFSA 2016-24)\n\n - CVE-2016-1964: Use-after-free during XML transformations (MFSA 2016-27)\n\n - CVE-2016-1974: Out-of-bounds read in HTML parser following a failed allocation (MFSA 2016-34)\n\nThe graphite font shaping library was disabled, addressing the following font vulnerabilities :\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802\n\nThe following tracked packaging changes are included :\n\n - fix build issues with gcc/binutils combination used in Leap 42.2 (boo#984637)\n\n - gcc6 fixes (boo#986162)\n\n - running on 48bit va aarch64 (boo#984126)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-07-11T00:00:00", "type": "nessus", "title": "openSUSE Security Update : Mozilla Thunderbird (openSUSE-2016-848)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1957", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1964", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802", "CVE-2016-2806", "CVE-2016-2807", "CVE-2016-2815", "CVE-2016-2818"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaThunderbird", "p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2016-848.NASL", "href": "https://www.tenable.com/plugins/nessus/91985", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-848.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91985);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1964\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\", \"CVE-2016-2806\", \"CVE-2016-2807\", \"CVE-2016-2815\", \"CVE-2016-2818\");\n\n script_name(english:\"openSUSE Security Update : Mozilla Thunderbird (openSUSE-2016-848)\");\n script_summary(english:\"Check for the openSUSE-2016-848 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update contains Mozilla Thunderbird 45.2. (boo#983549)\n\nIt fixes security issues mostly affecting the e-mail program when used\nin a browser context, such as viewing a web page or HTMl formatted\ne-mail.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2016-2818, CVE-2016-2815: Memory safety bugs\n (boo#983549, MFSA2016-49)\n\nContains the following security fixes from the 45.1 release:\n(boo#977333)\n\n - CVE-2016-2806, CVE-2016-2807: Miscellaneous memory\n safety hazards (boo#977375, boo#977376, MFSA 2016-39)\n\nContains the following security fixes from the 45.0 release:\n(boo#969894)\n\n - CVE-2016-1952, CVE-2016-1953: Miscellaneous memory\n safety hazards (MFSA 2016-16)\n\n - CVE-2016-1954: Local file overwriting and potential\n privilege escalation through CSP reports (MFSA 2016-17)\n\n - CVE-2016-1955: CSP reports fail to strip location\n information for embedded iframe pages (MFSA 2016-18)\n\n - CVE-2016-1956: Linux video memory DOS with Intel drivers\n (MFSA 2016-19)\n\n - CVE-2016-1957: Memory leak in libstagefright when\n deleting an array during MP4 processing (MFSA 2016-20)\n\n - CVE-2016-1960: Use-after-free in HTML5 string parser\n (MFSA 2016-23)\n\n - CVE-2016-1961: Use-after-free in SetBody (MFSA 2016-24)\n\n - CVE-2016-1964: Use-after-free during XML transformations\n (MFSA 2016-27)\n\n - CVE-2016-1974: Out-of-bounds read in HTML parser\n following a failed allocation (MFSA 2016-34)\n\nThe graphite font shaping library was disabled, addressing the\nfollowing font vulnerabilities :\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802\n\nThe following tracked packaging changes are included :\n\n - fix build issues with gcc/binutils combination used in\n Leap 42.2 (boo#984637)\n\n - gcc6 fixes (boo#986162)\n\n - running on 48bit va aarch64 (boo#984126)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977376\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=983549\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=984126\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=984637\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=986162\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Mozilla Thunderbird packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-45.2-70.83.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-buildsymbols-45.2-70.83.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-debuginfo-45.2-70.83.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-debugsource-45.2-70.83.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-devel-45.2-70.83.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-translations-common-45.2-70.83.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaThunderbird-translations-other-45.2-70.83.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaThunderbird / MozillaThunderbird-buildsymbols / etc\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T15:39:30", "description": "This update contains Mozilla Thunderbird 45.2. (boo#983549)\n\nIt fixes security issues mostly affecting the e-mail program when used in a browser context, such as viewing a web page or HTMl formatted e-mail.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2016-2818, CVE-2016-2815: Memory safety bugs (boo#983549, MFSA2016-49)\n\nContains the following security fixes from the 45.1 release:\n(boo#977333)\n\n - CVE-2016-2806, CVE-2016-2807: Miscellaneous memory safety hazards (boo#977375, boo#977376, MFSA 2016-39)\n\nContains the following security fixes from the 45.0 release:\n(boo#969894)\n\n - CVE-2016-1952, CVE-2016-1953: Miscellaneous memory safety hazards (MFSA 2016-16)\n\n - CVE-2016-1954: Local file overwriting and potential privilege escalation through CSP reports (MFSA 2016-17)\n\n - CVE-2016-1955: CSP reports fail to strip location information for embedded iframe pages (MFSA 2016-18)\n\n - CVE-2016-1956: Linux video memory DOS with Intel drivers (MFSA 2016-19)\n\n - CVE-2016-1957: Memory leak in libstagefright when deleting an array during MP4 processing (MFSA 2016-20)\n\n - CVE-2016-1960: Use-after-free in HTML5 string parser (MFSA 2016-23)\n\n - CVE-2016-1961: Use-after-free in SetBody (MFSA 2016-24)\n\n - CVE-2016-1964: Use-after-free during XML transformations (MFSA 2016-27)\n\n - CVE-2016-1974: Out-of-bounds read in HTML parser following a failed allocation (MFSA 2016-34)\n\nThe graphite font shaping library was disabled, addressing the following font vulnerabilities :\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802\n\nThe following tracked packaging changes are included :\n\n - fix build issues with gcc/binutils combination used in Leap 42.2 (boo#984637)\n\n - gcc6 fixes (boo#986162)\n\n - running on 48bit va aarch64 (boo#984126)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-07-11T00:00:00", "type": "nessus", "title": "openSUSE Security Update : Mozilla Thunderbird (openSUSE-2016-851)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1957", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1964", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802", "CVE-2016-2806", "CVE-2016-2807", "CVE-2016-2815", "CVE-2016-2818"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaThunderbird", "p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other", "cpe:/o:novell:opensuse:13.2", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-851.NASL", "href": "https://www.tenable.com/plugins/nessus/91986", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-851.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91986);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1964\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\", \"CVE-2016-2806\", \"CVE-2016-2807\", \"CVE-2016-2815\", \"CVE-2016-2818\");\n\n script_name(english:\"openSUSE Security Update : Mozilla Thunderbird (openSUSE-2016-851)\");\n script_summary(english:\"Check for the openSUSE-2016-851 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update contains Mozilla Thunderbird 45.2. (boo#983549)\n\nIt fixes security issues mostly affecting the e-mail program when used\nin a browser context, such as viewing a web page or HTMl formatted\ne-mail.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2016-2818, CVE-2016-2815: Memory safety bugs\n (boo#983549, MFSA2016-49)\n\nContains the following security fixes from the 45.1 release:\n(boo#977333)\n\n - CVE-2016-2806, CVE-2016-2807: Miscellaneous memory\n safety hazards (boo#977375, boo#977376, MFSA 2016-39)\n\nContains the following security fixes from the 45.0 release:\n(boo#969894)\n\n - CVE-2016-1952, CVE-2016-1953: Miscellaneous memory\n safety hazards (MFSA 2016-16)\n\n - CVE-2016-1954: Local file overwriting and potential\n privilege escalation through CSP reports (MFSA 2016-17)\n\n - CVE-2016-1955: CSP reports fail to strip location\n information for embedded iframe pages (MFSA 2016-18)\n\n - CVE-2016-1956: Linux video memory DOS with Intel drivers\n (MFSA 2016-19)\n\n - CVE-2016-1957: Memory leak in libstagefright when\n deleting an array during MP4 processing (MFSA 2016-20)\n\n - CVE-2016-1960: Use-after-free in HTML5 string parser\n (MFSA 2016-23)\n\n - CVE-2016-1961: Use-after-free in SetBody (MFSA 2016-24)\n\n - CVE-2016-1964: Use-after-free during XML transformations\n (MFSA 2016-27)\n\n - CVE-2016-1974: Out-of-bounds read in HTML parser\n following a failed allocation (MFSA 2016-34)\n\nThe graphite font shaping library was disabled, addressing the\nfollowing font vulnerabilities :\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802\n\nThe following tracked packaging changes are included :\n\n - fix build issues with gcc/binutils combination used in\n Leap 42.2 (boo#984637)\n\n - gcc6 fixes (boo#986162)\n\n - running on 48bit va aarch64 (boo#984126)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977376\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=983549\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=984126\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=984637\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=986162\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Mozilla Thunderbird packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-45.2-43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-buildsymbols-45.2-43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-debuginfo-45.2-43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-debugsource-45.2-43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-devel-45.2-43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-translations-common-45.2-43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaThunderbird-translations-other-45.2-43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaThunderbird-45.2-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaThunderbird-buildsymbols-45.2-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaThunderbird-debuginfo-45.2-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaThunderbird-debugsource-45.2-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaThunderbird-devel-45.2-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaThunderbird-translations-common-45.2-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaThunderbird-translations-other-45.2-16.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaThunderbird / MozillaThunderbird-buildsymbols / etc\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:13:44", "description": "This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues :\n\nMozilla Firefox was updated to 38.7.0 ESR (bsc#969894), fixing following security issues :\n\n - MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)\n\n - MFSA 2016-17/CVE-2016-1954 Local file overwriting and potential privilege escalation through CSP reports\n\n - MFSA 2016-20/CVE-2016-1957 Memory leak in libstagefright when deleting an array during MP4 processing\n\n - MFSA 2016-21/CVE-2016-1958 Displayed page address can be overridden\n\n - MFSA 2016-23/CVE-2016-1960 Use-after-free in HTML5 string parser\n\n - MFSA 2016-24/CVE-2016-1961 Use-after-free in SetBody\n\n - MFSA 2016-25/CVE-2016-1962 Use-after-free when using multiple WebRTC data channels\n\n - MFSA 2016-27/CVE-2016-1964 Use-after-free during XML transformations\n\n - MFSA 2016-28/CVE-2016-1965 Addressbar spoofing though history navigation and Location protocol property\n\n - MFSA 2016-31/CVE-2016-1966 Memory corruption with malicious NPAPI plugin\n\n - MFSA 2016-34/CVE-2016-1974 Out-of-bounds read in HTML parser following a failed allocation\n\n - MFSA 2016-35/CVE-2016-1950 Buffer overflow during ASN.1 decoding in NSS\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the Graphite 2 library\n\nMozilla NSPR was updated to version 4.12 (bsc#969894), fixing following bugs :\n\n - added a PR_GetEnvSecure function, which attempts to detect if the program is being executed with elevated privileges, and returns NULL if detected. It is recommended to use this function in general purpose library code.\n\n - fixed a memory allocation bug related to the PR_*printf functions\n\n - exported API PR_DuplicateEnvironment, which had already been added in NSPR 4.10.9\n\n - added support for FreeBSD aarch64\n\n - several minor correctness and compatibility fixes\n\nMozilla NSS was updated to fix security issues (bsc#969894) :\n\n - MFSA 2016-15/CVE-2016-1978 Use-after-free in NSS during SSL connections in low memory\n\n - MFSA 2016-35/CVE-2016-1950 Buffer overflow during ASN.1 decoding in NSS\n\n - MFSA 2016-36/CVE-2016-1979 Use-after-free during processing of DER encoded keys in NSS\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-15T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : MozillaFirefox, mozilla-nspr, mozilla-nss (SUSE-SU-2016:0727-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-1978", "CVE-2016-1979", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:MozillaFirefox", "p-cpe:/a:novell:suse_linux:MozillaFirefox-debuginfo", "p-cpe:/a:novell:suse_linux:MozillaFirefox-debugsource", "p-cpe:/a:novell:suse_linux:MozillaFirefox-translations", "p-cpe:/a:novell:suse_linux:libfreebl3", "p-cpe:/a:novell:suse_linux:libfreebl3-debuginfo", "p-cpe:/a:novell:suse_linux:libfreebl3-hmac", "p-cpe:/a:novell:suse_linux:libsoftokn3", "p-cpe:/a:novell:suse_linux:libsoftokn3-debuginfo", "p-cpe:/a:novell:suse_linux:libsoftokn3-hmac", "p-cpe:/a:novell:suse_linux:mozilla-nspr", "p-cpe:/a:novell:suse_linux:mozilla-nspr-debuginfo", "p-cpe:/a:novell:suse_linux:mozilla-nspr-debugsource", "p-cpe:/a:novell:suse_linux:mozilla-nss", "p-cpe:/a:novell:suse_linux:mozilla-nss-certs", "p-cpe:/a:novell:suse_linux:mozilla-nss-certs-debuginfo", "p-cpe:/a:novell:suse_linux:mozilla-nss-debuginfo", "p-cpe:/a:novell:suse_linux:mozilla-nss-debugsource", "p-cpe:/a:novell:suse_linux:mozilla-nss-sysinit", "p-cpe:/a:novell:suse_linux:mozilla-nss-sysinit-debuginfo", "p-cpe:/a:novell:suse_linux:mozilla-nss-tools", "p-cpe:/a:novell:suse_linux:mozilla-nss-tools-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-0727-1.NASL", "href": "https://www.tenable.com/plugins/nessus/89929", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:0727-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89929);\n script_version(\"2.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-1978\", \"CVE-2016-1979\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : MozillaFirefox, mozilla-nspr, mozilla-nss (SUSE-SU-2016:0727-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the\nfollowing issues :\n\nMozilla Firefox was updated to 38.7.0 ESR (bsc#969894), fixing\nfollowing security issues :\n\n - MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous\n memory safety hazards (rv:45.0 / rv:38.7)\n\n - MFSA 2016-17/CVE-2016-1954 Local file overwriting and\n potential privilege escalation through CSP reports\n\n - MFSA 2016-20/CVE-2016-1957 Memory leak in libstagefright\n when deleting an array during MP4 processing\n\n - MFSA 2016-21/CVE-2016-1958 Displayed page address can be\n overridden\n\n - MFSA 2016-23/CVE-2016-1960 Use-after-free in HTML5\n string parser\n\n - MFSA 2016-24/CVE-2016-1961 Use-after-free in SetBody\n\n - MFSA 2016-25/CVE-2016-1962 Use-after-free when using\n multiple WebRTC data channels\n\n - MFSA 2016-27/CVE-2016-1964 Use-after-free during XML\n transformations\n\n - MFSA 2016-28/CVE-2016-1965 Addressbar spoofing though\n history navigation and Location protocol property\n\n - MFSA 2016-31/CVE-2016-1966 Memory corruption with\n malicious NPAPI plugin\n\n - MFSA 2016-34/CVE-2016-1974 Out-of-bounds read in HTML\n parser following a failed allocation\n\n - MFSA 2016-35/CVE-2016-1950 Buffer overflow during ASN.1\n decoding in NSS\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font\n vulnerabilities in the Graphite 2 library\n\nMozilla NSPR was updated to version 4.12 (bsc#969894), fixing\nfollowing bugs :\n\n - added a PR_GetEnvSecure function, which attempts to\n detect if the program is being executed with elevated\n privileges, and returns NULL if detected. It is\n recommended to use this function in general purpose\n library code.\n\n - fixed a memory allocation bug related to the PR_*printf\n functions\n\n - exported API PR_DuplicateEnvironment, which had already\n been added in NSPR 4.10.9\n\n - added support for FreeBSD aarch64\n\n - several minor correctness and compatibility fixes\n\nMozilla NSS was updated to fix security issues (bsc#969894) :\n\n - MFSA 2016-15/CVE-2016-1978 Use-after-free in NSS during\n SSL connections in low memory\n\n - MFSA 2016-35/CVE-2016-1950 Buffer overflow during ASN.1\n decoding in NSS\n\n - MFSA 2016-36/CVE-2016-1979 Use-after-free during\n processing of DER encoded keys in NSS\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=969894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1950/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1952/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1953/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1954/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1957/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1958/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1960/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1961/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1962/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1964/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1965/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1966/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1974/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1977/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1978/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1979/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2790/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2791/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2792/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2793/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2794/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2795/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2796/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2797/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2798/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2799/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2800/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2801/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2802/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20160727-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8a1e0fb1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP1-2016-419=1\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2016-419=1\n\nSUSE Linux Enterprise Server 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-419=1\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2016-419=1\n\nSUSE Linux Enterprise Desktop 12-SP1 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-419=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2016-419=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libfreebl3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libfreebl3-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsoftokn3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsoftokn3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsoftokn3-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nspr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nspr-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-certs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-certs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-sysinit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"MozillaFirefox-38.7.0esr-63.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"MozillaFirefox-debuginfo-38.7.0esr-63.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"MozillaFirefox-debugsource-38.7.0esr-63.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"MozillaFirefox-translations-38.7.0esr-63.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libfreebl3-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libfreebl3-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libfreebl3-hmac-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsoftokn3-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsoftokn3-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsoftokn3-hmac-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nspr-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nspr-debuginfo-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nspr-debugsource-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nss-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nss-certs-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nss-certs-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nss-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nss-debugsource-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nss-sysinit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nss-sysinit-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nss-tools-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nss-tools-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libfreebl3-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libfreebl3-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libfreebl3-hmac-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsoftokn3-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsoftokn3-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libsoftokn3-hmac-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nspr-32bit-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nspr-debuginfo-32bit-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nss-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nss-certs-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nss-certs-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nss-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nss-sysinit-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"mozilla-nss-sysinit-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"MozillaFirefox-38.7.0esr-63.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"MozillaFirefox-debuginfo-38.7.0esr-63.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"MozillaFirefox-debugsource-38.7.0esr-63.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"MozillaFirefox-translations-38.7.0esr-63.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libfreebl3-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libfreebl3-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libfreebl3-hmac-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsoftokn3-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsoftokn3-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsoftokn3-hmac-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nspr-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nspr-debuginfo-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nspr-debugsource-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-certs-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-certs-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-debugsource-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-sysinit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-sysinit-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-tools-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-tools-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libfreebl3-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libfreebl3-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libfreebl3-hmac-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsoftokn3-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsoftokn3-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libsoftokn3-hmac-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nspr-32bit-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nspr-debuginfo-32bit-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-certs-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-certs-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-sysinit-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"mozilla-nss-sysinit-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"MozillaFirefox-38.7.0esr-63.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"MozillaFirefox-debuginfo-38.7.0esr-63.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"MozillaFirefox-debugsource-38.7.0esr-63.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"MozillaFirefox-translations-38.7.0esr-63.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libfreebl3-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libfreebl3-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libfreebl3-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libsoftokn3-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libsoftokn3-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libsoftokn3-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nspr-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nspr-debuginfo-32bit-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nspr-debuginfo-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nspr-debugsource-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nss-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nss-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nss-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nss-debugsource-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nss-tools-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"mozilla-nss-tools-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"MozillaFirefox-38.7.0esr-63.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"MozillaFirefox-debuginfo-38.7.0esr-63.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"MozillaFirefox-debugsource-38.7.0esr-63.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"MozillaFirefox-translations-38.7.0esr-63.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libfreebl3-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libfreebl3-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libfreebl3-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libsoftokn3-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libsoftokn3-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libsoftokn3-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nspr-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nspr-debuginfo-32bit-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nspr-debuginfo-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nspr-debugsource-4.12-12.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-debugsource-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-debuginfo-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-debuginfo-32bit-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-tools-3.20.2-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"mozilla-nss-tools-debuginfo-3.20.2-40.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox / mozilla-nspr / mozilla-nss\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:12:05", "description": "This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues :\n\nMozilla Firefox was updated to 38.7.0 ESR (bsc#969894)\n\n - MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)\n\n - MFSA 2016-17/CVE-2016-1954 Local file overwriting and potential privilege escalation through CSP reports\n\n - MFSA 2016-20/CVE-2016-1957 A memory leak in libstagefright when deleting an array during MP4 processing was fixed.\n\n - MFSA 2016-21/CVE-2016-1958 The displayed page address can be overridden\n\n - MFSA 2016-23/CVE-2016-1960 A use-after-free in HTML5 string parser was fixed.\n\n - MFSA 2016-24/CVE-2016-1961 A use-after-free in SetBody was fixed.\n\n - MFSA 2016-25/CVE-2016-1962 A use-after-free when using multiple WebRTC data channels was fixed.\n\n - MFSA 2016-27/CVE-2016-1964 A use-after-free during XML transformations was fixed.\n\n - MFSA 2016-28/CVE-2016-1965 Addressbar spoofing though history navigation and Location protocol property was fixed.\n\n - MFSA 2016-31/CVE-2016-1966 Memory corruption with malicious NPAPI plugin was fixed.\n\n - MFSA 2016-34/CVE-2016-1974 A out-of-bounds read in the HTML parser following a failed allocation was fixed.\n\n - MFSA 2016-35/CVE-2016-1950 A buffer overflow during ASN.1 decoding in NSS was fixed.\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Various font vulnerabilities were fixed in the embedded Graphite 2 library\n\nMozilla NSS was updated to fix :\n\n - MFSA 2016-15/CVE-2016-1978 Use-after-free in NSS during SSL connections in low memory\n\n - MFSA 2016-35/CVE-2016-1950 Buffer overflow during ASN.1 decoding in NSS\n\n - MFSA 2016-36/CVE-2016-1979 Use-after-free during processing of DER encoded keys in NSS\n\nMozilla NSPR was updated to version 4.12 (bsc#969894)\n\n - added a PR_GetEnvSecure function, which attempts to detect if the program is being executed with elevated privileges, and returns NULL if detected. It is recommended to use this function in general purpose library code.\n\n - fixed a memory allocation bug related to the PR_*printf functions\n\n - exported API PR_DuplicateEnvironment, which had already been added in NSPR 4.10.9\n\n - added support for FreeBSD aarch64\n\n - several minor correctness and compatibility fixes\n\n - Enable atomic instructions on mips (bmo#1129878)\n\n - Fix mips assertion failure when creating thread with custom stack size (bmo#1129968)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-17T00:00:00", "type": "nessus", "title": "SUSE SLED11 / SLES11 Security Update : MozillaFirefox, mozilla-nspr, mozilla-nss (SUSE-SU-2016:0777-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-1978", "CVE-2016-1979", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:MozillaFirefox", "p-cpe:/a:novell:suse_linux:MozillaFirefox-translations", "p-cpe:/a:novell:suse_linux:libfreebl3", "p-cpe:/a:novell:suse_linux:libsoftokn3", "p-cpe:/a:novell:suse_linux:mozilla-nspr", "p-cpe:/a:novell:suse_linux:mozilla-nss", "p-cpe:/a:novell:suse_linux:mozilla-nss-tools", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2016-0777-1.NASL", "href": "https://www.tenable.com/plugins/nessus/89990", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:0777-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89990);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-1978\", \"CVE-2016-1979\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n\n script_name(english:\"SUSE SLED11 / SLES11 Security Update : MozillaFirefox, mozilla-nspr, mozilla-nss (SUSE-SU-2016:0777-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the\nfollowing issues :\n\nMozilla Firefox was updated to 38.7.0 ESR (bsc#969894)\n\n - MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous\n memory safety hazards (rv:45.0 / rv:38.7)\n\n - MFSA 2016-17/CVE-2016-1954 Local file overwriting and\n potential privilege escalation through CSP reports\n\n - MFSA 2016-20/CVE-2016-1957 A memory leak in\n libstagefright when deleting an array during MP4\n processing was fixed.\n\n - MFSA 2016-21/CVE-2016-1958 The displayed page address\n can be overridden\n\n - MFSA 2016-23/CVE-2016-1960 A use-after-free in HTML5\n string parser was fixed.\n\n - MFSA 2016-24/CVE-2016-1961 A use-after-free in SetBody\n was fixed.\n\n - MFSA 2016-25/CVE-2016-1962 A use-after-free when using\n multiple WebRTC data channels was fixed.\n\n - MFSA 2016-27/CVE-2016-1964 A use-after-free during XML\n transformations was fixed.\n\n - MFSA 2016-28/CVE-2016-1965 Addressbar spoofing though\n history navigation and Location protocol property was\n fixed.\n\n - MFSA 2016-31/CVE-2016-1966 Memory corruption with\n malicious NPAPI plugin was fixed.\n\n - MFSA 2016-34/CVE-2016-1974 A out-of-bounds read in the\n HTML parser following a failed allocation was fixed.\n\n - MFSA 2016-35/CVE-2016-1950 A buffer overflow during\n ASN.1 decoding in NSS was fixed.\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Various font\n vulnerabilities were fixed in the embedded Graphite 2\n library\n\nMozilla NSS was updated to fix :\n\n - MFSA 2016-15/CVE-2016-1978 Use-after-free in NSS during\n SSL connections in low memory\n\n - MFSA 2016-35/CVE-2016-1950 Buffer overflow during ASN.1\n decoding in NSS\n\n - MFSA 2016-36/CVE-2016-1979 Use-after-free during\n processing of DER encoded keys in NSS\n\nMozilla NSPR was updated to version 4.12 (bsc#969894)\n\n - added a PR_GetEnvSecure function, which attempts to\n detect if the program is being executed with elevated\n privileges, and returns NULL if detected. It is\n recommended to use this function in general purpose\n library code.\n\n - fixed a memory allocation bug related to the PR_*printf\n functions\n\n - exported API PR_DuplicateEnvironment, which had already\n been added in NSPR 4.10.9\n\n - added support for FreeBSD aarch64\n\n - several minor correctness and compatibility fixes\n\n - Enable atomic instructions on mips (bmo#1129878)\n\n - Fix mips assertion failure when creating thread with\n custom stack size (bmo#1129968)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=969894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1950/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1952/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1953/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1954/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1957/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1958/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1960/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1961/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1962/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1964/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1965/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1966/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1974/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1977/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1978/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1979/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2790/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2791/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2792/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2793/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2794/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2795/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2796/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2797/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2798/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2799/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2800/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2801/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2802/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20160777-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?90a5bfcb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4 :\n\nzypper in -t patch sdksp4-MozillaFirefox-20160309-12458=1\n\nSUSE Linux Enterprise Server 11-SP4 :\n\nzypper in -t patch slessp4-MozillaFirefox-20160309-12458=1\n\nSUSE Linux Enterprise Server 11-SP3-LTSS :\n\nzypper in -t patch slessp3-MozillaFirefox-20160309-12458=1\n\nSUSE Linux Enterprise Desktop 11-SP4 :\n\nzypper in -t patch sledsp4-MozillaFirefox-20160309-12458=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4 :\n\nzypper in -t patch dbgsp4-MozillaFirefox-20160309-12458=1\n\nSUSE Linux Enterprise Debuginfo 11-SP3 :\n\nzypper in -t patch dbgsp3-MozillaFirefox-20160309-12458=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsoftokn3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED11|SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED11 / SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP3/4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.12-24.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libfreebl3-32bit-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libsoftokn3-32bit-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"mozilla-nspr-32bit-4.12-24.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"mozilla-nss-32bit-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"MozillaFirefox-38.7.0esr-37.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"MozillaFirefox-translations-38.7.0esr-37.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libfreebl3-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libsoftokn3-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"mozilla-nspr-4.12-24.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"mozilla-nss-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"mozilla-nss-tools-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.12-24.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"libfreebl3-32bit-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"libsoftokn3-32bit-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"mozilla-nspr-32bit-4.12-24.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"mozilla-nss-32bit-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"MozillaFirefox-38.7.0esr-37.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"MozillaFirefox-translations-38.7.0esr-37.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"libfreebl3-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"libsoftokn3-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"mozilla-nspr-4.12-24.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"mozilla-nss-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"mozilla-nss-tools-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"MozillaFirefox-38.7.0esr-37.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"MozillaFirefox-translations-38.7.0esr-37.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"libfreebl3-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"libsoftokn3-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"mozilla-nspr-4.12-24.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"mozilla-nss-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"mozilla-nss-tools-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.12-24.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"MozillaFirefox-38.7.0esr-37.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"MozillaFirefox-translations-38.7.0esr-37.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"libfreebl3-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"libsoftokn3-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"mozilla-nspr-4.12-24.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"mozilla-nss-3.20.2-28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"mozilla-nss-tools-3.20.2-28.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox / mozilla-nspr / mozilla-nss\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:10:31", "description": "Mozilla Firefox was updated to 38.7.0 ESR, fixing the following security issues :\n\nMFSA 2016-16/CVE-2016-1952/CVE-2016-1953: Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)\n\nMFSA 2016-17/CVE-2016-1954: Local file overwriting and potential privilege escalation through CSP reports\n\nMFSA 2016-20/CVE-2016-1957: Memory leak in libstagefright when deleting an array during MP4 processing\n\nMFSA 2016-21/CVE-2016-1958: Displayed page address can be overridden\n\nMFSA 2016-23/CVE-2016-1960: Use-after-free in HTML5 string parser\n\nMFSA 2016-24/CVE-2016-1961: Use-after-free in SetBody\n\nMFSA 2016-25/CVE-2016-1962: Use-after-free when using multiple WebRTC data channels\n\nMFSA 2016-27/CVE-2016-1964: Use-after-free during XML transformations\n\nMFSA 2016-28/CVE-2016-1965: Addressbar spoofing though history navigation and Location protocol property\n\nMFSA 2016-31/CVE-2016-1966: Memory corruption with malicious NPAPI plugin\n\nMFSA 2016-34/CVE-2016-1974: Out-of-bounds read in HTML parser following a failed allocation\n\nMFSA 2016-35/CVE-2016-1950: Buffer overflow during ASN.1 decoding in NSS\n\nMFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802: Font vulnerabilities in the Graphite 2 library.\n\nMozilla NSPR was updated to version 4.12, fixing following bugs :\n\nAdded a PR_GetEnvSecure function, which attempts to detect if the program is being executed with elevated privileges, and returns NULL if detected. It is recommended to use this function in general purpose library code.\n\nFixed a memory allocation bug related to the PR_*printf functions\n\nExported API PR_DuplicateEnvironment, which had already been added in NSPR 4.10.9\n\nSeveral minor correctness and compatibility fixes.\n\nMozilla NSS was updated to fix security issues :\n\nMFSA 2016-15/CVE-2016-1978: Use-after-free in NSS during SSL connections in low memory\n\nMFSA 2016-35/CVE-2016-1950: Buffer overflow during ASN.1 decoding in NSS\n\nMFSA 2016-36/CVE-2016-1979: Use-after-free during processing of DER encoded keys in NSS.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-21T00:00:00", "type": "nessus", "title": "SUSE SLES10 Security Update : MozillaFirefox (SUSE-SU-2016:0820-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-1978", "CVE-2016-1979", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:MozillaFirefox", "p-cpe:/a:novell:suse_linux:MozillaFirefox-translations", "p-cpe:/a:novell:suse_linux:mozilla-nspr", "p-cpe:/a:novell:suse_linux:mozilla-nspr-devel", "p-cpe:/a:novell:suse_linux:mozilla-nss", "p-cpe:/a:novell:suse_linux:mozilla-nss-devel", "p-cpe:/a:novell:suse_linux:mozilla-nss-tools", "cpe:/o:novell:suse_linux:10"], "id": "SUSE_SU-2016-0820-1.NASL", "href": "https://www.tenable.com/plugins/nessus/90065", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:0820-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90065);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-1978\", \"CVE-2016-1979\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n\n script_name(english:\"SUSE SLES10 Security Update : MozillaFirefox (SUSE-SU-2016:0820-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Firefox was updated to 38.7.0 ESR, fixing the following\nsecurity issues :\n\nMFSA 2016-16/CVE-2016-1952/CVE-2016-1953: Miscellaneous memory safety\nhazards (rv:45.0 / rv:38.7)\n\nMFSA 2016-17/CVE-2016-1954: Local file overwriting and potential\nprivilege escalation through CSP reports\n\nMFSA 2016-20/CVE-2016-1957: Memory leak in libstagefright when\ndeleting an array during MP4 processing\n\nMFSA 2016-21/CVE-2016-1958: Displayed page address can be overridden\n\nMFSA 2016-23/CVE-2016-1960: Use-after-free in HTML5 string parser\n\nMFSA 2016-24/CVE-2016-1961: Use-after-free in SetBody\n\nMFSA 2016-25/CVE-2016-1962: Use-after-free when using multiple WebRTC\ndata channels\n\nMFSA 2016-27/CVE-2016-1964: Use-after-free during XML transformations\n\nMFSA 2016-28/CVE-2016-1965: Addressbar spoofing though history\nnavigation and Location protocol property\n\nMFSA 2016-31/CVE-2016-1966: Memory corruption with malicious NPAPI\nplugin\n\nMFSA 2016-34/CVE-2016-1974: Out-of-bounds read in HTML parser\nfollowing a failed allocation\n\nMFSA 2016-35/CVE-2016-1950: Buffer overflow during ASN.1 decoding in\nNSS\n\nMFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\nCVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\nCVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\nCVE-2016-2800/CVE-2016-2801/CVE-2016-2802: Font vulnerabilities in the\nGraphite 2 library.\n\nMozilla NSPR was updated to version 4.12, fixing following bugs :\n\nAdded a PR_GetEnvSecure function, which attempts to detect if the\nprogram is being executed with elevated privileges, and returns NULL\nif detected. It is recommended to use this function in general purpose\nlibrary code.\n\nFixed a memory allocation bug related to the PR_*printf functions\n\nExported API PR_DuplicateEnvironment, which had already been added in\nNSPR 4.10.9\n\nSeveral minor correctness and compatibility fixes.\n\nMozilla NSS was updated to fix security issues :\n\nMFSA 2016-15/CVE-2016-1978: Use-after-free in NSS during SSL\nconnections in low memory\n\nMFSA 2016-35/CVE-2016-1950: Buffer overflow during ASN.1 decoding in\nNSS\n\nMFSA 2016-36/CVE-2016-1979: Use-after-free during processing of DER\nencoded keys in NSS.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=969894\"\n );\n # https://download.suse.com/patch/finder/?keywords=482a54f33ffb2bd9e847625a26c86780\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f3ce2a68\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20160820-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?586df408\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaFirefox packages\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES10)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES10\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES10\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES10 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.12-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.20.2-0.7.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"s390x\", reference:\"mozilla-nspr-32bit-4.12-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"s390x\", reference:\"mozilla-nss-32bit-3.20.2-0.7.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"mozilla-nspr-4.12-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"mozilla-nspr-devel-4.12-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"mozilla-nss-3.20.2-0.7.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"mozilla-nss-devel-3.20.2-0.7.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"mozilla-nss-tools-3.20.2-0.7.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"MozillaFirefox-38.7.0esr-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"MozillaFirefox-translations-38.7.0esr-0.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:10:32", "description": "This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues :\n\nMozilla Firefox was updated to 38.7.0 ESR (bsc#969894), fixing following security issues :\n\n - MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)\n\n - MFSA 2016-17/CVE-2016-1954 Local file overwriting and potential privilege escalation through CSP reports\n\n - MFSA 2016-20/CVE-2016-1957 Memory leak in libstagefright when deleting an array during MP4 processing\n\n - MFSA 2016-21/CVE-2016-1958 Displayed page address can be overridden\n\n - MFSA 2016-23/CVE-2016-1960 Use-after-free in HTML5 string parser\n\n - MFSA 2016-24/CVE-2016-1961 Use-after-free in SetBody\n\n - MFSA 2016-25/CVE-2016-1962 Use-after-free when using multiple WebRTC data channels\n\n - MFSA 2016-27/CVE-2016-1964 Use-after-free during XML transformations\n\n - MFSA 2016-28/CVE-2016-1965 Addressbar spoofing though history navigation and Location protocol property\n\n - MFSA 2016-31/CVE-2016-1966 Memory corruption with malicious NPAPI plugin\n\n - MFSA 2016-34/CVE-2016-1974 Out-of-bounds read in HTML parser following a failed allocation\n\n - MFSA 2016-35/CVE-2016-1950 Buffer overflow during ASN.1 decoding in NSS\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the Graphite 2 library\n\nMozilla NSPR was updated to version 4.12 (bsc#969894), fixing following bugs :\n\n - added a PR_GetEnvSecure function, which attempts to detect if the program is being executed with elevated privileges, and returns NULL if detected. It is recommended to use this function in general purpose library code.\n\n - fixed a memory allocation bug related to the PR_*printf functions\n\n - exported API PR_DuplicateEnvironment, which had already been added in NSPR 4.10.9\n\n - added support for FreeBSD aarch64\n\n - several minor correctness and compatibility fixes\n\nMozilla NSS was updated to fix security issues (bsc#969894) :\n\n - MFSA 2016-15/CVE-2016-1978 Use-after-free in NSS during SSL connections in low memory\n\n - MFSA 2016-35/CVE-2016-1950 Buffer overflow during ASN.1 decoding in NSS\n\n - MFSA 2016-36/CVE-2016-1979 Use-after-free during processing of DER encoded keys in NSS\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-04-01T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : MozillaFirefox, mozilla-nspr, mozilla-nss (SUSE-SU-2016:0909-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-1978", "CVE-2016-1979", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:MozillaFirefox", "p-cpe:/a:novell:suse_linux:MozillaFirefox-translations", "p-cpe:/a:novell:suse_linux:libfreebl3", "p-cpe:/a:novell:suse_linux:mozilla-nspr", "p-cpe:/a:novell:suse_linux:mozilla-nspr-devel", "p-cpe:/a:novell:suse_linux:mozilla-nss", "p-cpe:/a:novell:suse_linux:mozilla-nss-devel", "p-cpe:/a:novell:suse_linux:mozilla-nss-tools", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2016-0909-1.NASL", "href": "https://www.tenable.com/plugins/nessus/90263", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:0909-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90263);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-1978\", \"CVE-2016-1979\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n\n script_name(english:\"SUSE SLES11 Security Update : MozillaFirefox, mozilla-nspr, mozilla-nss (SUSE-SU-2016:0909-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the\nfollowing issues :\n\nMozilla Firefox was updated to 38.7.0 ESR (bsc#969894), fixing\nfollowing security issues :\n\n - MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous\n memory safety hazards (rv:45.0 / rv:38.7)\n\n - MFSA 2016-17/CVE-2016-1954 Local file overwriting and\n potential privilege escalation through CSP reports\n\n - MFSA 2016-20/CVE-2016-1957 Memory leak in libstagefright\n when deleting an array during MP4 processing\n\n - MFSA 2016-21/CVE-2016-1958 Displayed page address can be\n overridden\n\n - MFSA 2016-23/CVE-2016-1960 Use-after-free in HTML5\n string parser\n\n - MFSA 2016-24/CVE-2016-1961 Use-after-free in SetBody\n\n - MFSA 2016-25/CVE-2016-1962 Use-after-free when using\n multiple WebRTC data channels\n\n - MFSA 2016-27/CVE-2016-1964 Use-after-free during XML\n transformations\n\n - MFSA 2016-28/CVE-2016-1965 Addressbar spoofing though\n history navigation and Location protocol property\n\n - MFSA 2016-31/CVE-2016-1966 Memory corruption with\n malicious NPAPI plugin\n\n - MFSA 2016-34/CVE-2016-1974 Out-of-bounds read in HTML\n parser following a failed allocation\n\n - MFSA 2016-35/CVE-2016-1950 Buffer overflow during ASN.1\n decoding in NSS\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font\n vulnerabilities in the Graphite 2 library\n\nMozilla NSPR was updated to version 4.12 (bsc#969894), fixing\nfollowing bugs :\n\n - added a PR_GetEnvSecure function, which attempts to\n detect if the program is being executed with elevated\n privileges, and returns NULL if detected. It is\n recommended to use this function in general purpose\n library code.\n\n - fixed a memory allocation bug related to the PR_*printf\n functions\n\n - exported API PR_DuplicateEnvironment, which had already\n been added in NSPR 4.10.9\n\n - added support for FreeBSD aarch64\n\n - several minor correctness and compatibility fixes\n\nMozilla NSS was updated to fix security issues (bsc#969894) :\n\n - MFSA 2016-15/CVE-2016-1978 Use-after-free in NSS during\n SSL connections in low memory\n\n - MFSA 2016-35/CVE-2016-1950 Buffer overflow during ASN.1\n decoding in NSS\n\n - MFSA 2016-36/CVE-2016-1979 Use-after-free during\n processing of DER encoded keys in NSS\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=969894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1950/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1952/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1953/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1954/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1957/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1958/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1960/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1961/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1962/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1964/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1965/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1966/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1974/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1977/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1978/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1979/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2790/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2791/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2792/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2793/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2794/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2795/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2796/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2797/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2798/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2799/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2800/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2801/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2802/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20160909-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?62931e75\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP2-LTSS :\n\nzypper in -t patch slessp2-firefox-20160310-12483=1\n\nSUSE Linux Enterprise Debuginfo 11-SP2 :\n\nzypper in -t patch dbgsp2-firefox-20160310-12483=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.20.2-20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.12-19.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.20.2-20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"libfreebl3-32bit-3.20.2-20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"mozilla-nspr-32bit-4.12-19.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"mozilla-nss-32bit-3.20.2-20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"MozillaFirefox-38.7.0esr-36.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"MozillaFirefox-translations-38.7.0esr-36.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"libfreebl3-3.20.2-20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"mozilla-nspr-4.12-19.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"mozilla-nspr-devel-4.12-19.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"mozilla-nss-3.20.2-20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"mozilla-nss-devel-3.20.2-20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"mozilla-nss-tools-3.20.2-20.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox / mozilla-nspr / mozilla-nss\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:14:28", "description": "USN-2917-1 fixed vulnerabilities in Firefox. This update caused several web compatibility regressions.\n\nThis update fixes the problem.\n\nWe apologize for the inconvenience.\n\nFrancis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1950)\n\nBob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Carsten Book, Gian-Carlo Pascutto, Tyson Smith, Andrea Marchesini, and Jukka Jylanki discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1952, CVE-2016-1953)\n\nNicolas Golubovic discovered that CSP violation reports can be used to overwrite local files. If a user were tricked in to opening a specially crafted website with addon signing disabled and unpacked addons installed, an attacker could potentially exploit this to gain additional privileges.\n(CVE-2016-1954)\n\nMuneaki Nishimura discovered that CSP violation reports contained full paths for cross-origin iframe navigations. An attacker could potentially exploit this to steal confidential data. (CVE-2016-1955)\n\nUcha Gobejishvili discovered that performing certain WebGL operations resulted in memory resource exhaustion with some Intel GPUs, requiring a reboot. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service.\n(CVE-2016-1956)\n\nJose Martinez and Romina Santillan discovered a memory leak in libstagefright during MPEG4 video file processing in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via memory exhaustion. (CVE-2016-1957)\n\nAbdulrahman Alqabandi discovered that the addressbar could be blank or filled with page defined content in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct URL spoofing attacks.\n(CVE-2016-1958)\n\nLooben Yang discovered an out-of-bounds read in Service Worker Manager. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1959)\n\nA use-after-free was discovered in the HTML5 string parser.\nIf a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1960)\n\nA use-after-free was discovered in the SetBody function of HTMLDocument. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1961)\n\nDominique Hazael-Massieux discovered a use-after-free when using multiple WebRTC data channels. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1962)\n\nIt was discovered that Firefox crashes when local files are modified whilst being read by the FileReader API. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox.\n(CVE-2016-1963)\n\nNicolas Gregoire discovered a use-after-free during XML transformations. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1964)\n\nTsubasa Iinuma discovered a mechanism to cause the addressbar to display an incorrect URL, using history navigations and the Location protocol property. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct URL spoofing attacks. (CVE-2016-1965)\n\nA memory corruption issues was discovered in the NPAPI subsystem. If a user were tricked in to opening a specially crafted website with a malicious plugin installed, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox.\n(CVE-2016-1966)\n\nJordi Chancel discovered a same-origin-policy bypass when using performance.getEntries and history navigation with session restore. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to steal confidential data. (CVE-2016-1967)\n\nLuke Li discovered a buffer overflow during Brotli decompression in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1968)\n\nRonald Crane discovered a use-after-free in GetStaticInstance in WebRTC. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1973)\n\nRonald Crane discovered an out-of-bounds read following a failed allocation in the HTML parser in some circumstances.\nIf a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1974)\n\nHolger Fuhrmannek, Tyson Smith and Holger Fuhrmannek reported multiple memory safety issues in the Graphite 2 library. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-04-20T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : firefox regressions (USN-2917-3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1959", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1967", "CVE-2016-1968", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:firefox", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2917-3.NASL", "href": "https://www.tenable.com/plugins/nessus/90598", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2917-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90598);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1963\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1967\", \"CVE-2016-1968\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_xref(name:\"USN\", value:\"2917-3\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : firefox regressions (USN-2917-3)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-2917-1 fixed vulnerabilities in Firefox. This update caused\nseveral web compatibility regressions.\n\nThis update fixes the problem.\n\nWe apologize for the inconvenience.\n\nFrancis Gabriel discovered a buffer overflow during ASN.1 decoding in\nNSS. If a user were tricked in to opening a specially crafted website,\nan attacker could potentially exploit this to cause a denial of\nservice via application crash, or execute arbitrary code with the\nprivileges of the user invoking Firefox. (CVE-2016-1950)\n\nBob Clary, Christoph Diehl, Christian Holler, Andrew\nMcCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup,\nCarsten Book, Gian-Carlo Pascutto, Tyson Smith, Andrea\nMarchesini, and Jukka Jylanki discovered multiple memory\nsafety issues in Firefox. If a user were tricked in to\nopening a specially crafted website, an attacker could\npotentially exploit these to cause a denial of service via\napplication crash, or execute arbitrary code with the\nprivileges of the user invoking Firefox. (CVE-2016-1952,\nCVE-2016-1953)\n\nNicolas Golubovic discovered that CSP violation reports can\nbe used to overwrite local files. If a user were tricked in\nto opening a specially crafted website with addon signing\ndisabled and unpacked addons installed, an attacker could\npotentially exploit this to gain additional privileges.\n(CVE-2016-1954)\n\nMuneaki Nishimura discovered that CSP violation reports\ncontained full paths for cross-origin iframe navigations. An\nattacker could potentially exploit this to steal\nconfidential data. (CVE-2016-1955)\n\nUcha Gobejishvili discovered that performing certain WebGL\noperations resulted in memory resource exhaustion with some\nIntel GPUs, requiring a reboot. If a user were tricked in to\nopening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service.\n(CVE-2016-1956)\n\nJose Martinez and Romina Santillan discovered a memory leak\nin libstagefright during MPEG4 video file processing in some\ncircumstances. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially\nexploit this to cause a denial of service via memory\nexhaustion. (CVE-2016-1957)\n\nAbdulrahman Alqabandi discovered that the addressbar could\nbe blank or filled with page defined content in some\ncircumstances. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially\nexploit this to conduct URL spoofing attacks.\n(CVE-2016-1958)\n\nLooben Yang discovered an out-of-bounds read in Service\nWorker Manager. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially\nexploit this to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the\nuser invoking Firefox. (CVE-2016-1959)\n\nA use-after-free was discovered in the HTML5 string parser.\nIf a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to cause\na denial of service via application crash, or execute\narbitrary code with the privileges of the user invoking\nFirefox. (CVE-2016-1960)\n\nA use-after-free was discovered in the SetBody function of\nHTMLDocument. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially\nexploit this to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the\nuser invoking Firefox. (CVE-2016-1961)\n\nDominique Hazael-Massieux discovered a use-after-free when\nusing multiple WebRTC data channels. If a user were tricked\nin to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via\napplication crash, or execute arbitrary code with the\nprivileges of the user invoking Firefox. (CVE-2016-1962)\n\nIt was discovered that Firefox crashes when local files are\nmodified whilst being read by the FileReader API. If a user\nwere tricked in to opening a specially crafted website, an\nattacker could potentially exploit this to execute arbitrary\ncode with the privileges of the user invoking Firefox.\n(CVE-2016-1963)\n\nNicolas Gregoire discovered a use-after-free during XML\ntransformations. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially\nexploit this to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the\nuser invoking Firefox. (CVE-2016-1964)\n\nTsubasa Iinuma discovered a mechanism to cause the\naddressbar to display an incorrect URL, using history\nnavigations and the Location protocol property. If a user\nwere tricked in to opening a specially crafted website, an\nattacker could potentially exploit this to conduct URL\nspoofing attacks. (CVE-2016-1965)\n\nA memory corruption issues was discovered in the NPAPI\nsubsystem. If a user were tricked in to opening a specially\ncrafted website with a malicious plugin installed, an\nattacker could potentially exploit this to cause a denial of\nservice via application crash, or execute arbitrary code\nwith the privileges of the user invoking Firefox.\n(CVE-2016-1966)\n\nJordi Chancel discovered a same-origin-policy bypass when\nusing performance.getEntries and history navigation with\nsession restore. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially\nexploit this to steal confidential data. (CVE-2016-1967)\n\nLuke Li discovered a buffer overflow during Brotli\ndecompression in some circumstances. If a user were tricked\nin to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via\napplication crash, or execute arbitrary code with the\nprivileges of the user invoking Firefox. (CVE-2016-1968)\n\nRonald Crane discovered a use-after-free in\nGetStaticInstance in WebRTC. If a user were tricked in to\nopening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via\napplication crash, or execute arbitrary code with the\nprivileges of the user invoking Firefox. (CVE-2016-1973)\n\nRonald Crane discovered an out-of-bounds read following a\nfailed allocation in the HTML parser in some circumstances.\nIf a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to cause\na denial of service via application crash, or execute\narbitrary code with the privileges of the user invoking\nFirefox. (CVE-2016-1974)\n\nHolger Fuhrmannek, Tyson Smith and Holger Fuhrmannek\nreported multiple memory safety issues in the Graphite 2\nlibrary. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit these\nto cause a denial of service via application crash, or\nexecute arbitrary code with the privileges of the user\ninvoking Firefox. (CVE-2016-1977, CVE-2016-2790,\nCVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794,\nCVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798,\nCVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2917-3/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"firefox\", pkgver:\"45.0.2+build1-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"firefox\", pkgver:\"45.0.2+build1-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"firefox\", pkgver:\"45.0.2+build1-0ubuntu0.15.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:14:46", "description": "USN-2917-1 fixed vulnerabilities in Firefox. This update caused several regressions that could result in search engine settings being lost, the list of search providers appearing empty or the location bar breaking after typing an invalid URL. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nFrancis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1950)\n\nBob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Carsten Book, Gian-Carlo Pascutto, Tyson Smith, Andrea Marchesini, and Jukka Jylanki discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1952, CVE-2016-1953)\n\nNicolas Golubovic discovered that CSP violation reports can be used to overwrite local files. If a user were tricked in to opening a specially crafted website with addon signing disabled and unpacked addons installed, an attacker could potentially exploit this to gain additional privileges.\n(CVE-2016-1954)\n\nMuneaki Nishimura discovered that CSP violation reports contained full paths for cross-origin iframe navigations. An attacker could potentially exploit this to steal confidential data. (CVE-2016-1955)\n\nUcha Gobejishvili discovered that performing certain WebGL operations resulted in memory resource exhaustion with some Intel GPUs, requiring a reboot. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service.\n(CVE-2016-1956)\n\nJose Martinez and Romina Santillan discovered a memory leak in libstagefright during MPEG4 video file processing in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via memory exhaustion. (CVE-2016-1957)\n\nAbdulrahman Alqabandi discovered that the addressbar could be blank or filled with page defined content in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct URL spoofing attacks.\n(CVE-2016-1958)\n\nLooben Yang discovered an out-of-bounds read in Service Worker Manager. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1959)\n\nA use-after-free was discovered in the HTML5 string parser.\nIf a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1960)\n\nA use-after-free was discovered in the SetBody function of HTMLDocument. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1961)\n\nDominique Hazael-Massieux discovered a use-after-free when using multiple WebRTC data channels. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1962)\n\nIt was discovered that Firefox crashes when local files are modified whilst being read by the FileReader API. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox.\n(CVE-2016-1963)\n\nNicolas Gregoire discovered a use-after-free during XML transformations. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1964)\n\nTsubasa Iinuma discovered a mechanism to cause the addressbar to display an incorrect URL, using history navigations and the Location protocol property. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct URL spoofing attacks. (CVE-2016-1965)\n\nA memory corruption issues was discovered in the NPAPI subsystem. If a user were tricked in to opening a specially crafted website with a malicious plugin installed, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox.\n(CVE-2016-1966)\n\nJordi Chancel discovered a same-origin-policy bypass when using performance.getEntries and history navigation with session restore. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to steal confidential data. (CVE-2016-1967)\n\nLuke Li discovered a buffer overflow during Brotli decompression in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1968)\n\nRonald Crane discovered a use-after-free in GetStaticInstance in WebRTC. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1973)\n\nRonald Crane discovered an out-of-bounds read following a failed allocation in the HTML parser in some circumstances.\nIf a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1974)\n\nHolger Fuhrmannek, Tyson Smith and Holger Fuhrmannek reported multiple memory safety issues in the Graphite 2 library. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-04-08T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : firefox regressions (USN-2917-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1959", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1967", "CVE-2016-1968", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:firefox", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2917-2.NASL", "href": "https://www.tenable.com/plugins/nessus/90421", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2917-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90421);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1963\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1967\", \"CVE-2016-1968\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_xref(name:\"USN\", value:\"2917-2\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : firefox regressions (USN-2917-2)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-2917-1 fixed vulnerabilities in Firefox. This update caused\nseveral regressions that could result in search engine settings being\nlost, the list of search providers appearing empty or the location bar\nbreaking after typing an invalid URL. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nFrancis Gabriel discovered a buffer overflow during ASN.1 decoding in\nNSS. If a user were tricked in to opening a specially crafted website,\nan attacker could potentially exploit this to cause a denial of\nservice via application crash, or execute arbitrary code with the\nprivileges of the user invoking Firefox. (CVE-2016-1950)\n\nBob Clary, Christoph Diehl, Christian Holler, Andrew\nMcCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup,\nCarsten Book, Gian-Carlo Pascutto, Tyson Smith, Andrea\nMarchesini, and Jukka Jylanki discovered multiple memory\nsafety issues in Firefox. If a user were tricked in to\nopening a specially crafted website, an attacker could\npotentially exploit these to cause a denial of service via\napplication crash, or execute arbitrary code with the\nprivileges of the user invoking Firefox. (CVE-2016-1952,\nCVE-2016-1953)\n\nNicolas Golubovic discovered that CSP violation reports can\nbe used to overwrite local files. If a user were tricked in\nto opening a specially crafted website with addon signing\ndisabled and unpacked addons installed, an attacker could\npotentially exploit this to gain additional privileges.\n(CVE-2016-1954)\n\nMuneaki Nishimura discovered that CSP violation reports\ncontained full paths for cross-origin iframe navigations. An\nattacker could potentially exploit this to steal\nconfidential data. (CVE-2016-1955)\n\nUcha Gobejishvili discovered that performing certain WebGL\noperations resulted in memory resource exhaustion with some\nIntel GPUs, requiring a reboot. If a user were tricked in to\nopening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service.\n(CVE-2016-1956)\n\nJose Martinez and Romina Santillan discovered a memory leak\nin libstagefright during MPEG4 video file processing in some\ncircumstances. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially\nexploit this to cause a denial of service via memory\nexhaustion. (CVE-2016-1957)\n\nAbdulrahman Alqabandi discovered that the addressbar could\nbe blank or filled with page defined content in some\ncircumstances. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially\nexploit this to conduct URL spoofing attacks.\n(CVE-2016-1958)\n\nLooben Yang discovered an out-of-bounds read in Service\nWorker Manager. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially\nexploit this to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the\nuser invoking Firefox. (CVE-2016-1959)\n\nA use-after-free was discovered in the HTML5 string parser.\nIf a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to cause\na denial of service via application crash, or execute\narbitrary code with the privileges of the user invoking\nFirefox. (CVE-2016-1960)\n\nA use-after-free was discovered in the SetBody function of\nHTMLDocument. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially\nexploit this to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the\nuser invoking Firefox. (CVE-2016-1961)\n\nDominique Hazael-Massieux discovered a use-after-free when\nusing multiple WebRTC data channels. If a user were tricked\nin to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via\napplication crash, or execute arbitrary code with the\nprivileges of the user invoking Firefox. (CVE-2016-1962)\n\nIt was discovered that Firefox crashes when local files are\nmodified whilst being read by the FileReader API. If a user\nwere tricked in to opening a specially crafted website, an\nattacker could potentially exploit this to execute arbitrary\ncode with the privileges of the user invoking Firefox.\n(CVE-2016-1963)\n\nNicolas Gregoire discovered a use-after-free during XML\ntransformations. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially\nexploit this to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the\nuser invoking Firefox. (CVE-2016-1964)\n\nTsubasa Iinuma discovered a mechanism to cause the\naddressbar to display an incorrect URL, using history\nnavigations and the Location protocol property. If a user\nwere tricked in to opening a specially crafted website, an\nattacker could potentially exploit this to conduct URL\nspoofing attacks. (CVE-2016-1965)\n\nA memory corruption issues was discovered in the NPAPI\nsubsystem. If a user were tricked in to opening a specially\ncrafted website with a malicious plugin installed, an\nattacker could potentially exploit this to cause a denial of\nservice via application crash, or execute arbitrary code\nwith the privileges of the user invoking Firefox.\n(CVE-2016-1966)\n\nJordi Chancel discovered a same-origin-policy bypass when\nusing performance.getEntries and history navigation with\nsession restore. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially\nexploit this to steal confidential data. (CVE-2016-1967)\n\nLuke Li discovered a buffer overflow during Brotli\ndecompression in some circumstances. If a user were tricked\nin to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via\napplication crash, or execute arbitrary code with the\nprivileges of the user invoking Firefox. (CVE-2016-1968)\n\nRonald Crane discovered a use-after-free in\nGetStaticInstance in WebRTC. If a user were tricked in to\nopening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via\napplication crash, or execute arbitrary code with the\nprivileges of the user invoking Firefox. (CVE-2016-1973)\n\nRonald Crane discovered an out-of-bounds read following a\nfailed allocation in the HTML parser in some circumstances.\nIf a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to cause\na denial of service via application crash, or execute\narbitrary code with the privileges of the user invoking\nFirefox. (CVE-2016-1974)\n\nHolger Fuhrmannek, Tyson Smith and Holger Fuhrmannek\nreported multiple memory safety issues in the Graphite 2\nlibrary. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit these\nto cause a denial of service via application crash, or\nexecute arbitrary code with the privileges of the user\ninvoking Firefox. (CVE-2016-1977, CVE-2016-2790,\nCVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794,\nCVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798,\nCVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2917-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"firefox\", pkgver:\"45.0.1+build1-0ubuntu0.12.04.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"firefox\", pkgver:\"45.0.1+build1-0ubuntu0.14.04.2\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"firefox\", pkgver:\"45.0.1+build1-0ubuntu0.15.10.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:12:04", "description": "Francis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1950)\n\nBob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Carsten Book, Gian-Carlo Pascutto, Tyson Smith, Andrea Marchesini, and Jukka Jylanki discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1952, CVE-2016-1953)\n\nNicolas Golubovic discovered that CSP violation reports can be used to overwrite local files. If a user were tricked in to opening a specially crafted website with addon signing disabled and unpacked addons installed, an attacker could potentially exploit this to gain additional privileges. (CVE-2016-1954)\n\nMuneaki Nishimura discovered that CSP violation reports contained full paths for cross-origin iframe navigations. An attacker could potentially exploit this to steal confidential data. (CVE-2016-1955)\n\nUcha Gobejishvili discovered that performing certain WebGL operations resulted in memory resource exhaustion with some Intel GPUs, requiring a reboot. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service. (CVE-2016-1956)\n\nJose Martinez and Romina Santillan discovered a memory leak in libstagefright during MPEG4 video file processing in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via memory exhaustion. (CVE-2016-1957)\n\nAbdulrahman Alqabandi discovered that the addressbar could be blank or filled with page defined content in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct URL spoofing attacks.\n(CVE-2016-1958)\n\nLooben Yang discovered an out-of-bounds read in Service Worker Manager. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1959)\n\nA use-after-free was discovered in the HTML5 string parser. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1960)\n\nA use-after-free was discovered in the SetBody function of HTMLDocument. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1961)\n\nDominique Hazael-Massieux discovered a use-after-free when using multiple WebRTC data channels. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox.\n(CVE-2016-1962)\n\nIt was discovered that Firefox crashes when local files are modified whilst being read by the FileReader API. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1963)\n\nNicolas Gregoire discovered a use-after-free during XML transformations. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1964)\n\nTsubasa Iinuma discovered a mechanism to cause the addressbar to display an incorrect URL, using history navigations and the Location protocol property. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct URL spoofing attacks. (CVE-2016-1965)\n\nA memory corruption issues was discovered in the NPAPI subsystem. If a user were tricked in to opening a specially crafted website with a malicious plugin installed, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox.\n(CVE-2016-1966)\n\nJordi Chancel discovered a same-origin-policy bypass when using performance.getEntries and history navigation with session restore. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to steal confidential data.\n(CVE-2016-1967)\n\nLuke Li discovered a buffer overflow during Brotli decompression in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1968)\n\nRonald Crane discovered a use-after-free in GetStaticInstance in WebRTC. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1973)\n\nRonald Crane discovered an out-of-bounds read following a failed allocation in the HTML parser in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1974)\n\nHolger Fuhrmannek, Tyson Smith and Holger Fuhrmannek reported multiple memory safety issues in the Graphite 2 library. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802).", "cvss3": {"score": null, "vector": null}, "published": "2016-03-10T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 / 15.10 : firefox vulnerabilities (USN-2917-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1959", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1967", "CVE-2016-1968", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:firefox", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2917-1.NASL", "href": "https://www.tenable.com/plugins/nessus/89826", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2917-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89826);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1963\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1967\", \"CVE-2016-1968\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1977\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_xref(name:\"USN\", value:\"2917-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 / 15.10 : firefox vulnerabilities (USN-2917-1)\");\n script_summary(english:\"Checks dpkg output for updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Francis Gabriel discovered a buffer overflow during ASN.1 decoding in\nNSS. If a user were tricked in to opening a specially crafted website,\nan attacker could potentially exploit this to cause a denial of\nservice via application crash, or execute arbitrary code with the\nprivileges of the user invoking Firefox. (CVE-2016-1950)\n\nBob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel\nHolbert, Jesse Ruderman, Randell Jesup, Carsten Book, Gian-Carlo\nPascutto, Tyson Smith, Andrea Marchesini, and Jukka Jylanki\ndiscovered multiple memory safety issues in Firefox. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the user\ninvoking Firefox. (CVE-2016-1952, CVE-2016-1953)\n\nNicolas Golubovic discovered that CSP violation reports can be used to\noverwrite local files. If a user were tricked in to opening a\nspecially crafted website with addon signing disabled and unpacked\naddons installed, an attacker could potentially exploit this to gain\nadditional privileges. (CVE-2016-1954)\n\nMuneaki Nishimura discovered that CSP violation reports contained full\npaths for cross-origin iframe navigations. An attacker could\npotentially exploit this to steal confidential data. (CVE-2016-1955)\n\nUcha Gobejishvili discovered that performing certain WebGL operations\nresulted in memory resource exhaustion with some Intel GPUs, requiring\na reboot. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to cause a denial\nof service. (CVE-2016-1956)\n\nJose Martinez and Romina Santillan discovered a memory leak in\nlibstagefright during MPEG4 video file processing in some\ncircumstances. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit this to cause a\ndenial of service via memory exhaustion. (CVE-2016-1957)\n\nAbdulrahman Alqabandi discovered that the addressbar could be blank or\nfilled with page defined content in some circumstances. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to conduct URL spoofing attacks.\n(CVE-2016-1958)\n\nLooben Yang discovered an out-of-bounds read in Service Worker\nManager. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to cause a denial\nof service via application crash, or execute arbitrary code with the\nprivileges of the user invoking Firefox. (CVE-2016-1959)\n\nA use-after-free was discovered in the HTML5 string parser. If a user\nwere tricked in to opening a specially crafted website, an attacker\ncould potentially exploit this to cause a denial of service via\napplication crash, or execute arbitrary code with the privileges of\nthe user invoking Firefox. (CVE-2016-1960)\n\nA use-after-free was discovered in the SetBody function of\nHTMLDocument. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to cause a denial\nof service via application crash, or execute arbitrary code with the\nprivileges of the user invoking Firefox. (CVE-2016-1961)\n\nDominique Hazael-Massieux discovered a use-after-free when using\nmultiple WebRTC data channels. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially exploit this\nto cause a denial of service via application crash, or execute\narbitrary code with the privileges of the user invoking Firefox.\n(CVE-2016-1962)\n\nIt was discovered that Firefox crashes when local files are modified\nwhilst being read by the FileReader API. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially\nexploit this to execute arbitrary code with the privileges of the user\ninvoking Firefox. (CVE-2016-1963)\n\nNicolas Gregoire discovered a use-after-free during XML\ntransformations. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit this to cause a\ndenial of service via application crash, or execute arbitrary code\nwith the privileges of the user invoking Firefox. (CVE-2016-1964)\n\nTsubasa Iinuma discovered a mechanism to cause the addressbar to\ndisplay an incorrect URL, using history navigations and the Location\nprotocol property. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit this to conduct\nURL spoofing attacks. (CVE-2016-1965)\n\nA memory corruption issues was discovered in the NPAPI subsystem. If a\nuser were tricked in to opening a specially crafted website with a\nmalicious plugin installed, an attacker could potentially exploit this\nto cause a denial of service via application crash, or execute\narbitrary code with the privileges of the user invoking Firefox.\n(CVE-2016-1966)\n\nJordi Chancel discovered a same-origin-policy bypass when using\nperformance.getEntries and history navigation with session restore. If\na user were tricked in to opening a specially crafted website, an\nattacker could potentially exploit this to steal confidential data.\n(CVE-2016-1967)\n\nLuke Li discovered a buffer overflow during Brotli decompression in\nsome circumstances. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit this to cause a\ndenial of service via application crash, or execute arbitrary code\nwith the privileges of the user invoking Firefox. (CVE-2016-1968)\n\nRonald Crane discovered a use-after-free in GetStaticInstance in\nWebRTC. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to cause a denial\nof service via application crash, or execute arbitrary code with the\nprivileges of the user invoking Firefox. (CVE-2016-1973)\n\nRonald Crane discovered an out-of-bounds read following a failed\nallocation in the HTML parser in some circumstances. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the user\ninvoking Firefox. (CVE-2016-1974)\n\nHolger Fuhrmannek, Tyson Smith and Holger Fuhrmannek reported multiple\nmemory safety issues in the Graphite 2 library. If a user were tricked\nin to opening a specially crafted website, an attacker could\npotentially exploit these to cause a denial of service via application\ncrash, or execute arbitrary code with the privileges of the user\ninvoking Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791,\nCVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795,\nCVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799,\nCVE-2016-2800, CVE-2016-2801, CVE-2016-2802).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\n# Temp disable\nexit(0, \"This plugin is temporarily disabled.\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/Ubuntu/release\") ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"firefox\", pkgver:\"45.0+build2-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"firefox\", pkgver:\"45.0+build2-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"firefox\", pkgver:\"45.0+build2-0ubuntu0.15.10.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:ubuntu_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:42:20", "description": "The version of Firefox installed on the remote host is prior to 45.0 and is affected by multiple vulnerabilities : \n\n - Mozilla Network Security Services (NSS) contains an overflow condition. The issue is triggered as user-supplied input is not properly validated when parsing ASN.1 structures. With a specially crafted certificate, a context-dependent attacker can cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code. (CVE-2016-1950) \n - A flaw exists in the 'ValueNumberer::fixupOSROnlyLoop()' function in 'jit/ValueNumbering.cpp' that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1952)\n - A flaw in the 'Downscaler::BeginFrame()' function in 'image/Downscaler.cpp' exists that is triggered when failing to compute filters for image downscaling. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1952)\n - A flaw exists that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1952, CVE-2016-1953)\n - A flaw exists in the 'JSScript::maybeSweepTypes()' function in 'vm/TypeInference.cpp' that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1952)\n - A flaw exists in the 'DispatchEvents()' function in 'layout/style/nsAnimationManager.h' and 'layout/style/nsTransitionManager.h' that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1952)\n - A flaw exists in 'dom/base/Console.cpp' that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1952)\n - A flaw exists in the 'PeerConnectionMedia::SelfDestruct_m()' function in 'media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.cpp' that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1952)\n - A flaw exists in the 'nsICODecoder::ReadDirEntry()' function in 'image/decoders/nsICODecoder.cpp' that is triggered when rendering ICO sub-images. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n - A flaw exists in the 'nsIDNService::IDNA2008ToUnicode()' function in 'netwerk/dns/nsIDNService.cpp' that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n - A flaw exists that is triggered as user-supplied input is not properly validated when handling image decoding. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n - A flaw exists in the 'DiscardTransferables()' function in 'vm/StructuredClone.cpp' that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n - A flaw exits in the 'Assembler::GetCF32Target()' function in 'jit/arm/Assembler-arm.cpp' that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n - A flaw exists in the 'GetPcScript()' function in 'jit/JitFrames.cpp' that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n - A flaw exists in the 'JSFunction::isDerivedClassConstructor()' function in 'js/src/jsfun.cpp' that is triggered when handling lazy self-hosted functions. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n - A flaw exists in 'js/src/jit/Lowering.cpp' that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n - A flaw exits in the 'EventListenerManager::HandleEventInternal()' function in 'dom/events/EventListenerManager.cpp'. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n - A flaw exists in 'layout/base/nsRefreshDriver.cpp' that is triggered when handling transition events. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n - A flaw exists in 'dom/media/systemservices/CamerasChild.cpp' that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n - A flaw exists in 'dom/xslt/xslt/txMozillaTextOutput.cpp' that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n - A flaw exists in 'dom/gamepad/windows/WindowsGamepad.cpp' that is triggered when handling 'WindowsGamepadService' shutdown. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n - A flaw exists in the 'nsCSPContext::SendReports()' function in 'dom/security/nsCSPContext.cpp' that is triggered during the handling of Content Security Policy (CSP) violation reports. This may allow a context-dependent attacker to overwrite arbitrary files on a user's machine and potentially gain elevated privileges. (CVE-2016-1954)\n - A flaw exists in 'dom/security/nsCSPContext.cpp' that is due to Content Security Policy (CSP) violation reports containing full path information for cross-origin iframe navigations in violation of the CSP specification. This may allow a context-dependent attacker to gain unauthorized access to sensitive information. (CVE-2016-1955)\n - A flaw exists in 'gfx/gl/GLContext.cpp' when using Intel Video cards that is triggered when performing WebGL operations that require a large amount buffer to be allocated from video memory. This may allow a context-dependent to cause a consumption of memory resources that will persist until the system has been restarted. (CVE-2016-1956)\n - Google Stagefright contains a flaw that is triggered during the handling of array destruction during MPEG4 video file processing. This may allow a context-dependent attacker to cause a memory leak, with unspecified consequences. (CVE-2016-1957)\n - An unspecified flaw exists that may allow a context-dependent attacker to spoof the user's address bar. No further details have been provided. (CVE-2016-1958)\n - A flaw exists in Service Worker Manager that is triggered when handling the Clients API. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1959)\n - A flaw exists in use-after-free error in the HTML5 string parser. The issue is triggered when parsing a set of table-related tags in a foreign fragment context such as SVG. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1960)\n - A flaw exists in use-after-free error in the 'nsHTMLDocument::SetBody()' function in 'dom/html/nsHTMLDocument.cpp'. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1961)\n - A flaw exists in use-after-free error in 'netwerk/sctp/datachannel/DataChannel.cpp' when using multiple 'WebRTC' data channel connections and freeing a data channel connection from within a call. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1962)\n - A flaw exists in the 'FileReader::DoReadData()' function in 'dom/base/FileReader.cpp'. The issue is triggered as user-supplied input is not properly validated when handling modifications to local files that occur while they are being read with the FileReader API. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1963)\n - A flaw exists in use-after-free error in the 'txAttribute::execute()' function in 'dom/xslt/xslt/txInstructions.cpp' that is triggered when handling XML transformation operations. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1964)\n - A flaw exists in the 'nsLocation::SetProtocol()' function in 'dom/base/nsLocation.cpp' that is triggered when handling history navigation in combination with the location protocol property. This may allow a context-dependent attacker to spoof the contents of the address bar. (CVE-2016-1965)\n - A flaw exists that is triggered when handling history navigation in a restored browser session. This may potentially allow a context-dependent attacker to gain unauthorized access to cross-origin URL information. (CVE-2016-1967)\n - A pointer underflow condition exists in the 'Brotli' library. The issue is triggered as user-supplied input is not properly validated when the library is performing decompression. This may allow a context-dependent attacker to cause a buffer overflow, potentially allowing the execution of arbitrary code. (CVE-2016-1968)\n - A use-after-free flaw exists in the Netscape Plugin Application Programming Interface (NPAPI) plugin within the 'nsNPObjWrapper::GetNewOrUsed()' function in 'dom/plugins/base/nsJSNPRuntime.cpp'. The issue is triggered when handling malicious scripted web content in concert with the plugin. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1966)\n - An integer underflow condition exists in the 'srtp_unprotect()' function in 'netwerk/srtp/src/srtp/srtp.c' that is triggered when handling SRTP packet lenghts. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1970)\n - A flaw exists in the 'I420VideoFrame::CreateFrame()' function in WebRTC. The issue is triggered as user-supplied input is not properly validated due to a missing status check. This may potentially allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1971)\n - 'ibvpx' contains a use-after-free error in 'vpx_ports/vpx_once.h' related to a race condition. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1972)\n - A race condition exists in 'dom/media/systemservices/CamerasChild.h'. The issue is triggered as user-supplied input is not properly validated when handling block-level statistics. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1975)\n - A use-after-free flaw exists in 'DesktopDisplayDevice::operator=' in 'media/webrtc/trunk/webrtc/modules/desktop_capture/desktop_device_info.cc'. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1976)\n - A flaw exists in use-after-free error that is triggered by a race condition in 'GetStaticInstance' in WebRTC. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1973)\n - A flaw exists in the 'nsScannerString::AppendUnicodeTo()' function in 'parser/htmlparser/nsScannerString.cpp'. The issue is triggered when the program fails to allocate memory during handling of unicode strings. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2016-1974)\n - Mozilla Network Security Services (NSS) contains a use-after-free error in the 'PK11_ImportDERPrivateKeyInfoAndReturnKey()' function. The issue is triggered when handling DER encoded keys. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1979)\n\n The Graphite/Libgraphite component used in Mozilla Firefox contains the following vulnerabilities : \n\n - An out-of-bounds write flaw exists in the 'setAttr()' function that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2016-1969)\n - A flaw exists in the 'Machine::Code::decoder::analysis::set_ref()' function. The issue is triggered as user-supplied input is not properly validated. With a specially crafted font, a context-dependent attacker can corrupt memory to cause a denial of service in a process linked against the library or potentially execute arbitrary code. (CVE-2016-1977)\n - A flaw exists in the 'GetTableInfo()' function in 'TtfUtil.cpp' related to the use of uninitialized memory when handling a specially crafted font. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-2790)\n - An out-of-bounds read flaw exists in the 'GlyphCache::glyph()' function that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2791)\n - An out-of-bounds read flaw exist in the 'getAttr()' function in 'Slot.cpp' that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2792)\n - An out-of-bounds read flaw in 'CachedCmap.cpp' that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2793)\n - An out-of-bounds read flaw in the 'CmapSubtable12NextCodepoint()' function in 'TtfUtil.cpp' that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2794)\n - A flaw exists in the 'FileFace::get_table_fn()' function related to the use of uninitialized memory when handling a specially crafted font. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-2795)\n - An out-of-bounds write flaw exixts in the 'vm::Machine::Code::Code()' function that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2016-2796)\n - An out-of-bounds read flaw exists in the 'CmapSubtable12Lookup()' function in 'TtfUtil.cpp' that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2797)\n - An out-of-bounds read flaw exists in the 'GlyphCache::Loader::Loader()' function that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2798)\n - An out-of-bounds write flaw exists in the 'setAttr()' function in 'Slot.cpp' that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2016-2799)\n - An out-of-bounds read flaw exists in the 'getAttr()' function in 'Slot.cpp' that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2800)\n - An out-of-bounds read flaw exists in the 'CmapSubtable12Lookup()' function in 'TtfUtil.cpp' that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2801)\n - An out-of-bounds read flaw existsin the 'CmapSubtable4NextCodepoint()' function in 'TtfUtil.cpp' that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2802)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-04-08T00:00:00", "type": "nessus", "title": "Mozilla Firefox < 45.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-1979", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802", "CVE-2016-1969", "CVE-2016-1973", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1959", "CVE-2016-1963", "CVE-2016-1967", "CVE-2016-1968", "CVE-2016-1970", "CVE-2016-1971", "CVE-2016-1972", "CVE-2016-1975", "CVE-2016-1976"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"], "id": "9207.PRM", "href": "https://www.tenable.com/plugins/nnm/9207", "sourceData": "Binary data 9207.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:12:56", "description": "This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues :\n\nMozillaFirefox was updated to Firefox 45.0 (boo#969894)\n\n - requires NSPR 4.12 / NSS 3.21.1\n\n - Instant browser tab sharing through Hello\n\n - Synced Tabs button in button bar\n\n - Tabs synced via Firefox Accounts from other devices are now shown in dropdown area of Awesome Bar when searching\n\n - Introduce a new preference (network.dns.blockDotOnion) to allow blocking .onion at the DNS level\n\n - Tab Groups (Panorama) feature removed\n\n - MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety hazards\n\n - MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and potential privilege escalation through CSP reports\n\n - MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports fail to strip location information for embedded iframe pages\n\n - MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video memory DOS with Intel drivers\n\n - MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in libstagefright when deleting an array during MP4 processing\n\n - MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be overridden\n\n - MFSA 2016-22/CVE-2016-1959 (bmo#1234949) Service Worker Manager out-of-bounds read in Service Worker Manager\n\n - MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free in HTML5 string parser\n\n - MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free in SetBody\n\n - MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using multiple WebRTC data channels\n\n - MFSA 2016-26/CVE-2016-1963 (bmo#1238440) Memory corruption when modifying a file being read by FileReader\n\n - MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML transformations\n\n - MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though history navigation and Location protocol property\n\n - MFSA 2016-29/CVE-2016-1967 (bmo#1246956) Same-origin policy violation using perfomance.getEntries and history navigation with session restore\n\n - MFSA 2016-30/CVE-2016-1968 (bmo#1246742) Buffer overflow in Brotli decompression\n\n - MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with malicious NPAPI plugin\n\n - MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/ CVE-2016-1976/CVE-2016-1972 WebRTC and LibVPX vulnerabilities found through code inspection\n\n - MFSA 2016-33/CVE-2016-1973 (bmo#1219339) Use-after-free in GetStaticInstance in WebRTC\n\n - MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML parser following a failed allocation\n\n - MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow during ASN.1 decoding in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free during processing of DER encoded keys in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the Graphite 2 library\n\nmozilla-nspr was updated to version 4.12\n\n - added a PR_GetEnvSecure function, which attempts to detect if the program is being executed with elevated privileges, and returns NULL if detected. It is recommended to use this function in general purpose library code.\n\n - fixed a memory allocation bug related to the PR_*printf functions\n\n - exported API PR_DuplicateEnvironment, which had already been added in NSPR 4.10.9\n\n - added support for FreeBSD aarch64\n\n - several minor correctness and compatibility fixes\n\nmozilla-nss was updated to NSS 3.21.1 (bmo#969894)\n\n - required for Firefox 45.0\n\n - MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow during ASN.1 decoding in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free during processing of DER encoded keys in NSS (fixed by requiring 3.21.1)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-14T00:00:00", "type": "nessus", "title": "openSUSE Security Update : MozillaFirefox / mozilla-nspr / mozilla-nss (openSUSE-2016-332)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1959", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1967", "CVE-2016-1968", "CVE-2016-1970", "CVE-2016-1971", "CVE-2016-1972", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1975", "CVE-2016-1976", "CVE-2016-1977", "CVE-2016-1979", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaFirefox", "p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream", "p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols", "p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo", "p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource", "p-cpe:/a:novell:opensuse:MozillaFirefox-devel", "p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common", "p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other", "p-cpe:/a:novell:opensuse:libfreebl3", "p-cpe:/a:novell:opensuse:libfreebl3-32bit", "p-cpe:/a:novell:opensuse:libfreebl3-debuginfo", "p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsoftokn3", "p-cpe:/a:novell:opensuse:libsoftokn3-32bit", "p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo", "p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nspr", "p-cpe:/a:novell:opensuse:mozilla-nspr-32bit", "p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nspr-debugsource", "p-cpe:/a:novell:opensuse:mozilla-nspr-devel", "p-cpe:/a:novell:opensuse:mozilla-nss", "p-cpe:/a:novell:opensuse:mozilla-nss-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-certs", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-debugsource", "p-cpe:/a:novell:opensuse:mozilla-nss-devel", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-tools", "p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo", "cpe:/o:novell:opensuse:13.2", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-332.NASL", "href": "https://www.tenable.com/plugins/nessus/89913", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-332.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89913);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1963\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1967\", \"CVE-2016-1968\", \"CVE-2016-1970\", \"CVE-2016-1971\", \"CVE-2016-1972\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1975\", \"CVE-2016-1976\", \"CVE-2016-1977\", \"CVE-2016-1979\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n\n script_name(english:\"openSUSE Security Update : MozillaFirefox / mozilla-nspr / mozilla-nss (openSUSE-2016-332)\");\n script_summary(english:\"Check for the openSUSE-2016-332 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the\nfollowing issues :\n\nMozillaFirefox was updated to Firefox 45.0 (boo#969894)\n\n - requires NSPR 4.12 / NSS 3.21.1\n\n - Instant browser tab sharing through Hello\n\n - Synced Tabs button in button bar\n\n - Tabs synced via Firefox Accounts from other devices are\n now shown in dropdown area of Awesome Bar when searching\n\n - Introduce a new preference (network.dns.blockDotOnion)\n to allow blocking .onion at the DNS level\n\n - Tab Groups (Panorama) feature removed\n\n - MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous\n memory safety hazards\n\n - MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file\n overwriting and potential privilege escalation through\n CSP reports\n\n - MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports\n fail to strip location information for embedded iframe\n pages\n\n - MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video\n memory DOS with Intel drivers\n\n - MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in\n libstagefright when deleting an array during MP4\n processing\n\n - MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page\n address can be overridden\n\n - MFSA 2016-22/CVE-2016-1959 (bmo#1234949) Service Worker\n Manager out-of-bounds read in Service Worker Manager\n\n - MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014)\n Use-after-free in HTML5 string parser\n\n - MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377)\n Use-after-free in SetBody\n\n - MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free\n when using multiple WebRTC data channels\n\n - MFSA 2016-26/CVE-2016-1963 (bmo#1238440) Memory\n corruption when modifying a file being read by\n FileReader\n\n - MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free\n during XML transformations\n\n - MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar\n spoofing though history navigation and Location protocol\n property\n\n - MFSA 2016-29/CVE-2016-1967 (bmo#1246956) Same-origin\n policy violation using perfomance.getEntries and history\n navigation with session restore\n\n - MFSA 2016-30/CVE-2016-1968 (bmo#1246742) Buffer overflow\n in Brotli decompression\n\n - MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory\n corruption with malicious NPAPI plugin\n\n - MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/\n CVE-2016-1976/CVE-2016-1972 WebRTC and LibVPX\n vulnerabilities found through code inspection\n\n - MFSA 2016-33/CVE-2016-1973 (bmo#1219339) Use-after-free\n in GetStaticInstance in WebRTC\n\n - MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds\n read in HTML parser following a failed allocation\n\n - MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow\n during ASN.1 decoding in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free\n during processing of DER encoded keys in NSS (fixed by\n requiring 3.21.1)\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font\n vulnerabilities in the Graphite 2 library\n\nmozilla-nspr was updated to version 4.12\n\n - added a PR_GetEnvSecure function, which attempts to\n detect if the program is being executed with elevated\n privileges, and returns NULL if detected. It is\n recommended to use this function in general purpose\n library code.\n\n - fixed a memory allocation bug related to the PR_*printf\n functions\n\n - exported API PR_DuplicateEnvironment, which had already\n been added in NSPR 4.10.9\n\n - added support for FreeBSD aarch64\n\n - several minor correctness and compatibility fixes\n\nmozilla-nss was updated to NSS 3.21.1 (bmo#969894)\n\n - required for Firefox 45.0\n\n - MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow\n during ASN.1 decoding in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free\n during processing of DER encoded keys in NSS (fixed by\n requiring 3.21.1)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969894\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaFirefox / mozilla-nspr / mozilla-nss packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-45.0-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-branding-upstream-45.0-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-buildsymbols-45.0-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-debuginfo-45.0-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-debugsource-45.0-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-devel-45.0-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-translations-common-45.0-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"MozillaFirefox-translations-other-45.0-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libfreebl3-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libfreebl3-debuginfo-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libsoftokn3-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libsoftokn3-debuginfo-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nspr-4.12-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nspr-debuginfo-4.12-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nspr-debugsource-4.12-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nspr-devel-4.12-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-certs-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-certs-debuginfo-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-debuginfo-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-debugsource-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-devel-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-sysinit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-sysinit-debuginfo-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-tools-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"mozilla-nss-tools-debuginfo-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libfreebl3-debuginfo-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libsoftokn3-debuginfo-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.12-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"mozilla-nspr-debuginfo-32bit-4.12-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-debuginfo-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"mozilla-nss-debuginfo-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-debuginfo-32bit-3.21.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaFirefox-45.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaFirefox-branding-upstream-45.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaFirefox-buildsymbols-45.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaFirefox-debuginfo-45.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaFirefox-debugsource-45.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaFirefox-devel-45.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaFirefox-translations-common-45.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"MozillaFirefox-translations-other-45.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libfreebl3-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libfreebl3-debuginfo-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libsoftokn3-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libsoftokn3-debuginfo-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nspr-4.12-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nspr-debuginfo-4.12-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nspr-debugsource-4.12-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nspr-devel-4.12-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-certs-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-certs-debuginfo-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-debuginfo-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-debugsource-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-devel-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-sysinit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-sysinit-debuginfo-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-tools-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"mozilla-nss-tools-debuginfo-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libfreebl3-debuginfo-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libsoftokn3-debuginfo-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.12-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"mozilla-nspr-debuginfo-32bit-4.12-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-debuginfo-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"mozilla-nss-debuginfo-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-32bit-3.21.1-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-debuginfo-32bit-3.21.1-12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox / MozillaFirefox-branding-upstream / etc\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:12:57", "description": "The version of Firefox installed on the remote Mac OS X host is prior to 45. It is, therefore, affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these issues by convincing a user to visit a specially crafted website, resulting in the execution of arbitrary code in the context of the current user.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-11T00:00:00", "type": "nessus", "title": "Firefox < 45 Multiple Vulnerabilities (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1959", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1967", "CVE-2016-1968", "CVE-2016-1969", "CVE-2016-1970", "CVE-2016-1971", "CVE-2016-1972", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1975", "CVE-2016-1976", "CVE-2016-1977", "CVE-2016-1979", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MACOSX_FIREFOX_45.NASL", "href": "https://www.tenable.com/plugins/nessus/89873", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89873);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2016-1950\",\n \"CVE-2016-1952\",\n \"CVE-2016-1953\",\n \"CVE-2016-1954\",\n \"CVE-2016-1955\",\n \"CVE-2016-1956\",\n \"CVE-2016-1957\",\n \"CVE-2016-1958\",\n \"CVE-2016-1959\",\n \"CVE-2016-1960\",\n \"CVE-2016-1961\",\n \"CVE-2016-1962\",\n \"CVE-2016-1963\",\n \"CVE-2016-1964\",\n \"CVE-2016-1965\",\n \"CVE-2016-1966\",\n \"CVE-2016-1967\",\n \"CVE-2016-1968\",\n \"CVE-2016-1969\",\n \"CVE-2016-1970\",\n \"CVE-2016-1971\",\n \"CVE-2016-1972\",\n \"CVE-2016-1973\",\n \"CVE-2016-1974\",\n \"CVE-2016-1975\",\n \"CVE-2016-1976\",\n \"CVE-2016-1977\",\n \"CVE-2016-1979\",\n \"CVE-2016-2790\",\n \"CVE-2016-2791\",\n \"CVE-2016-2792\",\n \"CVE-2016-2793\",\n \"CVE-2016-2794\",\n \"CVE-2016-2795\",\n \"CVE-2016-2796\",\n \"CVE-2016-2797\",\n \"CVE-2016-2798\",\n \"CVE-2016-2799\",\n \"CVE-2016-2800\",\n \"CVE-2016-2801\",\n \"CVE-2016-2802\"\n );\n script_xref(name:\"MFSA\", value:\"2016-16\");\n script_xref(name:\"MFSA\", value:\"2016-17\");\n script_xref(name:\"MFSA\", value:\"2016-18\");\n script_xref(name:\"MFSA\", value:\"2016-19\");\n script_xref(name:\"MFSA\", value:\"2016-20\");\n script_xref(name:\"MFSA\", value:\"2016-21\");\n script_xref(name:\"MFSA\", value:\"2016-22\");\n script_xref(name:\"MFSA\", value:\"2016-23\");\n script_xref(name:\"MFSA\", value:\"2016-24\");\n script_xref(name:\"MFSA\", value:\"2016-25\");\n script_xref(name:\"MFSA\", value:\"2016-26\");\n script_xref(name:\"MFSA\", value:\"2016-27\");\n script_xref(name:\"MFSA\", value:\"2016-28\");\n script_xref(name:\"MFSA\", value:\"2016-29\");\n script_xref(name:\"MFSA\", value:\"2016-30\");\n script_xref(name:\"MFSA\", value:\"2016-31\");\n script_xref(name:\"MFSA\", value:\"2016-32\");\n script_xref(name:\"MFSA\", value:\"2016-33\");\n script_xref(name:\"MFSA\", value:\"2016-34\");\n script_xref(name:\"MFSA\", value:\"2016-35\");\n script_xref(name:\"MFSA\", value:\"2016-36\");\n script_xref(name:\"MFSA\", value:\"2016-37\");\n script_xref(name:\"MFSA\", value:\"2016-38\");\n\n script_name(english:\"Firefox < 45 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks the version of Firefox.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox installed on the remote Mac OS X host is prior\nto 45. It is, therefore, affected by multiple vulnerabilities, the\nmajority of which are remote code execution vulnerabilities. An\nunauthenticated, remote attacker can exploit these issues by\nconvincing a user to visit a specially crafted website, resulting in\nthe execution of arbitrary code in the context of the current user.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-21/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-22/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-25/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-26/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-28/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-29/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-30/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-32/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-33/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-38/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Firefox version 45 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1962\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_firefox_installed.nasl\");\n script_require_keys(\"MacOSX/Firefox/Installed\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\n\nkb_base = \"MacOSX/Firefox\";\nget_kb_item_or_exit(kb_base+\"/Installed\");\n\nversion = get_kb_item_or_exit(kb_base+\"/Version\", exit_code:1);\npath = get_kb_item_or_exit(kb_base+\"/Path\", exit_code:1);\n\nif (get_kb_item(kb_base + '/is_esr')) exit(0, 'The Mozilla Firefox installation is in the ESR branch.');\n\nmozilla_check_version(product:'firefox', version:version, path:path, esr:FALSE, fix:'45', severity:SECURITY_HOLE);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:11:20", "description": "This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues :\n\nMozillaFirefox was updated to Firefox 45.0 (boo#969894)\n\n - requires NSPR 4.12 / NSS 3.21.1\n\n - Instant browser tab sharing through Hello\n\n - Synced Tabs button in button bar\n\n - Tabs synced via Firefox Accounts from other devices are now shown in dropdown area of Awesome Bar when searching\n\n - Introduce a new preference (network.dns.blockDotOnion) to allow blocking .onion at the DNS level\n\n - Tab Groups (Panorama) feature removed\n\n - MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety hazards\n\n - MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and potential privilege escalation through CSP reports\n\n - MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports fail to strip location information for embedded iframe pages\n\n - MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video memory DOS with Intel drivers\n\n - MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in libstagefright when deleting an array during MP4 processing\n\n - MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be overridden\n\n - MFSA 2016-22/CVE-2016-1959 (bmo#1234949) Service Worker Manager out-of-bounds read in Service Worker Manager\n\n - MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free in HTML5 string parser\n\n - MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free in SetBody\n\n - MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using multiple WebRTC data channels\n\n - MFSA 2016-26/CVE-2016-1963 (bmo#1238440) Memory corruption when modifying a file being read by FileReader\n\n - MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML transformations\n\n - MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though history navigation and Location protocol property\n\n - MFSA 2016-29/CVE-2016-1967 (bmo#1246956) Same-origin policy violation using perfomance.getEntries and history navigation with session restore\n\n - MFSA 2016-30/CVE-2016-1968 (bmo#1246742) Buffer overflow in Brotli decompression\n\n - MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with malicious NPAPI plugin\n\n - MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/ CVE-2016-1976/CVE-2016-1972 WebRTC and LibVPX vulnerabilities found through code inspection\n\n - MFSA 2016-33/CVE-2016-1973 (bmo#1219339) Use-after-free in GetStaticInstance in WebRTC\n\n - MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML parser following a failed allocation\n\n - MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow during ASN.1 decoding in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free during processing of DER encoded keys in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the Graphite 2 library\n\n mozilla-nspr was updated to version 4.12\n\n - added a PR_GetEnvSecure function, which attempts to detect if the program is being executed with elevated privileges, and returns NULL if detected. It is recommended to use this function in general purpose library code.\n\n - fixed a memory allocation bug related to the PR_*printf functions\n\n - exported API PR_DuplicateEnvironment, which had already been added in NSPR 4.10.9\n\n - added support for FreeBSD aarch64\n\n - several minor correctness and compatibility fixes\n\n mozilla-nss was updated to NSS 3.21.1 (bmo#969894)\n\n - required for Firefox 45.0\n\n - MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow during ASN.1 decoding in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free during processing of DER encoded keys in NSS (fixed by requiring 3.21.1)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-14T00:00:00", "type": "nessus", "title": "openSUSE Security Update : Firefox (openSUSE-2016-334)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1959", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1967", "CVE-2016-1968", "CVE-2016-1970", "CVE-2016-1971", "CVE-2016-1972", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1975", "CVE-2016-1976", "CVE-2016-1977", "CVE-2016-1979", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaFirefox", "p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream", "p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols", "p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo", "p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource", "p-cpe:/a:novell:opensuse:MozillaFirefox-devel", "p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common", "p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other", "p-cpe:/a:novell:opensuse:libfreebl3", "p-cpe:/a:novell:opensuse:libfreebl3-32bit", "p-cpe:/a:novell:opensuse:libfreebl3-debuginfo", "p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsoftokn3", "p-cpe:/a:novell:opensuse:libsoftokn3-32bit", "p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo", "p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nspr", "p-cpe:/a:novell:opensuse:mozilla-nspr-32bit", "p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nspr-debugsource", "p-cpe:/a:novell:opensuse:mozilla-nspr-devel", "p-cpe:/a:novell:opensuse:mozilla-nss", "p-cpe:/a:novell:opensuse:mozilla-nss-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-certs", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-debugsource", "p-cpe:/a:novell:opensuse:mozilla-nss-devel", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-tools", "p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2016-334.NASL", "href": "https://www.tenable.com/plugins/nessus/89915", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-334.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89915);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1963\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1967\", \"CVE-2016-1968\", \"CVE-2016-1970\", \"CVE-2016-1971\", \"CVE-2016-1972\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1975\", \"CVE-2016-1976\", \"CVE-2016-1977\", \"CVE-2016-1979\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n\n script_name(english:\"openSUSE Security Update : Firefox (openSUSE-2016-334)\");\n script_summary(english:\"Check for the openSUSE-2016-334 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the\nfollowing issues :\n\nMozillaFirefox was updated to Firefox 45.0 (boo#969894)\n\n - requires NSPR 4.12 / NSS 3.21.1\n\n - Instant browser tab sharing through Hello\n\n - Synced Tabs button in button bar\n\n - Tabs synced via Firefox Accounts from other devices are\n now shown in dropdown area of Awesome Bar when searching\n\n - Introduce a new preference (network.dns.blockDotOnion)\n to allow blocking .onion at the DNS level\n\n - Tab Groups (Panorama) feature removed\n\n - MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous\n memory safety hazards\n\n - MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file\n overwriting and potential privilege escalation through\n CSP reports\n\n - MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports\n fail to strip location information for embedded iframe\n pages\n\n - MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video\n memory DOS with Intel drivers\n\n - MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in\n libstagefright when deleting an array during MP4\n processing\n\n - MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page\n address can be overridden\n\n - MFSA 2016-22/CVE-2016-1959 (bmo#1234949) Service Worker\n Manager out-of-bounds read in Service Worker Manager\n\n - MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014)\n Use-after-free in HTML5 string parser\n\n - MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377)\n Use-after-free in SetBody\n\n - MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free\n when using multiple WebRTC data channels\n\n - MFSA 2016-26/CVE-2016-1963 (bmo#1238440) Memory\n corruption when modifying a file being read by\n FileReader\n\n - MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free\n during XML transformations\n\n - MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar\n spoofing though history navigation and Location protocol\n property\n\n - MFSA 2016-29/CVE-2016-1967 (bmo#1246956) Same-origin\n policy violation using perfomance.getEntries and history\n navigation with session restore\n\n - MFSA 2016-30/CVE-2016-1968 (bmo#1246742) Buffer overflow\n in Brotli decompression\n\n - MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory\n corruption with malicious NPAPI plugin\n\n - MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/\n CVE-2016-1976/CVE-2016-1972 WebRTC and LibVPX\n vulnerabilities found through code inspection\n\n - MFSA 2016-33/CVE-2016-1973 (bmo#1219339) Use-after-free\n in GetStaticInstance in WebRTC\n\n - MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds\n read in HTML parser following a failed allocation\n\n - MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow\n during ASN.1 decoding in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free\n during processing of DER encoded keys in NSS (fixed by\n requiring 3.21.1)\n\n - MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/\n CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/\n CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/\n CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font\n vulnerabilities in the Graphite 2 library\n\n mozilla-nspr was updated to version 4.12\n\n - added a PR_GetEnvSecure function, which attempts to\n detect if the program is being executed with elevated\n privileges, and returns NULL if detected. It is\n recommended to use this function in general purpose\n library code.\n\n - fixed a memory allocation bug related to the PR_*printf\n functions\n\n - exported API PR_DuplicateEnvironment, which had already\n been added in NSPR 4.10.9\n\n - added support for FreeBSD aarch64\n\n - several minor correctness and compatibility fixes\n\n mozilla-nss was updated to NSS 3.21.1 (bmo#969894)\n\n - required for Firefox 45.0\n\n - MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow\n during ASN.1 decoding in NSS (fixed by requiring 3.21.1)\n\n - MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free\n during processing of DER encoded keys in NSS (fixed by\n requiring 3.21.1)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1185033\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1199923\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1208946\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1219339\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1227052\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1228103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1228754\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1234949\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1238440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1240760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1243178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1243335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1245264\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1245528\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1246014\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1246054\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1246742\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1246956\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=1249377\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=969894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969894\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Firefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-45.0-109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-branding-upstream-45.0-109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-buildsymbols-45.0-109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-debuginfo-45.0-109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-debugsource-45.0-109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-devel-45.0-109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-translations-common-45.0-109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"MozillaFirefox-translations-other-45.0-109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libfreebl3-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libfreebl3-debuginfo-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsoftokn3-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libsoftokn3-debuginfo-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nspr-4.12-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nspr-debuginfo-4.12-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nspr-debugsource-4.12-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nspr-devel-4.12-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-certs-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-certs-debuginfo-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-debuginfo-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-debugsource-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-devel-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-sysinit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-sysinit-debuginfo-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-tools-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"mozilla-nss-tools-debuginfo-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libfreebl3-debuginfo-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libsoftokn3-debuginfo-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.12-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"mozilla-nspr-debuginfo-32bit-4.12-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-debuginfo-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"mozilla-nss-debuginfo-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-32bit-3.21.1-74.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-debuginfo-32bit-3.21.1-74.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox / MozillaFirefox-branding-upstream / etc\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:10:31", "description": "The version of Firefox installed on the remote Windows host is prior to 45. It is, therefore, affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these issues by convincing a user to visit a specially crafted website, resulting in the execution of arbitrary code in the context of the current user.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-11T00:00:00", "type": "nessus", "title": "Firefox < 45 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1959", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1967", "CVE-2016-1968", "CVE-2016-1969", "CVE-2016-1970", "CVE-2016-1971", "CVE-2016-1972", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1975", "CVE-2016-1976", "CVE-2016-1977", "CVE-2016-1979", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MOZILLA_FIREFOX_45.NASL", "href": "https://www.tenable.com/plugins/nessus/89875", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89875);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2016-1950\",\n \"CVE-2016-1952\",\n \"CVE-2016-1953\",\n \"CVE-2016-1954\",\n \"CVE-2016-1955\",\n \"CVE-2016-1956\",\n \"CVE-2016-1957\",\n \"CVE-2016-1958\",\n \"CVE-2016-1959\",\n \"CVE-2016-1960\",\n \"CVE-2016-1961\",\n \"CVE-2016-1962\",\n \"CVE-2016-1963\",\n \"CVE-2016-1964\",\n \"CVE-2016-1965\",\n \"CVE-2016-1966\",\n \"CVE-2016-1967\",\n \"CVE-2016-1968\",\n \"CVE-2016-1969\",\n \"CVE-2016-1970\",\n \"CVE-2016-1971\",\n \"CVE-2016-1972\",\n \"CVE-2016-1973\",\n \"CVE-2016-1974\",\n \"CVE-2016-1975\",\n \"CVE-2016-1976\",\n \"CVE-2016-1977\",\n \"CVE-2016-1979\",\n \"CVE-2016-2790\",\n \"CVE-2016-2791\",\n \"CVE-2016-2792\",\n \"CVE-2016-2793\",\n \"CVE-2016-2794\",\n \"CVE-2016-2795\",\n \"CVE-2016-2796\",\n \"CVE-2016-2797\",\n \"CVE-2016-2798\",\n \"CVE-2016-2799\",\n \"CVE-2016-2800\",\n \"CVE-2016-2801\",\n \"CVE-2016-2802\"\n );\n script_xref(name:\"MFSA\", value:\"2016-16\");\n script_xref(name:\"MFSA\", value:\"2016-17\");\n script_xref(name:\"MFSA\", value:\"2016-18\");\n script_xref(name:\"MFSA\", value:\"2016-19\");\n script_xref(name:\"MFSA\", value:\"2016-20\");\n script_xref(name:\"MFSA\", value:\"2016-21\");\n script_xref(name:\"MFSA\", value:\"2016-22\");\n script_xref(name:\"MFSA\", value:\"2016-23\");\n script_xref(name:\"MFSA\", value:\"2016-24\");\n script_xref(name:\"MFSA\", value:\"2016-25\");\n script_xref(name:\"MFSA\", value:\"2016-26\");\n script_xref(name:\"MFSA\", value:\"2016-27\");\n script_xref(name:\"MFSA\", value:\"2016-28\");\n script_xref(name:\"MFSA\", value:\"2016-29\");\n script_xref(name:\"MFSA\", value:\"2016-30\");\n script_xref(name:\"MFSA\", value:\"2016-31\");\n script_xref(name:\"MFSA\", value:\"2016-32\");\n script_xref(name:\"MFSA\", value:\"2016-33\");\n script_xref(name:\"MFSA\", value:\"2016-34\");\n script_xref(name:\"MFSA\", value:\"2016-35\");\n script_xref(name:\"MFSA\", value:\"2016-36\");\n script_xref(name:\"MFSA\", value:\"2016-37\");\n script_xref(name:\"MFSA\", value:\"2016-38\");\n\n script_name(english:\"Firefox < 45 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Firefox.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox installed on the remote Windows host is prior\nto 45. It is, therefore, affected by multiple vulnerabilities, the\nmajority of which are remote code execution vulnerabilities. An\nunauthenticated, remote attacker can exploit these issues by\nconvincing a user to visit a specially crafted website, resulting in\nthe execution of arbitrary code in the context of the current user.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-21/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-22/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-25/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-26/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-28/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-29/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-30/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-32/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-33/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2016-38/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Firefox version 45 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1962\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\n\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\ninstalls = get_kb_list(\"SMB/Mozilla/Firefox/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Firefox\");\n\nmozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'45', severity:SECURITY_HOLE);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:40:13", "description": "The specific version of Firefox that the system is running is reportedly affected by the following vulnerabilities:\n\n- Mozilla Firefox contains a flaw in the ValueNumberer::fixupOSROnlyLoop() function in jit/ValueNumbering.cpp that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1952)\n\n- Mozilla Firefox contains a flaw in the Downscaler::BeginFrame() function in image/Downscaler.cpp that is triggered when failing to compute filters for image downscaling. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1952)\n\n- Mozilla Firefox contains a flaw that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1952)\n\n- Mozilla Firefox contains a flaw in the JSScript::maybeSweepTypes() function in vm/TypeInference.cpp that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1952)\n\n- Mozilla Firefox contains a flaw that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1952)\n\n- Mozilla Firefox contains a flaw in the DispatchEvents() function in layout/style/nsAnimationManager.h and layout/style/nsTransitionManager.h that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1952)\n\n- Mozilla Firefox contains a flaw in dom/base/Console.cpp that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1952)\n\n- Mozilla Firefox contains a flaw in the PeerConnectionMedia::SelfDestruct_m() function in media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.cpp that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1952)\n\n- Mozilla Firefox contains a flaw that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1952)\n\n- Mozilla Firefox contains a flaw in the nsICODecoder::ReadDirEntry() function in image/decoders/nsICODecoder.cpp that is triggered when rendering ICO sub-images. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n\n- Mozilla Firefox contains a flaw in the nsIDNService::IDNA2008ToUnicode() function in netwerk/dns/nsIDNService.cpp that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n\n- Mozilla Firefox contains a flaw that is triggered as user-supplied input is not properly validated when handling image decoding. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n\n- Mozilla Firefox contains a flaw in the DiscardTransferables() function in vm/StructuredClone.cpp that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n\n- Mozilla Firefox contains a flaw in the Assembler::GetCF32Target() function in jit/arm/Assembler-arm.cpp that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n\n- Mozilla Firefox contains a flaw in the GetPcScript() function in jit/JitFrames.cpp that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n\n- Mozilla Firefox contains a flaw in the JSFunction::isDerivedClassConstructor() function in js/src/jsfun.cpp that is triggered when handling lazy self-hosted functions. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n\n- Mozilla Firefox contains a flaw in js/src/jit/Lowering.cpp that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n\n- Mozilla Firefox contains a flaw that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n\n- Mozilla Firefox contains a flaw in the EventListenerManager::HandleEventInternal() function in dom/events/EventListenerManager.cpp. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n\n- Mozilla Firefox contains a flaw in layout/base/nsRefreshDriver.cpp that is triggered when handling transition events. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n\n- Mozilla Firefox contains a flaw in dom/media/systemservices/CamerasChild.cpp that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n\n- libvpx contains a flaw in the vp8_mb_init_dequantizer() function in vp8/decoder/decodeframe.c that is triggered as user-supplied input is not properly validated. With specially crafted media content, a context-dependent attacker can corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n\n- libvpx contains a flaw in the vp8_loop_filter_frame_init() function in media/libvpx/vp8/common/loopfilter.c that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n\n- Mozilla Firefox contains a flaw that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n\n- Mozilla Firefox contains a flaw in dom/xslt/xslt/txMozillaTextOutput.cpp that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n\n- Mozilla Firefox contains a flaw in dom/gamepad/windows/WindowsGamepad.cpp that is triggered when handling WindowsGamepadService shutdown. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1953)\n\n- Mozilla Firefox contains a flaw in the nsCSPContext::SendReports() function in dom/security/nsCSPContext.cpp that is triggered during the handling of Content Security Policy (CSP) violation reports. This may allow a context-dependent attacker to overwrite arbitrary files on a user's machine and potentially gain elevated privileges. (CVE-2016-1954)\n\n- Mozilla Firefox contains a flaw in dom/security/nsCSPContext.cpp that is due to Content Security Policy (CSP) violation reports containing full path information for cross-origin iframe navigations in violation of the CSP specification. This may allow a context-dependent attacker to gain unauthorized access to sensitive information. (CVE-2016-1955)\n\n- Mozilla Firefox contains a flaw in gfx/gl/GLContext.cpp when using Intel Video cards that is triggered when performing WebGL operations that require a large amount buffer to be allocated from video memory. This may allow a context-dependent to cause a consumption of memory resources that will persist until the system has been restarted. (CVE-2016-1956)\n\n- Google Stagefright contains a flaw that is triggered during the handling of array destruction during MPEG4 video file processing. This may allow a context-dependent attacker to cause a memory leak, with unspecified consequences.\n (CVE-2016-1957)\n\n- Mozilla Firefox contains an unspecified flaw that may allow a context-dependent attacker to spoof the user's address bar. No further details have been provided. (CVE-2016-1958)\n\n- Mozilla Firefox contains a flaw in Service Worker Manager that is triggered when handling the Clients API. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1959)\n\n- Mozilla Firefox contains a use-after-free error in the HTML5 string parser. The issue is triggered when parsing a set of table-related tags in a foreign fragment context such as SVG. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1960)\n\n- Mozilla Firefox contains a use-after-free error in the nsHTMLDocument::SetBody() function in dom/html/nsHTMLDocument.cpp. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1961)\n\n- Mozilla Firefox contains a use-after-free error in netwerk/sctp/datachannel/DataChannel.cpp when using multiple WebRTC data channel connections and freeing a data channel connection from within a call. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1962)\n\n- Mozilla Firefox contains a flaw in the FileReader::DoReadData() function in dom/base/FileReader.cpp. The issue is triggered as user-supplied input is not properly validated when handling modifications to local files that occur while they are being read with the FileReader API. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1963)\n\n- Mozilla Firefox contains a use-after-free error in the txAttribute::execute() function in dom/xslt/xslt/txInstructions.cpp that is triggered when handling XML transformation operations. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1964)\n\n- Mozilla Firefox contains a flaw in the nsLocation::SetProtocol() function in dom/base/nsLocation.cpp that is triggered when handling history navigation in combination with the location protocol property. This may allow a context-dependent attacker to spoof the contents of the address bar. (CVE-2016-1965)\n\n- Mozilla Firefox contains a flaw that is triggered when handling history navigation in a restored browser session. This may potentially allow a context-dependent attacker to gain unauthorized access to cross-origin URL information. (CVE-2016-1967)\n\n- Mozilla Firefox contains a pointer underflow condition in the Brotli library. The issue is triggered as user-supplied input is not properly validated when the library is performing decompression. This may allow a context-dependent attacker to cause a buffer overflow, potentially allowing the execution of arbitrary code. (CVE-2016-1968)\n\n- Mozilla Firefox contains a use-after-free flaw in the Netscape Plugin Application Programming Interface (NPAPI) plugin within the nsNPObjWrapper::GetNewOrUsed() function in dom/plugins/base/nsJSNPRuntime.cpp. The issue is triggered when handling malicious scripted web content in concert with the plugin. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1966)\n\n- Mozilla Firefox contains an integer underflow condition in the srtp_unprotect() function in netwerk/srtp/src/srtp/srtp.c that is triggered when handling SRTP packet lenghts. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1970)\n\n- Mozilla Firefox contains a flaw in the I420VideoFrame::CreateFrame() function in WebRTC. The issue is triggered as user-supplied input is not properly validated due to a missing status check. This may potentially allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1971)\n\n- Mozilla Firefox contains a race condition in dom/media/systemservices/CamerasChild.h. The issue is triggered as user-supplied input is not properly validated when handling block-level statistics. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2016-1975)\n\n- Mozilla Firefox contains a use-after-free flaw in DesktopDisplayDevice::operator= in media/webrtc/trunk/webrtc/modules/desktop_capture/desktop_device_info.cc. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1976)\n\n- libvpx contains a use-after-free error in vpx_ports/vpx_once.h related to a race condition. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code.\n (CVE-2016-1972)\n\n- Mozilla Firefox contains a use-after-free error that is triggered by a race condition in GetStaticInstance in WebRTC. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-1973)\n\n- Mozilla Firefox contains a flaw in the nsScannerString::AppendUnicodeTo() function in parser/htmlparser/nsScannerString.cpp. The issue is triggered when the program fails to allocate memory during handling of unicode strings. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2016-1974)\n\n- Mozilla Network Security Services (NSS) contains a use-after-free error in the PK11_ImportDERPrivateKeyInfoAndReturnKey() function. The issue is triggered when handling DER encoded keys. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code.\n (CVE-2016-1979)\n\n- Graphite/Libgraphite contains a flaw in the Machine::Code::decoder::analysis::set_ref() function. The issue is triggered as user-supplied input is not properly validated. With a specially crafted font, a context-dependent attacker can corrupt memory to cause a denial of service in a process linked against the library or potentially execute arbitrary code. (CVE-2016-1977)\n\n- Graphite/Libgraphite contains a flaw in the GetTableInfo() function in TtfUtil.cpp related to the use of uninitialized memory when handling a specially crafted font. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-2790)\n\n- Graphite/Libgraphite contains an out-of-bounds read flaw in the GlyphCache::glyph() function that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2791)\n\n- Graphite/Libgraphite contains an out-of-bounds read flaw in the getAttr() function in Slot.cpp that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2792)\n\n- Graphite/Libgraphite contains an out-of-bounds read flaw in CachedCmap.cpp that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2793)\n\n- Graphite/Libgraphite contains an out-of-bounds read flaw in the CmapSubtable12NextCodepoint() function in TtfUtil.cpp that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2794)\n\n- Graphite/Libgraphite contains a flaw in the FileFace::get_table_fn() function related to the use of uninitialized memory when handling a specially crafted font. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-2795)\n\n- Graphite/Libgraphite contains an out-of-bounds write flaw in the vm::Machine::Code::Code() function that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2016-2796)\n\n- Graphite/Libgraphite contains an out-of-bounds read flaw in the CmapSubtable12Lookup() function in TtfUtil.cpp that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2797)\n\n- Graphite/Libgraphite contains an out-of-bounds read flaw in the GlyphCache::Loader::Loader() function that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2798)\n\n- Graphite/Libgraphite contains an out-of-bounds write flaw in the setAttr() function in Slot.cpp that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2016-2799)\n\n- Graphite/Libgraphite contains an out-of-bounds read flaw in the getAttr() function in Slot.cpp that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2800)\n\n- Graphite/Libgraphite contains an out-of-bounds read flaw in the CmapSubtable12Lookup() function in TtfUtil.cpp that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2801)\n\n- Graphite/Libgraphite contains an out-of-bounds read flaw in the CmapSubtable4NextCodepoint() function in TtfUtil.cpp that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents. (CVE-2016-2802)\n\n- Graphite/Libgraphite contains an out-of-bounds write flaw in the setAttr() function that is triggered when handling maliciously crafted fonts. This may allow a context-dependent attacker to potentially execute arbitrary code. (CVE-2016-1969)\n", "cvss3": {"score": null, "vector": null}, "published": "2016-09-07T00:00:00", "type": "nessus", "title": "Firefox < 45 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-1979", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802", "CVE-2016-1969", "CVE-2016-1973", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1959", "CVE-2016-1963", "CVE-2016-1967", "CVE-2016-1968", "CVE-2016-1970", "CVE-2016-1971", "CVE-2016-1972", "CVE-2016-1975", "CVE-2016-1976"], "modified": "2016-09-07T00:00:00", "cpe": [], "id": "802023.PRM", "href": "https://www.tenable.com/plugins/lce/802023", "sourceData": "Binary data 802023.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-11T15:16:59", "description": "The remote host is affected by the vulnerability described in GLSA-201605-06 (Mozilla Products: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Firefox, NSS, NSPR, and Thunderbird. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, spoof the address bar, conduct clickjacking attacks, bypass security restrictions and protection mechanisms, or have other unspecified impacts.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 10, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}, "published": "2016-05-31T00:00:00", "type": "nessus", "title": "GLSA-201605-06 : Mozilla Products: Multiple vulnerabilities (Logjam) (SLOTH)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-2708", "CVE-2015-2709", "CVE-2015-2710", "CVE-2015-2711", "CVE-2015-2712", "CVE-2015-2713", "CVE-2015-2714", "CVE-2015-2715", "CVE-2015-2716", "CVE-2015-2717", "CVE-2015-2718", "CVE-2015-2721", "CVE-2015-4000", "CVE-2015-4473", "CVE-2015-4474", "CVE-2015-4475", "CVE-2015-4477", "CVE-2015-4478", "CVE-2015-4479", "CVE-2015-4480", "CVE-2015-4481", "CVE-2015-4482", "CVE-2015-4483", "CVE-2015-4484", "CVE-2015-4485", "CVE-2015-4486", "CVE-2015-4487", "CVE-2015-4488", "CVE-2015-4489", "CVE-2015-4490", "CVE-2015-4491", "CVE-2015-4492", "CVE-2015-4493", "CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183", "CVE-2015-7575", "CVE-2016-1523", "CVE-2016-1930", "CVE-2016-1931", "CVE-2016-1933", "CVE-2016-1935", "CVE-2016-1937", "CVE-2016-1938", "CVE-2016-1939", "CVE-2016-1940", "CVE-2016-1941", "CVE-2016-1942", "CVE-2016-1943", "CVE-2016-1944", "CVE-2016-1945", "CVE-2016-1946", "CVE-2016-1947", "CVE-2016-1948", "CVE-2016-1949", "CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1959", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1967", "CVE-2016-1968", "CVE-2016-1969", "CVE-2016-1970", "CVE-2016-1971", "CVE-2016-1972", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1975", "CVE-2016-1976", "CVE-2016-1977", "CVE-2016-1978", "CVE-2016-1979", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:firefox", "p-cpe:/a:gentoo:linux:firefox-bin", "p-cpe:/a:gentoo:linux:nspr", "p-cpe:/a:gentoo:linux:nss", "p-cpe:/a:gentoo:linux:thunderbird", "p-cpe:/a:gentoo:linux:thunderbird-bin", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201605-06.NASL", "href": "https://www.tenable.com/plugins/nessus/91379", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201605-06.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91379);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-2708\", \"CVE-2015-2709\", \"CVE-2015-2710\", \"CVE-2015-2711\", \"CVE-2015-2712\", \"CVE-2015-2713\", \"CVE-2015-2714\", \"CVE-2015-2715\", \"CVE-2015-2716\", \"CVE-2015-2717\", \"CVE-2015-2718\", \"CVE-2015-2721\", \"CVE-2015-4000\", \"CVE-2015-4473\", \"CVE-2015-4474\", \"CVE-2015-4475\", \"CVE-2015-4477\", \"CVE-2015-4478\", \"CVE-2015-4479\", \"CVE-2015-4480\", \"CVE-2015-4481\", \"CVE-2015-4482\", \"CVE-2015-4483\", \"CVE-2015-4484\", \"CVE-2015-4485\", \"CVE-2015-4486\", \"CVE-2015-4487\", \"CVE-2015-4488\", \"CVE-2015-4489\", \"CVE-2015-4490\", \"CVE-2015-4491\", \"CVE-2015-4492\", \"CVE-2015-4493\", \"CVE-2015-7181\", \"CVE-2015-7182\", \"CVE-2015-7183\", \"CVE-2015-7575\", \"CVE-2016-1523\", \"CVE-2016-1930\", \"CVE-2016-1931\", \"CVE-2016-1933\", \"CVE-2016-1935\", \"CVE-2016-1937\", \"CVE-2016-1938\", \"CVE-2016-1939\", \"CVE-2016-1940\", \"CVE-2016-1941\", \"CVE-2016-1942\", \"CVE-2016-1943\", \"CVE-2016-1944\", \"CVE-2016-1945\", \"CVE-2016-1946\", \"CVE-2016-1947\", \"CVE-2016-1948\", \"CVE-2016-1949\", \"CVE-2016-1950\", \"CVE-2016-1952\", \"CVE-2016-1953\", \"CVE-2016-1954\", \"CVE-2016-1955\", \"CVE-2016-1956\", \"CVE-2016-1957\", \"CVE-2016-1958\", \"CVE-2016-1959\", \"CVE-2016-1960\", \"CVE-2016-1961\", \"CVE-2016-1962\", \"CVE-2016-1963\", \"CVE-2016-1964\", \"CVE-2016-1965\", \"CVE-2016-1966\", \"CVE-2016-1967\", \"CVE-2016-1968\", \"CVE-2016-1969\", \"CVE-2016-1970\", \"CVE-2016-1971\", \"CVE-2016-1972\", \"CVE-2016-1973\", \"CVE-2016-1974\", \"CVE-2016-1975\", \"CVE-2016-1976\", \"CVE-2016-1977\", \"CVE-2016-1978\", \"CVE-2016-1979\", \"CVE-2016-2790\", \"CVE-2016-2791\", \"CVE-2016-2792\", \"CVE-2016-2793\", \"CVE-2016-2794\", \"CVE-2016-2795\", \"CVE-2016-2796\", \"CVE-2016-2797\", \"CVE-2016-2798\", \"CVE-2016-2799\", \"CVE-2016-2800\", \"CVE-2016-2801\", \"CVE-2016-2802\");\n script_xref(name:\"GLSA\", value:\"201605-06\");\n\n script_name(english:\"GLSA-201605-06 : Mozilla Products: Multiple vulnerabilities (Logjam) (SLOTH)\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-201605-06\n(Mozilla Products: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Firefox, NSS, NSPR, and\n Thunderbird. Please review the CVE identifiers referenced below for\n details.\n \nImpact :\n\n A remote attacker could entice a user to view a specially crafted web\n page or email, possibly resulting in execution of arbitrary code or a\n Denial of Service condition. Furthermore, a remote attacker may be able\n to perform Man-in-the-Middle attacks, obtain sensitive information, spoof\n the address bar, conduct clickjacking attacks, bypass security\n restrictions and protection mechanisms, or have other unspecified\n impacts.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201605-06\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All NSS users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/nss-3.22.2'\n All Thunderbird users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=mail-client/thunderbird-38.7.0'\n All users of the Thunderbird binary package should upgrade to the latest\n version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=mail-client/thunderbird-bin-38.7.0'\n All Firefox 38.7.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/firefox-38.7.0'\n All users of the Firefox 38.7.x binary package should upgrade to the\n latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/firefox-bin-38.7.0'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:firefox-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:thunderbird-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/31\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/nspr\", unaffected:make_list(\"ge 4.12\"), vulnerable:make_list(\"lt 4.12\"))) flag++;\nif (qpkg_check(package:\"dev-libs/nss\", unaffected:make_list(\"ge 3.22.2\"), vulnerable:make_list(\"lt 3.22.2\"))) flag++;\nif (qpkg_check(package:\"mail-client/thunderbird\", unaffected:make_list(\"ge 38.7.0\"), vulnerable:make_list(\"lt 38.7.0\"))) flag++;\nif (qpkg_check(package:\"mail-client/thunderbird-bin\", unaffected:make_list(\"ge 38.7.0\"), vulnerable:make_list(\"lt 38.7.0\"))) flag++;\nif (qpkg_check(package:\"www-client/firefox\", unaffected:make_list(\"ge 38.7.0\"), vulnerable:make_list(\"lt 38.7.0\"))) flag++;\nif (qpkg_check(package:\"www-client/firefox-bin\", unaffected:make_list(\"ge 38.7.0\"), vulnerable:make_list(\"lt 38.7.0\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Mozilla Products\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2021-06-04T20:20:51", "description": "[38.7.0-1.0.1]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[38.7.0-1]\n- Update to 38.7.0", "cvss3": {}, "published": "2016-03-16T00:00:00", "type": "oraclelinux", "title": "thunderbird security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1964", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2016-03-16T00:00:00", "id": "ELSA-2016-0460", "href": "http://linux.oracle.com/errata/ELSA-2016-0460.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-06-04T20:21:06", "description": "[38.7.0-1.0.1]\n- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one\n- Force requirement of newer gdk-pixbuf2 to ensure a proper update (Todd Vierling) [orabug 19847484]\n[38.7.0-1]\n- Update to 38.7.0 ESR", "cvss3": {}, "published": "2016-03-09T00:00:00", "type": "oraclelinux", "title": "firefox security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2016-03-09T00:00:00", "id": "ELSA-2016-0373", "href": "http://linux.oracle.com/errata/ELSA-2016-0373.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2022-02-27T11:52:37", "description": "**CentOS Errata and Security Advisory** CESA-2016:0460\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960,\nCVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped\nwith Thunderbird. A web page containing malicious content could cause\nThunderbird to crash or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2016-1977, CVE-2016-2790,\nCVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795,\nCVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800,\nCVE-2016-2801, CVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew\nMcCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas\nGolubovic, Jose Martinez, Romina Santillan, ca0nguyen, lokihardt, Nicolas\nGregoire, the Communications Electronics Security Group (UK) of the GCHQ,\nHolger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters\nof these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Thunderbird 38.7.0. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 38.7.0, which corrects these issues. After\ninstalling the update, Thunderbird must be restarted for the changes to\ntake effect.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2016-March/058657.html\nhttps://lists.centos.org/pipermail/centos-announce/2016-March/058658.html\nhttps://lists.centos.org/pipermail/centos-announce/2016-March/058659.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2016:0460", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-03-16T17:52:15", "type": "centos", "title": "thunderbird security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1964", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2016-03-16T19:58:44", "id": "CESA-2016:0460", "href": "https://lists.centos.org/pipermail/centos-announce/2016-March/058657.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-27T11:52:32", "description": "**CentOS Errata and Security Advisory** CESA-2016:0373\n\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958,\nCVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1973, CVE-2016-1974,\nCVE-2016-1964, CVE-2016-1965, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped\nwith Firefox. A web page containing malicious content could cause Firefox\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791,\nCVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796,\nCVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801,\nCVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew\nMcCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas\nGolubovic, Jose Martinez, Romina Santillan, Abdulrahman Alqabandi,\nca0nguyen, lokihardt, Dominique Hazael-Massieux, Nicolas Gregoire, Tsubasa\nIinuma, the Communications Electronics Security Group (UK) of the GCHQ,\nHolger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters\nof these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 38.7.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2016-March/058642.html\nhttps://lists.centos.org/pipermail/centos-announce/2016-March/058643.html\nhttps://lists.centos.org/pipermail/centos-announce/2016-March/058644.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2016:0373", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-03-09T06:42:15", "type": "centos", "title": "firefox security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2016-03-09T13:26:30", "id": "CESA-2016:0373", "href": "https://lists.centos.org/pipermail/centos-announce/2016-March/058642.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-10-19T18:40:23", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960,\nCVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped\nwith Thunderbird. A web page containing malicious content could cause\nThunderbird to crash or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2016-1977, CVE-2016-2790,\nCVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795,\nCVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800,\nCVE-2016-2801, CVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew\nMcCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas\nGolubovic, Jose Martinez, Romina Santillan, ca0nguyen, lokihardt, Nicolas\nGregoire, the Communications Electronics Security Group (UK) of the GCHQ,\nHolger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters\nof these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Thunderbird 38.7.0. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 38.7.0, which corrects these issues. After\ninstalling the update, Thunderbird must be restarted for the changes to\ntake effect.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-03-16T00:00:00", "type": "redhat", "title": "(RHSA-2016:0460) Important: thunderbird security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1964", "CVE-2016-1966", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2018-06-06T16:24:10", "id": "RHSA-2016:0460", "href": "https://access.redhat.com/errata/RHSA-2016:0460", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-19T18:40:41", "description": "Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958,\nCVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1973, CVE-2016-1974,\nCVE-2016-1964, CVE-2016-1965, CVE-2016-1966)\n\nMultiple security flaws were found in the graphite2 font library shipped\nwith Firefox. A web page containing malicious content could cause Firefox\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791,\nCVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796,\nCVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801,\nCVE-2016-2802)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Bob Clary, Christoph Diehl, Christian Holler, Andrew\nMcCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Nicolas\nGolubovic, Jose Martinez, Romina Santillan, Abdulrahman Alqabandi,\nca0nguyen, lokihardt, Dominique Hazael-Massieux, Nicolas Gregoire, Tsubasa\nIinuma, the Communications Electronics Security Group (UK) of the GCHQ,\nHolger Fuhrmannek, Ronald Crane, and Tyson Smith as the original reporters\nof these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 38.7.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-03-09T00:00:00", "type": "redhat", "title": "(RHSA-2016:0373) Critical: firefox security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1952", "CVE-2016-1954", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1977", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"], "modified": "2018-06-06T16:24:25", "id": "RHSA-2016:0373", "href": "https://access.redhat.com/errata/RHSA-2016:0373", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:48", "description": "- CVE-2016-1952 CVE-2016-1953 (arbitrary code execution):\n\nMozilla developers fixed several memory safety bugs in the browser\nengine used in Firefox and other Mozilla-based products. Some of these\nbugs showed evidence of memory corruption under certain circumstances,\nand we presume that with enough effort at least some of these could be\nexploited to run arbitrary code.\n\n- CVE-2016-1954 (privilege escalation):\n\nSecurity researcher Nicolas Golubovic reported that a malicious page can\noverwrite files on the user's machine using Content Security Policy\n(CSP) violation reports. The file contents are restricted to the JSON\nformat of the report. In many cases overwriting a local file may simply\nbe destructive, breaking the functionality of that file. The CSP error\nreports can include HTML fragments which could be rendered by browsers.\nIf a user has disabled add-on signing and has installed an &quot;unpacked&quot;\nadd-on, a malicious page could overwrite one of the add-on resources.\nDepending on how this resource is used, this could lead to privilege\nescalation.\n\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a\nrisk in browser or browser-like contexts.\n\n- CVE-2016-1957 (resource consumption):\n\nSecurity researchers Jose Martinez and Romina Santillan reported a\nmemory leak in the libstagefright library when array destruction occurs\nduring MPEG4 video file processing.\n\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a\nrisk in browser or browser-like contexts.\n\n- CVE-2016-1960 (arbitrary code execution):\n\nSecurity researcher ca0nguyen, working with HP's Zero Day Initiative,\nreported a use-after-free issue in the HTML5 string parser when parsing\na particular set of table-related tags in a foreign fragment context\nsuch as SVG. This results in a potentially exploitable crash.\n\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a\nrisk in browser or browser-like contexts.\n\n- CVE-2016-1961 (arbitrary code execution):\n\nSecurity researcher lokihardt, working with HP's Zero Day Initiative,\nreported a use-after-free issue in the SetBody function of HTMLDocument.\nThis results in a potentially exploitable crash.\n\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a\nrisk in browser or browser-like contexts.\n\n- CVE-2016-1964 (arbitrary code execution):\n\nSecurity researcher Nicolas Gr&#233;goire used the Address Sanitizer to find\na use-after-free during XML transformation operations. This results in a\npotentially exploitable crash triggerable by web content.\n\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a\nrisk in browser or browser-like contexts.\n\n- CVE-2016-1966 (remote code execution):\n\nThe Communications Electronics Security Group (UK) of the GCHQ reported\na dangling pointer dereference within the Netscape Plugin Application\nProgramming Interface (NPAPI) that could lead to the NPAPI subsystem\ncrashing. This issue requires a maliciously crafted NPAPI plugin in\nconcert with scripted web content, resulting in a potentially\nexploitable crash when triggered.\n\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a\nrisk in browser or browser-like contexts.\n\n- CVE-2016-1974 (denial of service):\n\nSecurity researcher Ronald Crane reported an out-of-bounds read\nfollowing a failed allocation in the HTML parser while working with\nunicode strings. This can also affect the parsing of XML and SVG format\ndata. This leads to a potentially exploitable crash.\n\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a\nrisk in browser or browser-like contexts.\n\n- CVE-2016-1977 CVE-2016-2790 CVE-2016-2791 CVE-2016-2792 CVE-2016-2793\nCVE-2016-2794 CVE-2016-2795 CVE-2016-2796 CVE-2016-2797 CVE-2016-2798\nCVE-2016-2799 CVE-2016-2800 CVE-2016-2801 CVE-2016-2802 (buffer overflow):\n\nSecurity researcher Holger Fuhrmannek and Mozilla security engineer\nTyson Smith reported a number of security vulnerabilities in the\nGraphite 2 library affecting version 1.3.5.\n\nThe issue reported by Holger Fuhrmannek is a mechanism to induce stack\ncorruption with a malicious graphite font. This leads to a potentially\nexploitable crash when the font is loaded.\n\nTyson Smith used the Address Sanitizer tool in concert with a custom\nsoftware fuzzer to find a series of uninitialized memory, out-of-bounds\nread, and out-of-bounds write errors when working with fuzzed graphite\nfonts.", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-03-20T00:00:00", "type": "archlinux", "title": "thunderbird: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1957", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-2795", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1964"], "modified": "2016-03-20T00:00:00", "id": "ASA-201603-21", "href": "https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-02T18:44:36", "description": "- CVE-2016-1952 CVE-2016-1953 (arbitrary code execution)\n\nMozilla developers fixed several memory safety bugs in the browser\nengine used in Firefox and other Mozilla-based products. Some of these\nbugs showed evidence of memory corruption under certain circumstances,\nand we presume that with enough effort at least some of these could be\nexploited to run arbitrary code.\n\n- CVE-2016-1954 (privilege escalation)\n\nSecurity researcher Nicolas Golubovic reported that a malicious page can\noverwrite files on the user's machine using Content Security Policy\n(CSP) violation reports. The file contents are restricted to the JSON\nformat of the report. In many cases overwriting a local file may simply\nbe destructive, breaking the functionality of that file. The CSP error\nreports can include HTML fragments which could be rendered by browsers.\nIf a user has disabled add-on signing and has installed an &quot;unpacked&quot;\nadd-on, a malicious page could overwrite one of the add-on resources.\nDepending on how this resource is used, this could lead to privilege\nescalation.\n\n- CVE-2016-1955 (information disclosure)\n\nSecurity researcher Muneaki Nishimura (nishimunea) of Recruit\nTechnologies Co.,Ltd. reported that Content Security Policy (CSP)\nviolation reports contained full path information for cross-origin\niframe navigations in violation of the CSP specification. This could\nresult in information disclosure.\n\n- CVE-2016-1956 (denial of service)\n\nSecurity researcher Ucha Gobejishvili reported a denial of service (DOS)\nattack when doing certain WebGL operations in a canvas requiring an\nunusually large amount buffer to be allocated from video memory. This\nresulted in memory resource exhaustion with some Intel video cards,\nrequiring the computer to be rebooted to return functionality. This was\nresolved by putting in additional checks on the amount of memory to be\nallocated during graphics processing.\n\n- CVE-2016-1957 (resource consumption)\n\nSecurity researchers Jose Martinez and Romina Santillan reported a\nmemory leak in the libstagefright library when array destruction occurs\nduring MPEG4 video file processing.\n\n- CVE-2016-1958 (addressbar spoofing)\n\nSecurity researcher Abdulrahman Alqabandi reported an issue where an\nattacker can load an arbitrary web page but the addressbar's displayed\nURL will be blank or filled with page defined content. This can be used\nto obfuscate which page is currently loaded and allows for an attacker\nto spoof an existing page without the malicious page's address being\ndisplayed correctly.\n\n- CVE-2016-1959 (denial of service)\n\nSecurity researcher Looben Yang reported a mechanism where the Clients\nAPI in Service Workers can be used to trigger an out-of-bounds read in\nServiceWorkerManager. This results in a potentially exploitable crash.\n\n- CVE-2016-1960 (arbitrary code execution)\n\nSecurity researcher ca0nguyen, working with HP's Zero Day Initiative,\nreported a use-after-free issue in the HTML5 string parser when parsing\na particular set of table-related tags in a foreign fragment context\nsuch as SVG. This results in a potentially exploitable crash.\n\n- CVE-2016-1961 (arbitrary code execution)\n\nSecurity researcher lokihardt, working with HP's Zero Day Initiative,\nreported a use-after-free issue in the SetBody function of HTMLDocument.\nThis results in a potentially exploitable crash.\n\n- CVE-2016-1962 (arbitrary code execution)\n\nSecurity researcher Dominique Haza&#235;l-Massieux reported a use-after-free\nissue when using multiple WebRTC data channel connections. This causes a\npotentially exploitable crash when a data channel connection is freed\nfrom within a call through it.\n\n- CVE-2016-1977 CVE-2016-2790 CVE-2016-2791 CVE-2016-2792 CVE-2016-2793\n CVE-2016-2794 CVE-2016-2795 CVE-2016-2796 CVE-2016-2797 CVE-2016-2798\n CVE-2016-2799 CVE-2016-2800 CVE-2016-2801 CVE-2016-2802\n (buffer overflow)\n\nSecurity researcher Holger Fuhrmannek and Mozilla security engineer\nTyson Smith reported a number of security vulnerabilities in the\nGraphite 2 library affecting version 1.3.5.\nThe issue reported by Holger Fuhrmannek is a mechanism to induce stack\ncorruption with a malicious graphite font. This leads to a potentially\nexploitable crash when the font is loaded.\nTyson Smith used the Address Sanitizer tool in concert with a custom\nsoftware fuzzer to find a series of uninitialized memory, out-of-bounds\nread, and out-of-bounds write errors when working with fuzzed graphite\nfonts.\n\n- CVE-2016-1963 (denial of service)\n\nSecurity researcher Oriol reported memory corruption when local files\nare modified (by either the user or another program) at the same time\nbeing read using the FileReader API. This flaw requires that input be\ntaken from a local file in order to be triggered and cannot be triggered\nby web content. This results in a potentially exploitable crash when\ntriggered.\n\n- CVE-2016-1964 (arbitrary code execution)\n\nSecurity researcher Nicolas Gr&#233;goire used the Address Sanitizer to find\na use-after-free during XML transformation operations. This results in a\npotentially exploitable crash triggerable by web content.\n\n- CVE-2016-1965 (addressbar spoofing)\n\nSecurity researcher Tsubasa Iinuma reported a mechanism where the\ndisplayed addressbar can be spoofed to users. This issue involves using\nhistory navigation in concert with the Location protocol property. After\nnavigating from a malicious page to another, if the user navigates back\nto the initial page, the displayed URL will not reflect the reloaded\npage. This could be used to trick users into potentially treating the\npage as a different and trusted site.\n\n- CVE-2016-1966 (remote code execution)\n\nThe Communications Electronics Security Group (UK) of the GCHQ reported\na dangling pointer dereference within the Netscape Plugin Application\nProgramming Interface (NPAPI) that could lead to the NPAPI subsystem\ncrashing. This issue requires a maliciously crafted NPAPI plugin in\nconcert with scripted web content, resulting in a potentially\nexploitable crash when triggered.\n\n- CVE-2016-1967 (same-origin policy bypass)\n\nSecurity researcher Jordi Chancel discovered a variant of Mozilla\nFoundation Security Advisory 2015-136 which was fixed in Firefox 43. In\nthe original bug, it was possible to read cross-origin URLs following a\nredirect if performance.getEntries() was used along with an iframe to\nhost a page. Navigating back in history through script, content was\npulled from the browser cache for the redirected location instead of\ngoing to the original location. In the newly reported variant issue, it\nwas found that if a browser session was restored, history navigation\nwould still allow for the same attack as content was restored from the\nbrowser cache. This is a same-origin policy violation and could allow\nfor data theft.\n\n- CVE-2016-1968 (remote code execution)\n\nSecurity researcher Luke Li reported a pointer underflow bug in the\nBrotli library's decompression that leads to a buffer overflow. This\nresults in a potentially exploitable crash when triggered.\n\n- CVE-2016-1970 CVE-2016-1971 CVE-2016-1972 CVE-2016-1975 CVE-2016-197\n (denial of service)\n\nSecurity researcher Ronald Crane reported five &quot;moderate&quot; rated\nvulnerabilities affecting released code that were found through code\ninspection. These included the following issues in WebRTC: an integer\nunderflow, a missing status check, race condition, and a use of deleted\npointers to create new object. A race condition in LibVPX was also\nidentified. These do not all have clear mechanisms to be exploited\nthrough web content but are vulnerable if a mechanism can be found to\ntrigger them.\n\n- CVE-2016-1973 (use-after-free)\n\nSecurity researcher Ronald Crane reported a race condition in\nGetStaticInstance in WebRTC which results in a use-after-free. This\ncould result in a potentially exploitable crash. This issue was found\nthrough code inspection and does not have clear mechanism to be\nexploited through web content but is vulnerable if a mechanism can be\nfound to trigger it.\n\n- CVE-2016-1974 (denial of service)\n\nSecurity researcher Ronald Crane reported an out-of-bounds read\nfollowing a failed allocation in the HTML parser while working with\nunicode strings. This can also affect the parsing of XML and SVG format\ndata. This leads to a potentially exploitable crash.", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-03-09T00:00:00", "type": "archlinux", "title": "firefox: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1953", "CVE-2016-2790", "CVE-2016-1971", "CVE-2016-1957", "CVE-2016-1972", "CVE-2016-2792", "CVE-2016-1977", "CVE-2016-1975", "CVE-2016-2798", "CVE-2016-1974", "CVE-2016-1973", "CVE-2016-2801", "CVE-2016-2797", "CVE-2016-1960", "CVE-2016-1959", "CVE-2016-1966", "CVE-2016-2802", "CVE-2016-2800", "CVE-2016-1955", "CVE-2016-2795", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1970", "CVE-2016-1952", "CVE-2016-2796", "CVE-2016-2799", "CVE-2016-1956", "CVE-2016-2793", "CVE-2016-1961", "CVE-2016-1976", "CVE-2016-1968", "CVE-2016-1967", "CVE-2016-2794", "CVE-2016-1954", "CVE-2016-2791", "CVE-2016-1965", "CVE-2016-1964", "CVE-2016-1958"], "modified": "2016-03-09T00:00:00", "id": "ASA-201603-4", "href": "https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:32", "description": "\n\nMozilla Foundation reports:\n\nMFSA 2016-16 Miscellaneous memory safety hazards (rv:45.0\n\t / rv:38.7)\nMFSA 2016-17 Local file overwriting and potential\n\t privilege escalation through CSP reports\nMFSA 2016-18 CSP reports fail to strip location\n\t information for embedded iframe pages\nMFSA 2016-19 Linux video memory DOS with Intel\n\t drivers\nMFSA 2016-20 Memory leak in libstagefright when deleting\n\t an array during MP4 processing\nMFSA 2016-21 Displayed page address can be overridden\nMFSA 2016-22 Service Worker Manager out-of-bounds read in\n\t Service Worker Manager\nMFSA 2016-23 Use-after-free in HTML5 string parser\nMFSA 2016-24 Use-after-free in SetBody\nMFSA 2016-25 Use-after-free when using multiple WebRTC\n\t data channels\nMFSA 2016-26 Memory corruption when modifying a file\n\t being read by FileReader\nMFSA 2016-27 Use-after-free during XML\n\t transformations\nMFSA 2016-28 Addressbar spoofing though history\n\t navigation and Location protocol property\nMFSA 2016-29 Same-origin policy violation using\n\t perfomance.getEntries and history navigation with session\n\t restore\nMFSA 2016-31 Memory corruption with malicious NPAPI\n\t plugin\nMFSA 2016-32 WebRTC and LibVPX vulnerabilities found\n\t through code inspection\nMFSA 2016-33 Use-after-free in GetStaticInstance in\n\t WebRTC\nMFSA 2016-34 Out-of-bounds read in HTML parser following\n\t a failed allocation\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-03-08T00:00:00", "type": "freebsd", "title": "mozilla -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1959", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1967", "CVE-2016-1970", "CVE-2016-1971", "CVE-2016-1972", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1975", "CVE-2016-1976"], "modified": "2016-03-08T00:00:00", "id": "2225C5B4-1E5A-44FC-9920-B3201C384A15", "href": "https://vuxml.freebsd.org/freebsd/2225c5b4-1e5a-44fc-9920-b3201c384a15.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2022-03-17T13:03:51", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3520-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMarch 18, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : icedove\nCVE ID : CVE-2016-1950 CVE-2016-1954 CVE-2016-1957 CVE-2016-1960 \n CVE-2016-1961 CVE-2016-1962 CVE-2016-1964 CVE-2016-1966\n CVE-2016-1974 CVE-2016-1977 CVE-2016-2790 CVE-2016-2791\n CVE-2016-2792 CVE-2016-2793 CVE-2016-2794 CVE-2016-2795\n CVE-2016-2796 CVE-2016-2797 CVE-2016-2798 CVE-2016-2799\n CVE-2016-2800 CVE-2016-2801 CVE-2016-2802\n\nMultiple security issues have been found in Icedove, Debian&#x27;s version of\nthe Mozilla Thunderbird mail client: Multiple memory safety errors,\ninteger overflows, buffer overflows and other implementation errors may\nlead to the execution of arbitrary code or denial of service.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 38.7.0-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 38.7.0-1~deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 38.7.0-1.\n\nWe recommend that you upgrade your icedove packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-03-18T21:06:06", "type": "debian", "title": "[SECURITY] [DSA 3520-1] icedove security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1950", &quo