Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | New iceweasel packages fix several vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | DSA-1489 | First vendor Publication | 2008-02-10 |
| Vendor | Debian | Last vendor Modification | 2008-02-10 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 9.3 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-0412 Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul Nickerson discovered crashes in the layout engine, which might allow the execution of arbitrary code. CVE-2008-0413 Carsten Book, Wesley Garland, Igor Bukanov, "moz_bug_r_a4", "shutdown", Philip Taylor and "tgirmann" discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. CVE-2008-0414 "hong" and Gregory Fleisher discovered that file input focus vulnerabilities in the file upload control could allow information disclosure of local files. CVE-2008-0415 "moz_bug_r_a4" and Boris Zbarsky discovered discovered several vulnerabilities in Javascript handling, which could allow privilege escalation. CVE-2008-0417 Justin Dolske discovered that the password storage machanism could be abused by malicious web sites to corrupt existing saved passwords. CVE-2008-0418 Gerry Eisenhaur and "moz_bug_r_a4" discovered that a directory traversal vulnerability in chrome: URI handling could lead to information disclosure. CVE-2008-0419 David Bloom discovered a race condition in the image handling of designMode elements, which can lead to information disclosure or potentially the execution of arbitrary code. CVE-2008-0591 Michal Zalewski discovered that timers protecting security-sensitive dialogs (which disable dialog elements until a timeout is reached) could be bypassed by window focus changes through Javascript. CVE-2008-0592 It was discovered that malformed content declarations of saved attachments could prevent a user in the opening local files with a ".txt" file name, resulting in minor denial of service. CVE-2008-0593 Martin Straka discovered that insecure stylesheet handling during redirects could lead to information disclosure. CVE-2008-0594 Emil Ljungdahl and Lars-Olof Moilanen discovered that phishing protections could be bypassed with elements. For the stable distribution (etch), these problems have been fixed in version 2.0.0.12-0etch1. The Mozilla products from the old stable distribution (sarge) are no longer supported with security updates. We recommend that you upgrade your iceweasel packages. |
Original Source
| Url : http://www.debian.org/security/2008/dsa-1489 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 33 % | CWE-399 | Resource Management Errors |
| 22 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
| 11 % | CWE-200 | Information Exposure |
| 11 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 11 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
| 11 % | CWE-20 | Improper Input Validation |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:10075 | |||
| Oval ID: | oval:org.mitre.oval:def:10075 | ||
| Title: | Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems. | ||
| Description: | Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-0593 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:10385 | |||
| Oval ID: | oval:org.mitre.oval:def:10385 | ||
| Title: | The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2) certain uses of watch and eval, (3) certain uses of the mousedown event listener, and other vectors. | ||
| Description: | The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2) certain uses of watch and eval, (3) certain uses of the mousedown event listener, and other vectors. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-0413 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:10573 | |||
| Oval ID: | oval:org.mitre.oval:def:10573 | ||
| Title: | The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableFrame::GetFrameAtOrBefore, (2) nsAccessibilityService::GetAccessible, (3) nsBindingManager::GetNestedInsertionPoint, (4) nsXBLPrototypeBinding::AttributeChanged, (5) nsColumnSetFrame::GetContentInsertionFrame, and (6) nsLineLayout::TrimTrailingWhiteSpaceIn methods, and other vectors. | ||
| Description: | The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableFrame::GetFrameAtOrBefore, (2) nsAccessibilityService::GetAccessible, (3) nsBindingManager::GetNestedInsertionPoint, (4) nsXBLPrototypeBinding::AttributeChanged, (5) nsColumnSetFrame::GetContentInsertionFrame, and (6) nsLineLayout::TrimTrailingWhiteSpaceIn methods, and other vectors. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-0412 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:10705 | |||
| Oval ID: | oval:org.mitre.oval:def:10705 | ||
| Title: | Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js. | ||
| Description: | Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-0418 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:10900 | |||
| Oval ID: | oval:org.mitre.oval:def:10900 | ||
| Title: | Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the "dialog refocus bug" or "ffclick2". | ||
| Description: | Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the "dialog refocus bug" or "ffclick2". | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-0591 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17533 | |||
| Oval ID: | oval:org.mitre.oval:def:17533 | ||
| Title: | USN-576-1 -- firefox vulnerabilities | ||
| Description: | Various flaws were discovered in the browser and JavaScript engine. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-576-1 CVE-2008-0412 CVE-2008-0413 CVE-2008-0414 CVE-2008-0415 CVE-2008-0416 CVE-2008-0417 CVE-2008-0418 CVE-2008-0419 CVE-2008-0420 CVE-2008-0591 CVE-2008-0592 CVE-2008-0593 CVE-2008-0594 | Version: | 7 |
| Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17594 | |||
| Oval ID: | oval:org.mitre.oval:def:17594 | ||
| Title: | USN-582-1 -- mozilla-thunderbird, thunderbird vulnerabilities | ||
| Description: | It was discovered that Thunderbird did not properly set the size of a buffer when parsing an external-body MIME-type. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-582-1 CVE-2008-0304 CVE-2008-0412 CVE-2008-0413 CVE-2008-0415 CVE-2008-0418 CVE-2008-0420 CVE-2008-0591 | Version: | 7 |
| Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | mozilla-thunderbird thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18417 | |||
| Oval ID: | oval:org.mitre.oval:def:18417 | ||
| Title: | DSA-1485-2 icedove - several vulnerabilities | ||
| Description: | Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1485-2 CVE-2008-0412 CVE-2008-0413 CVE-2008-0414 CVE-2008-0415 CVE-2008-0416 CVE-2008-0417 CVE-2008-0418 CVE-2008-0419 CVE-2008-0591 CVE-2008-0592 CVE-2008-0593 CVE-2008-0594 | Version: | 7 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | icedove |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18434 | |||
| Oval ID: | oval:org.mitre.oval:def:18434 | ||
| Title: | DSA-1489-1 iceweasel - several vulnerabilities | ||
| Description: | Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1489-1 CVE-2008-0412 CVE-2008-0413 CVE-2008-0414 CVE-2008-0415 CVE-2008-0416 CVE-2008-0417 CVE-2008-0418 CVE-2008-0419 CVE-2008-0591 CVE-2008-0592 CVE-2008-0593 CVE-2008-0594 | Version: | 7 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceweasel |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20074 | |||
| Oval ID: | oval:org.mitre.oval:def:20074 | ||
| Title: | DSA-1506-1 iceape - several vulnerabilities | ||
| Description: | Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1506-1 CVE-2008-0412 CVE-2008-0413 CVE-2008-0414 CVE-2008-0415 CVE-2008-0417 CVE-2008-0418 CVE-2008-0419 CVE-2008-0591 CVE-2008-0592 CVE-2008-0593 CVE-2008-0594 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceape |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20267 | |||
| Oval ID: | oval:org.mitre.oval:def:20267 | ||
| Title: | DSA-1484-1 xulrunner - several vulnerabilities | ||
| Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1484-1 CVE-2008-0412 CVE-2008-0413 CVE-2008-0414 CVE-2008-0415 CVE-2008-0416 CVE-2008-0417 CVE-2008-0418 CVE-2008-0419 CVE-2008-0591 CVE-2008-0592 CVE-2008-0593 CVE-2008-0594 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xulrunner |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:21756 | |||
| Oval ID: | oval:org.mitre.oval:def:21756 | ||
| Title: | ELSA-2008:0105: thunderbird security update (Critical) | ||
| Description: | Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2008:0105-02 CVE-2008-0304 CVE-2008-0412 CVE-2008-0413 CVE-2008-0415 CVE-2008-0418 CVE-2008-0419 CVE-2008-0420 CVE-2008-0591 CVE-2008-0592 CVE-2008-0593 | Version: | 45 |
| Platform(s): | Oracle Linux 5 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22437 | |||
| Oval ID: | oval:org.mitre.oval:def:22437 | ||
| Title: | ELSA-2008:0103: firefox security update (Critical) | ||
| Description: | Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2008:0103-01 CVE-2008-0412 CVE-2008-0413 CVE-2008-0415 CVE-2008-0416 CVE-2008-0417 CVE-2008-0418 CVE-2008-0419 CVE-2008-0420 CVE-2008-0591 CVE-2008-0592 CVE-2008-0593 | Version: | 49 |
| Platform(s): | Oracle Linux 5 | Product(s): | firefox |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:7909 | |||
| Oval ID: | oval:org.mitre.oval:def:7909 | ||
| Title: | DSA-1489 iceweasel -- several vulnerabilities | ||
| Description: | Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems: Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul Nickerson discovered crashes in the layout engine, which might allow the execution of arbitrary code. Carsten Book, Wesley Garland, Igor Bukanov, moz_bug_r_a4, shutdown, Philip Taylor and tgirmann discovered crashes in the JavaScript engine, which might allow the execution of arbitrary code. hong and Gregory Fleischer discovered that file input focus vulnerabilities in the file upload control could allow information disclosure of local files. moz_bug_r_a4 and Boris Zbarsky discovered several vulnerabilities in JavaScript handling, which could allow privilege escalation. Justin Dolske discovered that the password storage mechanism could be abused by malicious web sites to corrupt existing saved passwords. Gerry Eisenhaur and moz_bug_r_a4 discovered that a directory traversal vulnerability in chrome: URI handling could lead to information disclosure. David Bloom discovered a race condition in the image handling of designMode elements, which can lead to information disclosure and potentially the execution of arbitrary code. Michal Zalewski discovered that timers protecting security-sensitive dialogs (by disabling dialog elements until a timeout is reached) could be bypassed by window focus changes through JavaScript. It was discovered that malformed content declarations of saved attachments could prevent a user from opening local files with a .txt file name, resulting in minor denial of service. Martin Straka discovered that insecure stylesheet handling during redirects could lead to information disclosure. Emil Ljungdahl and Lars-Olof Moilanen discovered that phishing protections could be bypassed with div elements. The Mozilla products from the old stable distribution (sarge) are no longer supported with security updates. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1489 CVE-2008-0412 CVE-2008-0413 CVE-2008-0414 CVE-2008-0415 CVE-2008-0416 CVE-2008-0417 CVE-2008-0418 CVE-2008-0419 CVE-2008-0591 CVE-2008-0592 CVE-2008-0593 CVE-2008-0594 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceweasel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:8162 | |||
| Oval ID: | oval:org.mitre.oval:def:8162 | ||
| Title: | DSA-1506 iceape -- several vulnerabilities | ||
| Description: | Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite. The Common Vulnerabilities and Exposures project identifies the following problems: Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul Nickerson discovered crashes in the layout engine, which might allow the execution of arbitrary code. Carsten Book, Wesley Garland, Igor Bukanov, moz_bug_r_a4, shutdown, Philip Taylor and tgirmann discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. hong and Gregory Fleischer discovered that file input focus vulnerabilities in the file upload control could allow information disclosure of local files. moz_bug_r_a4 and Boris Zbarsky discovered several vulnerabilities in Javascript handling, which could allow privilege escalation. Justin Dolske discovered that the password storage mechanism could be abused by malicious web sites to corrupt existing saved passwords. Gerry Eisenhaur and moz_bug_r_a4 discovered that a directory traversal vulnerability in chrome: URI handling could lead to information disclosure. David Bloom discovered a race condition in the image handling of designMode elements, which can lead to information disclosure and potentially the execution of arbitrary code. Michal Zalewski discovered that timers protecting security-sensitive dialogs (by disabling dialog elements until a timeout is reached) could be bypassed by window focus changes through Javascript. It was discovered that malformed content declarations of saved attachments could prevent a user in the opening local files with a .txt file name, resulting in minor denial of service. Martin Straka discovered that insecure stylesheet handling during redirects could lead to information disclosure. Emil Ljungdahl and Lars-Olof Moilanen discovered that phishing protections could be bypassed with div elements. The Mozilla products from the old stable distribution (sarge) are no longer supported with security updates. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1506 CVE-2008-0412 CVE-2008-0413 CVE-2008-0414 CVE-2008-0415 CVE-2008-0417 CVE-2008-0418 CVE-2008-0419 CVE-2008-0591 CVE-2008-0592 CVE-2008-0593 CVE-2008-0594 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceape |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:9897 | |||
| Oval ID: | oval:org.mitre.oval:def:9897 | ||
| Title: | Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs." | ||
| Description: | Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-0415 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:9972 | |||
| Oval ID: | oval:org.mitre.oval:def:9972 | ||
| Title: | Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a "Content-Disposition: attachment" and an invalid "Content-Type: plain/text," which prevents Firefox from rendering future plain text files within the browser. | ||
| Description: | Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a "Content-Disposition: attachment" and an invalid "Content-Type: plain/text," which prevents Firefox from rendering future plain text files within the browser. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-0592 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2009-10-10 | Name : SLES9: Security update for Mozilla File : nvt/sles9p5021982.nasl |
| 2009-04-09 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2008_062.nasl |
| 2009-04-09 | Name : Mandriva Update for mozilla-firefox MDVSA-2008:048 (mozilla-firefox) File : nvt/gb_mandriva_MDVSA_2008_048.nasl |
| 2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-576-1 File : nvt/gb_ubuntu_USN_576_1.nasl |
| 2009-03-23 | Name : Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-582-1 File : nvt/gb_ubuntu_USN_582_1.nasl |
| 2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-592-1 File : nvt/gb_ubuntu_USN_592_1.nasl |
| 2009-03-23 | Name : Ubuntu Update for mozilla-thunderbird USN-582-2 File : nvt/gb_ubuntu_USN_582_2.nasl |
| 2009-03-06 | Name : RedHat Update for seamonkey RHSA-2008:0104-01 File : nvt/gb_RHSA-2008_0104-01_seamonkey.nasl |
| 2009-03-06 | Name : RedHat Update for thunderbird RHSA-2008:0105-02 File : nvt/gb_RHSA-2008_0105-02_thunderbird.nasl |
| 2009-03-06 | Name : RedHat Update for thunderbird RHSA-2008:0105-01 File : nvt/gb_RHSA-2008_0105-01_thunderbird.nasl |
| 2009-03-06 | Name : RedHat Update for firefox RHSA-2008:0103-01 File : nvt/gb_RHSA-2008_0103-01_firefox.nasl |
| 2009-02-27 | Name : CentOS Update for firefox CESA-2008:0103 centos5 i386 File : nvt/gb_CESA-2008_0103_firefox_centos5_i386.nasl |
| 2009-02-27 | Name : CentOS Update for firefox CESA-2008:0103 centos3 i386 File : nvt/gb_CESA-2008_0103_firefox_centos3_i386.nasl |
| 2009-02-27 | Name : CentOS Update for firefox CESA-2008:0103 centos3 x86_64 File : nvt/gb_CESA-2008_0103_firefox_centos3_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for firefox CESA-2008:0103 centos4 x86_64 File : nvt/gb_CESA-2008_0103_firefox_centos4_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for firefox CESA-2008:0103 centos4 i386 File : nvt/gb_CESA-2008_0103_firefox_centos4_i386.nasl |
| 2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0105 centos5 x86_64 File : nvt/gb_CESA-2008_0105_thunderbird_centos5_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0105 centos5 i386 File : nvt/gb_CESA-2008_0105_thunderbird_centos5_i386.nasl |
| 2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0105 centos4 x86_64 File : nvt/gb_CESA-2008_0105_thunderbird_centos4_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0105 centos4 i386 File : nvt/gb_CESA-2008_0105_thunderbird_centos4_i386.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0104 centos4 x86_64 File : nvt/gb_CESA-2008_0104_seamonkey_centos4_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0104 centos4 i386 File : nvt/gb_CESA-2008_0104_seamonkey_centos4_i386.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0104 centos3 x86_64 File : nvt/gb_CESA-2008_0104_seamonkey_centos3_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0104 centos3 i386 File : nvt/gb_CESA-2008_0104_seamonkey_centos3_i386.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0104-01 centos2 i386 File : nvt/gb_CESA-2008_0104-01_seamonkey_centos2_i386.nasl |
| 2009-02-27 | Name : CentOS Update for firefox CESA-2008:0103 centos5 x86_64 File : nvt/gb_CESA-2008_0103_firefox_centos5_x86_64.nasl |
| 2009-02-16 | Name : Fedora Update for chmsee FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_chmsee_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for devhelp FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_devhelp_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for epiphany-extensions FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_epiphany-extensions_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for epiphany FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_epiphany_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for firefox FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_firefox_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for galeon FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_galeon_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_gnome-python2-extras_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for gnome-web-photo FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_gnome-web-photo_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for thunderbird FEDORA-2008-2118 File : nvt/gb_fedora_2008_2118_thunderbird_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_gtkmozembedmm_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for kazehakase FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_kazehakase_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for liferea FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_liferea_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for openvrml FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_openvrml_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_ruby-gnome2_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for yelp FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_yelp_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for seamonkey FEDORA-2008-1669 File : nvt/gb_fedora_2008_1669_seamonkey_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for thunderbird FEDORA-2008-2060 File : nvt/gb_fedora_2008_2060_thunderbird_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_gtkmozembedmm_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for Miro FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_Miro_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for Miro FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_Miro_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for chmsee FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_chmsee_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for devhelp FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_devhelp_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for epiphany-extensions FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_epiphany-extensions_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for epiphany FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_epiphany_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for firefox FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_firefox_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for galeon FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_galeon_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_gnome-python2-extras_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for kazehakase FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_kazehakase_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for liferea FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_liferea_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for openvrml FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_openvrml_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_ruby-gnome2_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for yelp FEDORA-2008-1435 File : nvt/gb_fedora_2008_1435_yelp_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for seamonkey FEDORA-2008-1459 File : nvt/gb_fedora_2008_1459_seamonkey_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for blam FEDORA-2008-1535 File : nvt/gb_fedora_2008_1535_blam_fc8.nasl |
| 2009-01-23 | Name : SuSE Update for MozillaFirefox,seamonkey SUSE-SA:2008:008 File : nvt/gb_suse_2008_008.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200805-18 (mozilla ...) File : nvt/glsa_200805_18.nasl |
| 2008-09-04 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox31.nasl |
| 2008-06-17 | Name : Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Lin) File : nvt/mozilla_CB-A08-0017.nasl |
| 2008-06-17 | Name : Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Win) File : nvt/smbcl_mozilla.nasl |
| 2008-03-27 | Name : Debian Security Advisory DSA 1506-2 (iceape) File : nvt/deb_1506_2.nasl |
| 2008-03-19 | Name : Debian Security Advisory DSA 1485-2 (icedove) File : nvt/deb_1485_2.nasl |
| 2008-02-28 | Name : Debian Security Advisory DSA 1506-1 (iceape) File : nvt/deb_1506_1.nasl |
| 2008-02-15 | Name : Debian Security Advisory DSA 1489-1 (iceweasel) File : nvt/deb_1489_1.nasl |
| 2008-02-15 | Name : Debian Security Advisory DSA 1485-1 (icedove) File : nvt/deb_1485_1.nasl |
| 2008-02-15 | Name : Debian Security Advisory DSA 1484-1 (xulrunner) File : nvt/deb_1484_1.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2008-061-01 mozilla-thunderbird File : nvt/esoft_slk_ssa_2008_061_01.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 43462 | Mozilla Multiple Products XML Document XMLDocument.cloneNode() Function Arbi... Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs." |
| 43461 | Mozilla Multiple Products XMLDocument.load() Subframe XSS Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs." |
| 43460 | Mozilla Multiple Products DOMImplementation.createDocument() Arbitrary Code ... Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs." |
| 43459 | Mozilla Multiple Products XPCNativeWrapper Redefine Bypass Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs." |
| 43458 | Mozilla Multiple Products XPCNativeWrapper js_GetClassPrototype .prototype B... Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs." |
| 43457 | Mozilla Multiple Products Array.prototype Method javascript: URL XSS Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs." |
| 43456 | Mozilla Multiple Products Exception Objects PAC Privilege Escalation Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs." |
| 43226 | Mozilla Firefox DIV Tag Web Forgery Warning Bypass |
| 42056 | Mozilla Multiple Browsers Character Encoding Multiple Unspecified XSS |
| 41225 | Mozilla Multiple Browsers Locally Saved Plain-text File Handling Manipulation Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a "Content-Disposition: attachment" and an invalid "Content-Type: plain/text," which prevents Firefox from rendering future plain text files within the browser. |
| 41224 | Mozilla Firefox Stored Password Corruption CRLF CRLF injection vulnerability in Mozilla Firefox before 2.0.0.12 allows remote user-assisted web sites to corrupt the user's password store via newlines that are not properly handled when the user saves a password. |
| 41223 | Mozilla Multiple Products JavaScript Engine Multiple Unspecified Memory Corr... The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2) certain uses of watch and eval, (3) certain uses of the mousedown event listener, and other vectors. |
| 41222 | Mozilla Multiple Products Browser Engine Multiple Unspecified Memory Corruption |
| 41221 | Mozilla Multiple Browsers File Input Focus Stealing Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to trick the user into uploading arbitrary files via label tags that shift focus to a file input field, aka "focus spoofing." |
| 41220 | Mozilla Multiple Products xpconnect Multiple Function javascript: URI Handli... Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs." |
| 41218 | Mozilla Multiple Browsers designMode Frame Forward Navigation Information Dis... Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service (crash) via images in a page that uses designMode frames, which triggers memory corruption related to resize handles. |
| 41217 | Mozilla Multiple Browsers Timer-enabled Security Dialog Tampering Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 allows user-assisted remote attackers to cause users to confirm a timer-enabled security dialog by using a timer to change the window focus. |
| 41215 | Mozilla Multiple Browsers Stylesheet Redirect URL Token Disclosure Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modifies the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems. |
| 41187 | Mozilla Firefox chrome: URI Traversal Local Script Inclusion Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0208.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0105.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0104.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0103.nasl - Type : ACT_GATHER_INFO |
| 2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-582-2.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20080207_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080207_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080207_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-062.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-048.nasl - Type : ACT_GATHER_INFO |
| 2008-05-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200805-18.nasl - Type : ACT_GATHER_INFO |
| 2008-03-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-592-1.nasl - Type : ACT_GATHER_INFO |
| 2008-03-28 | Name : The remote openSUSE host is missing a security update. File : suse_mozilla-xulrunner-5123.nasl - Type : ACT_GATHER_INFO |
| 2008-03-28 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mozilla-xulrunner-5118.nasl - Type : ACT_GATHER_INFO |
| 2008-03-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0208.nasl - Type : ACT_GATHER_INFO |
| 2008-03-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0208.nasl - Type : ACT_GATHER_INFO |
| 2008-03-19 | Name : The remote openSUSE host is missing a security update. File : suse_epiphany-5102.nasl - Type : ACT_GATHER_INFO |
| 2008-03-19 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-5095.nasl - Type : ACT_GATHER_INFO |
| 2008-03-17 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-5098.nasl - Type : ACT_GATHER_INFO |
| 2008-03-04 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-061-01.nasl - Type : ACT_GATHER_INFO |
| 2008-03-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-582-1.nasl - Type : ACT_GATHER_INFO |
| 2008-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2118.nasl - Type : ACT_GATHER_INFO |
| 2008-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2060.nasl - Type : ACT_GATHER_INFO |
| 2008-02-27 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20012.nasl - Type : ACT_GATHER_INFO |
| 2008-02-25 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_810a5197e0d911dc891a02061b08fc24.nasl - Type : ACT_GATHER_INFO |
| 2008-02-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1506.nasl - Type : ACT_GATHER_INFO |
| 2008-02-22 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : netscape_browser_9006.nasl - Type : ACT_GATHER_INFO |
| 2008-02-18 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5012.nasl - Type : ACT_GATHER_INFO |
| 2008-02-18 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5011.nasl - Type : ACT_GATHER_INFO |
| 2008-02-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5001.nasl - Type : ACT_GATHER_INFO |
| 2008-02-14 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1669.nasl - Type : ACT_GATHER_INFO |
| 2008-02-14 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-5002.nasl - Type : ACT_GATHER_INFO |
| 2008-02-14 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-1535.nasl - Type : ACT_GATHER_INFO |
| 2008-02-14 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-1435.nasl - Type : ACT_GATHER_INFO |
| 2008-02-14 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1459.nasl - Type : ACT_GATHER_INFO |
| 2008-02-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1484.nasl - Type : ACT_GATHER_INFO |
| 2008-02-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1485.nasl - Type : ACT_GATHER_INFO |
| 2008-02-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1489.nasl - Type : ACT_GATHER_INFO |
| 2008-02-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0105.nasl - Type : ACT_GATHER_INFO |
| 2008-02-11 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0105.nasl - Type : ACT_GATHER_INFO |
| 2008-02-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0104.nasl - Type : ACT_GATHER_INFO |
| 2008-02-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0104.nasl - Type : ACT_GATHER_INFO |
| 2008-02-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0103.nasl - Type : ACT_GATHER_INFO |
| 2008-02-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-576-1.nasl - Type : ACT_GATHER_INFO |
| 2008-02-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0103.nasl - Type : ACT_GATHER_INFO |
| 2008-02-08 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_118.nasl - Type : ACT_GATHER_INFO |
| 2008-02-08 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_20012.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:27:19 |
|
