Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | New icedove packages fix several vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | DSA-1696 | First vendor Publication | 2009-01-07 |
| Vendor | Debian | Last vendor Modification | 2009-01-07 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-0016 Justin Schuh, Tom Cross and Peter Williams discovered a buffer overflow in the parser for UTF-8 URLs, which may lead to the execution of arbitrary code. (MFSA 2008-37) CVE-2008-1380 It was discovered that crashes in the Javascript engine could potentially lead to the execution of arbitrary code. (MFSA 2008-20) CVE-2008-3835 "moz_bug_r_a4" discovered that the same-origin check in nsXMLDocument::OnChannelRedirect() could be bypassed. (MFSA 2008-38) CVE-2008-4058 "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. (MFSA 2008-41) CVE-2008-4059 "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. (MFSA 2008-41) CVE-2008-4060 Olli Pettay and "moz_bug_r_a4" discovered a Chrome privilege escalation vulnerability in XSLT handling. (MFSA 2008-41) CVE-2008-4061 Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. (MFSA 2008-42) CVE-2008-4062 Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. (MFSA 2008-42) CVE-2008-4065 Dave Reed discovered that some Unicode byte order marks are stripped from Javascript code before execution, which can result in code being executed, which were otherwise part of a quoted string. (MFSA 2008-43) CVE-2008-4067 It was discovered that a directory traversal allows attackers to read arbitrary files via a certain characters. (MFSA 2008-44) CVE-2008-4068 It was discovered that a directory traversal allows attackers to bypass security restrictions and obtain sensitive information. (MFSA 2008-44) CVE-2008-4070 It was discovered that a buffer overflow could be triggered via a long header in a news article, which could lead to arbitrary code execution. (MFSA 2008-46) CVE-2008-4582 Liu Die Yu and Boris Zbarsky discovered an information leak through local shortcut files. (MFSA 2008-47 MFSA 2008-59) CVE-2008-5012 Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions. (MFSA 2008-48) CVE-2008-5014 Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution. (MFSA 2008-50) CVE-2008-5017 It was discovered that crashes in the layout engine could lead to arbitrary code execution. (MFSA 2008-52) CVE-2008-5018 It was discovered that crashes in the Javascript engine could lead to arbitrary code execution. (MFSA 2008-52) CVE-2008-5021 It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code. (MFSA 2008-55) CVE-2008-5022 "moz_bug_r_a4" discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners() could be bypassed. (MFSA 2008-56) CVE-2008-5024 Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents. (MFSA 2008-58) CVE-2008-5500 Jesse Ruderman discovered that the layout engine is vulnerable to DoS attacks that might trigger memory corruption and an integer overflow. (MFSA 2008-60) CVE-2008-5503 Boris Zbarsky discovered that an information disclosure attack could be performed via XBL bindings. (MFSA 2008-61) CVE-2008-5506 Marius Schilder discovered that it is possible to obtain sensible data via a XMLHttpRequest. (MFSA 2008-64) CVE-2008-5507 Chris Evans discovered that it is possible to obtain sensible data via a JavaScript URL. (MFSA 2008-65) CVE-2008-5508 Chip Salzenberg discovered possible phishing attacks via URLs with leading whitespaces or control characters. (MFSA 2008-66) CVE-2008-5511 It was discovered that it is possible to perform cross-site scripting attacks via an XBL binding to an "unloaded document." (MFSA 2008-68) CVE-2008-5512 It was discovered that it is possible to run arbitrary JavaScript with chrome privileges via unknown vectors. (MFSA 2008-68) For the stable distribution (etch) these problems have been fixed in version 1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1. Packages for s390 will be provided later. For the upcoming stable distribution (lenny) these problems will be fixed soon. For the unstable (sid) distribution these problems have been fixed in version 2.0.0.19-1. We recommend that you upgrade your icedove packages. |
Original Source
| Url : http://www.debian.org/security/2009/dsa-1696 |
CAPEC : Common Attack Pattern Enumeration & Classification
| Id | Name |
|---|---|
| CAPEC-26 | Leveraging Race Conditions |
| CAPEC-29 | Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions |
| CAPEC-172 | Time and State Attacks |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 27 % | CWE-264 | Permissions, Privileges, and Access Controls |
| 15 % | CWE-399 | Resource Management Errors |
| 8 % | CWE-200 | Information Exposure |
| 8 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
| 8 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 8 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
| 8 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
| 8 % | CWE-20 | Improper Input Validation |
| 4 % | CWE-362 | Race Condition |
| 4 % | CWE-287 | Improper Authentication |
| 4 % | CWE-91 | XML Injection (aka Blind XPath Injection) |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:10206 | |||
| Oval ID: | oval:org.mitre.oval:def:10206 | ||
| Title: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine and (1) misinterpretation of the characteristics of Namespace and QName in jsxml.c, (2) misuse of signed integers in the nsEscapeCount function in nsEscape.cpp, and (3) interaction of JavaScript garbage collection with certain use of an NPObject in the nsNPObjWrapper::GetNewOrUsed function in nsJSNPRuntime.cpp. | ||
| Description: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine and (1) misinterpretation of the characteristics of Namespace and QName in jsxml.c, (2) misuse of signed integers in the nsEscapeCount function in nsEscape.cpp, and (3) interaction of JavaScript garbage collection with certain use of an NPObject in the nsNPObjWrapper::GetNewOrUsed function in nsJSNPRuntime.cpp. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-4062 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:10750 | |||
| Oval ID: | oval:org.mitre.oval:def:10750 | ||
| Title: | Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin policy and access arbitrary images that are not directly accessible to the attacker. NOTE: this issue can be leveraged to enumerate software on the client by performing redirections related to moz-icon. | ||
| Description: | Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin policy and access arbitrary images that are not directly accessible to the attacker. NOTE: this issue can be leveraged to enumerate software on the client by performing redirections related to moz-icon. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5012 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:10752 | |||
| Oval ID: | oval:org.mitre.oval:def:10752 | ||
| Title: | The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page. NOTE: this is due to an incorrect fix for CVE-2008-1237. | ||
| Description: | The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page. NOTE: this is due to an incorrect fix for CVE-2008-1237. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-1380 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:10933 | |||
| Oval ID: | oval:org.mitre.oval:def:10933 | ||
| Title: | Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages." | ||
| Description: | Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-4070 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:11423 | |||
| Oval ID: | oval:org.mitre.oval:def:11423 | ||
| Title: | The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote attackers to read or access data from other domains via crafted XBL bindings. | ||
| Description: | The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote attackers to read or access data from other domains via crafted XBL bindings. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5503 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12973 | |||
| Oval ID: | oval:org.mitre.oval:def:12973 | ||
| Title: | DSA-1696-1 icedove -- several vulnerabilities | ||
| Description: | Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-0016 Justin Schuh, Tom Cross and Peter Williams discovered a buffer overflow in the parser for UTF-8 URLs, which may lead to the execution of arbitrary code. CVE-2008-1380 It was discovered that crashes in the Javascript engine could potentially lead to the execution of arbitrary code. CVE-2008-3835 "moz_bug_r_a4" discovered that the same-origin check in nsXMLDocument::OnChannelRedirect could be bypassed. CVE-2008-4058 "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. CVE-2008-4059 "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. CVE-2008-4060 Olli Pettay and "moz_bug_r_a4" discovered a Chrome privilege escalation vulnerability in XSLT handling. CVE-2008-4061 Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. CVE-2008-4062 Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. CVE-2008-4065 Dave Reed discovered that some Unicode byte order marks are stripped from Javascript code before execution, which can result in code being executed, which were otherwise part of a quoted string. CVE-2008-4067 It was discovered that a directory traversal allows attackers to read arbitrary files via a certain characters. CVE-2008-4068 It was discovered that a directory traversal allows attackers to bypass security restrictions and obtain sensitive information. CVE-2008-4070 It was discovered that a buffer overflow could be triggered via a long header in a news article, which could lead to arbitrary code execution. CVE-2008-4582 Liu Die Yu and Boris Zbarsky discovered an information leak through local shortcut files. CVE-2008-5012 Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions. CVE-2008-5014 Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution. CVE-2008-5017 It was discovered that crashes in the layout engine could lead to arbitrary code execution. CVE-2008-5018 It was discovered that crashes in the Javascript engine could lead to arbitrary code execution. CVE-2008-5021 It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code. CVE-2008-5022 "moz_bug_r_a4" discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners could be bypassed. CVE-2008-5024 Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents. CVE-2008-5500 Jesse Ruderman discovered that the layout engine is vulnerable to DoS attacks that might trigger memory corruption and an integer overflow. CVE-2008-5503 Boris Zbarsky discovered that an information disclosure attack could be performed via XBL bindings. CVE-2008-5506 Marius Schilder discovered that it is possible to obtain sensible data via a XMLHttpRequest. CVE-2008-5507 Chris Evans discovered that it is possible to obtain sensible data via a JavaScript URL. CVE-2008-5508 Chip Salzenberg discovered possible phishing attacks via URLs with leading whitespaces or control characters. CVE-2008-5511 It was discovered that it is possible to perform cross-site scripting attacks via an XBL binding to an "unloaded document." CVE-2008-5512 It was discovered that it is possible to run arbitrary JavaScript with chrome privileges via unknown vectors. For the stable distribution these problems have been fixed in version 1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1. Packages for s390 will be provided later. For the upcoming stable distribution these problems will be fixed soon. For the unstable distribution these problems have been fixed in version 2.0.0.19-1. We recommend that you upgrade your icedove packages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1696-1 CVE-2008-0016 CVE-2008-1380 CVE-2008-3835 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4067 CVE-2008-4068 CVE-2008-4070 CVE-2008-4582 CVE-2008-5012 CVE-2008-5014 CVE-2008-5017 CVE-2008-5018 CVE-2008-5021 CVE-2008-5022 CVE-2008-5024 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5508 CVE-2008-5511 CVE-2008-5512 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | icedove |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13213 | |||
| Oval ID: | oval:org.mitre.oval:def:13213 | ||
| Title: | USN-701-2 -- mozilla-thunderbird vulnerabilities | ||
| Description: | Several flaws were discovered in the browser engine. If a user had Javascript enabled, these problems could allow an attacker to crash Thunderbird and possibly execute arbitrary code with user privileges. Boris Zbarsky discovered that the same-origin check in Thunderbird could be bypassed by utilizing XBL-bindings. If a user had Javascript enabled, an attacker could exploit this to read data from other domains. Marius Schilder discovered that Thunderbird did not properly handle redirects to an outside domain when an XMLHttpRequest was made to a same-origin resource. When Javascript is enabled, it�s possible that sensitive information could be revealed in the XMLHttpRequest response. Chris Evans discovered that Thunderbird did not properly protect a user�s data when accessing a same-domain Javascript URL that is redirected to an unparsable Javascript off-site resource. If a user were tricked into opening a malicious website and had Javascript enabled, an attacker may be able to steal a limited amount of private data. Chip Salzenberg, Justin Schuh, Tom Cross, and Peter William discovered Thunderbird did not properly parse URLs when processing certain control characters. Several flaws were discovered in the Javascript engine. If a user were tricked into opening a malicious website and had Javascript enabled, an attacker could exploit this to execute arbitrary Javascript code within the context of another website or with chrome privileges | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-701-2 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5508 CVE-2008-5511 CVE-2008-5512 | Version: | 5 |
| Platform(s): | Ubuntu 6.06 | Product(s): | mozilla-thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13233 | |||
| Oval ID: | oval:org.mitre.oval:def:13233 | ||
| Title: | USN-701-1 -- thunderbird vulnerabilities | ||
| Description: | Several flaws were discovered in the browser engine. If a user had Javascript enabled, these problems could allow an attacker to crash Thunderbird and possibly execute arbitrary code with user privileges. Boris Zbarsky discovered that the same-origin check in Thunderbird could be bypassed by utilizing XBL-bindings. If a user had Javascript enabled, an attacker could exploit this to read data from other domains. Marius Schilder discovered that Thunderbird did not properly handle redirects to an outside domain when an XMLHttpRequest was made to a same-origin resource. When Javascript is enabled, it�s possible that sensitive information could be revealed in the XMLHttpRequest response. Chris Evans discovered that Thunderbird did not properly protect a user�s data when accessing a same-domain Javascript URL that is redirected to an unparsable Javascript off-site resource. If a user were tricked into opening a malicious website and had Javascript enabled, an attacker may be able to steal a limited amount of private data. Chip Salzenberg, Justin Schuh, Tom Cross, and Peter William discovered Thunderbird did not properly parse URLs when processing certain control characters. Kojima Hajime discovered that Thunderbird did not properly handle an escaped null character. An attacker may be able to exploit this flaw to bypass script sanitization. Several flaws were discovered in the Javascript engine. If a user were tricked into opening a malicious website and had Javascript enabled, an attacker could exploit this to execute arbitrary Javascript code within the context of another website or with chrome privileges | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-701-1 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5508 CVE-2008-5510 CVE-2008-5511 CVE-2008-5512 | Version: | 5 |
| Platform(s): | Ubuntu 7.10 Ubuntu 8.10 Ubuntu 8.04 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13245 | |||
| Oval ID: | oval:org.mitre.oval:def:13245 | ||
| Title: | DSA-1697-1 iceape -- several vulnerabilities | ||
| Description: | Several remote vulnerabilities have been discovered in Iceape an unbranded version of the Seamonkey internet suite. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-0016 Justin Schuh, Tom Cross and Peter Williams discovered a buffer overflow in the parser for UTF-8 URLs, which may lead to the execution of arbitrary code. CVE-2008-0304 It was discovered that a buffer overflow in MIME decoding can lead to the execution of arbitrary code. CVE-2008-2785 It was discovered that missing boundary checks on a reference counter for CSS objects can lead to the execution of arbitrary code. CVE-2008-2798 Devon Hubbard, Jesse Ruderman and Martijn Wargers discovered crashes in the layout engine, which might allow the execution of arbitrary code. CVE-2008-2799 Igor Bukanov, Jesse Ruderman and Gary Kwong discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. CVE-2008-2800 "moz_bug_r_a4" discovered several cross-site scripting vulnerabilities. CVE-2008-2801 Collin Jackson and Adam Barth discovered that Javascript code could be executed in the context or signed JAR archives. CVE-2008-2802 "moz_bug_r_a4" discovered that XUL documements can escalate privileges by accessing the pre-compiled "fastload" file. CVE-2008-2803 "moz_bug_r_a4" discovered that missing input sanitising in the mozIJSSubScriptLoader.loadSubScript function could lead to the execution of arbitrary code. Iceape itself is not affected, but some addons are. CVE-2008-2805 Claudio Santambrogio discovered that missing access validation in DOM parsing allows malicious web sites to force the browser to upload local files to the server, which could lead to information disclosure. CVE-2008-2807 Daniel Glazman discovered that a programming error in the code for parsing .properties files could lead to memory content being exposed to addons, which could lead to information disclosure. CVE-2008-2808 Masahiro Yamada discovered that file URLS in directory listings were insufficiently escaped. CVE-2008-2809 John G. Myers, Frank Benkstein and Nils Toedtmann discovered that alternate names on self-signed certificates were handled insufficiently, which could lead to spoofings of secure connections. CVE-2008-2810 It was discovered that URL shortcut files could be used to bypass the same-origin restrictions. This issue does not affect current Iceape, but might occur with additional extensions installed. CVE-2008-2811 Greg McManus discovered a crash in the block reflow code, which might allow the execution of arbitrary code. CVE-2008-2933 Billy Rios discovered that passing an URL containing a pipe symbol to Iceape can lead to Chrome privilege escalation. CVE-2008-3835 "moz_bug_r_a4" discovered that the same-origin check in nsXMLDocument::OnChannelRedirect could be bypassed. CVE-2008-3836 "moz_bug_r_a4" discovered that several vulnerabilities in feedWriter could lead to Chrome privilege escalation. CVE-2008-3837 Paul Nickerson discovered that an attacker could move windows during a mouse click, resulting in unwanted action triggered by drag-and-drop. CVE-2008-4058 "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. CVE-2008-4059 "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. CVE-2008-4060 Olli Pettay and "moz_bug_r_a4" discovered a Chrome privilege escalation vulnerability in XSLT handling. CVE-2008-4061 Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. CVE-2008-4062 Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. CVE-2008-4065 Dave Reed discovered that some Unicode byte order marks are stripped from Javascript code before execution, which can result in code being executed, which were otherwise part of a quoted string. CVE-2008-4067 Boris Zbarsky discovered that resource: URls allow directory traversal when using URL-encoded slashes. CVE-2008-4068 Georgi Guninski discovered that resource: URLs could bypass local access restrictions. CVE-2008-4069 Billy Hoffman discovered that the XBM decoder could reveal uninitialised memory. CVE-2008-4070 It was discovered that a buffer overflow could be triggered via a long header in a news article, which could lead to arbitrary code execution. CVE-2008-5012 Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions. CVE-2008-5013 It was discovered that insufficient checks in the Flash plugin glue code could lead to arbitrary code execution. CVE-2008-5014 Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution. CVE-2008-5017 It was discovered that crashes in the layout engine could lead to arbitrary code execution. CVE-2008-0017 Justin Schuh discovered that a buffer overflow in http-index-format parser could lead to arbitrary code execution. CVE-2008-5021 It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code. CVE-2008-5022 "moz_bug_r_a4" discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners could be bypassed. CVE-2008-5024 Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents. CVE-2008-4582 Liu Die Yu discovered an information leak through local shortcut files. CVE-2008-5500 Jesse Ruderman discovered that the layout engine is vulnerable to DoS attacks that might trigger memory corruption and an integer overflow. CVE-2008-5503 Boris Zbarsky discovered that an information disclosure attack could be performed via XBL bindings. CVE-2008-5506 Marius Schilder discovered that it is possible to obtain sensible data via a XMLHttpRequest. CVE-2008-5507 Chris Evans discovered that it is possible to obtain sensible data via a JavaScript URL. CVE-2008-5508 Chip Salzenberg discovered possible phishing attacks via URLs with leading whitespaces or control characters. CVE-2008-5511 It was discovered that it is possible to perform cross-site scripting attacks via an XBL binding to an "unloaded document." CVE-2008-5512 It was discovered that it is possible to run arbitrary JavaScript with chrome privileges via unknown vectors. For the stable distribution these problems have been fixed in version 1.0.13~pre080614i-0etch1. For the upcoming stable distribution distribution these problems will be fixed soon. For the unstable distribution these problems have been fixed in version 1.1.14-1. We recommend that you upgrade your iceape packages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1697-1 CVE-2008-0016 CVE-2008-0304 CVE-2008-2785 CVE-2008-2798 CVE-2008-2799 CVE-2008-2800 CVE-2008-2801 CVE-2008-2802 CVE-2008-2803 CVE-2008-2805 CVE-2008-2807 CVE-2008-2808 CVE-2008-2809 CVE-2008-2810 CVE-2008-2811 CVE-2008-2933 CVE-2008-3835 CVE-2008-3836 CVE-2008-3837 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4067 CVE-2008-4068 CVE-2008-4069 CVE-2008-4070 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5017 CVE-2008-0017 CVE-2008-5021 CVE-2008-5024 CVE-2008-5022 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5508 CVE-2008-5511 CVE-2008-5512 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceape |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13754 | |||
| Oval ID: | oval:org.mitre.oval:def:13754 | ||
| Title: | DSA-1704-2 netatalk -- arbitrary code execution | ||
| Description: | The update in DSA 1704-1 was incomplete as it missed to escape a few important characters which enabled an attacker to overwrite arbitrary files. It was discovered that netatalk, an implementation of the AppleTalk suite, is affected by a command injection vulnerability when processing PostScript streams via papd. This is leading to arbitrary remote code execution. Note that this only affects installations that are configured to use a pipe command in combination with wildcard symbols substituted with values of the printed job. For the stable distribution this problem has been fixed in version 2.0.3-4+etch2. For the unstable distribution this problem has been fixed in version 2.0.4~beta2-1.1. We recommend that you upgrade your netatalk package. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1704-2 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5508 CVE-2008-5511 CVE-2008-5512 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | netatalk |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16973 | |||
| Oval ID: | oval:org.mitre.oval:def:16973 | ||
| Title: | USN-690-3 -- firefox vulnerabilities | ||
| Description: | Several flaws were discovered in the browser engine. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-690-3 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5511 CVE-2008-5512 | Version: | 7 |
| Platform(s): | Ubuntu 6.06 | Product(s): | firefox |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:17610 | |||
| Oval ID: | oval:org.mitre.oval:def:17610 | ||
| Title: | USN-647-1 -- mozilla-thunderbird, thunderbird vulnerabilities | ||
| Description: | It was discovered that the same-origin check in Thunderbird could be bypassed. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-647-1 CVE-2008-3835 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4063 CVE-2008-4064 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4070 | Version: | 7 |
| Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | mozilla-thunderbird thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17616 | |||
| Oval ID: | oval:org.mitre.oval:def:17616 | ||
| Title: | USN-667-1 -- firefox, firefox-3.0, xulrunner-1.9 vulnerabilities | ||
| Description: | Liu Die Yu discovered an information disclosure vulnerability in Firefox when using saved .url shortcut files. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-667-1 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5015 CVE-2008-5016 CVE-2008-5017 CVE-2008-5018 CVE-2008-5019 CVE-2008-0017 CVE-2008-5021 CVE-2008-5022 CVE-2008-5023 CVE-2008-5024 | Version: | 7 |
| Platform(s): | Ubuntu 6.06 Ubuntu 7.10 Ubuntu 8.04 Ubuntu 8.10 | Product(s): | firefox firefox-3.0 xulrunner-1.9 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17739 | |||
| Oval ID: | oval:org.mitre.oval:def:17739 | ||
| Title: | USN-602-1 -- firefox vulnerabilities | ||
| Description: | Flaws were discovered in Firefox which could lead to crashes during JavaScript garbage collection. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-602-1 CVE-2008-1380 | Version: | 7 |
| Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17791 | |||
| Oval ID: | oval:org.mitre.oval:def:17791 | ||
| Title: | DSA-1704-1 xulrunner - several vulnerabilities | ||
| Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1704-1 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5508 CVE-2008-5511 CVE-2008-5512 | Version: | 7 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xulrunner |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:17848 | |||
| Oval ID: | oval:org.mitre.oval:def:17848 | ||
| Title: | USN-668-1 -- mozilla-thunderbird, thunderbird vulnerabilities | ||
| Description: | Georgi Guninski, Michal Zalewsk and Chris Evans discovered that the same-origin check in Thunderbird could be bypassed. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-668-1 CVE-2008-5012 CVE-2008-5014 CVE-2008-5016 CVE-2008-5017 CVE-2008-5018 CVE-2008-5021 CVE-2008-5022 CVE-2008-5024 | Version: | 7 |
| Platform(s): | Ubuntu 6.06 Ubuntu 7.10 Ubuntu 8.04 Ubuntu 8.10 | Product(s): | mozilla-thunderbird thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18288 | |||
| Oval ID: | oval:org.mitre.oval:def:18288 | ||
| Title: | DSA-1558-1 xulrunner - arbitrary code execution | ||
| Description: | It was discovered that crashes in the Javascript engine of xulrunner, the Gecko engine library, could potentially lead to the execution of arbitrary code. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1558-1 CVE-2008-1380 | Version: | 7 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xulrunner |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18644 | |||
| Oval ID: | oval:org.mitre.oval:def:18644 | ||
| Title: | DSA-1555-1 iceweasel - arbitrary code execution | ||
| Description: | It was discovered that crashes in the Javascript engine of Iceweasel, an unbranded version of the Firefox browser, could potentially lead to the execution of arbitrary code. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1555-1 CVE-2008-1380 | Version: | 7 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceweasel |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18703 | |||
| Oval ID: | oval:org.mitre.oval:def:18703 | ||
| Title: | DSA-1562-1 iceape - arbitrary code execution | ||
| Description: | It was discovered that crashes in the JavaScript engine of Iceape, an unbranded version of the Seamonkey internet suite could potentially lead to the execution of arbitrary code. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1562-1 CVE-2008-1380 | Version: | 7 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceape |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:19874 | |||
| Oval ID: | oval:org.mitre.oval:def:19874 | ||
| Title: | DSA-1669-1 xulrunner - several vulnerabilities | ||
| Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1669-1 CVE-2008-0016 CVE-2008-3835 CVE-2008-3836 CVE-2008-3837 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4069 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5017 CVE-2008-5018 CVE-2008-0017 CVE-2008-5021 CVE-2008-5022 CVE-2008-5023 CVE-2008-5024 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xulrunner |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20161 | |||
| Oval ID: | oval:org.mitre.oval:def:20161 | ||
| Title: | DSA-1671-1 iceweasel - several vulnerabilities | ||
| Description: | Several remote vulnerabilities have been discovered in the Iceweasel webbrowser, an unbranded version of the Firefox browser. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1671-1 CVE-2008-0017 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5017 CVE-2008-5018 CVE-2008-5021 CVE-2008-5022 CVE-2008-5023 CVE-2008-5024 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceweasel |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:21766 | |||
| Oval ID: | oval:org.mitre.oval:def:21766 | ||
| Title: | ELSA-2008:0222: firefox security update (Critical) | ||
| Description: | The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page. NOTE: this is due to an incorrect fix for CVE-2008-1237. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2008:0222-02 CVE-2008-1380 | Version: | 6 |
| Platform(s): | Oracle Linux 5 | Product(s): | firefox |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:21830 | |||
| Oval ID: | oval:org.mitre.oval:def:21830 | ||
| Title: | ELSA-2008:0224: thunderbird security update (Moderate) | ||
| Description: | The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page. NOTE: this is due to an incorrect fix for CVE-2008-1237. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2008:0224-01 CVE-2008-1380 | Version: | 6 |
| Platform(s): | Oracle Linux 5 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22664 | |||
| Oval ID: | oval:org.mitre.oval:def:22664 | ||
| Title: | ELSA-2008:0908: thunderbird security update (Moderate) | ||
| Description: | Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages." | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2008:0908-01 CVE-2008-0016 CVE-2008-3835 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4070 | Version: | 53 |
| Platform(s): | Oracle Linux 5 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:28693 | |||
| Oval ID: | oval:org.mitre.oval:def:28693 | ||
| Title: | RHSA-2008:0908 -- thunderbird security update (Moderate) | ||
| Description: | Updated thunderbird packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird. (CVE-2008-0016, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062) | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2008:0908 CESA-2008:0908-CentOS 5 CVE-2008-0016 CVE-2008-3835 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4070 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:29008 | |||
| Oval ID: | oval:org.mitre.oval:def:29008 | ||
| Title: | RHSA-2008:0879 -- firefox security update (Critical) | ||
| Description: | All firefox users should upgrade to this updated package, which contains backported patches that correct these issues. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2008:0879 CESA-2008:0879-CentOS 5 CVE-2008-3837 CVE-2008-4058 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4063 CVE-2008-4064 CVE-2008-4065 CVE-2008-4067 CVE-2008-4068 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 CentOS Linux 5 | Product(s): | firefox devhelp nss xulrunner yelp |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:29237 | |||
| Oval ID: | oval:org.mitre.oval:def:29237 | ||
| Title: | RHSA-2008:0978 -- firefox security update (Critical) | ||
| Description: | All firefox users should upgrade to these updated packages, which contain backported patches that correct these issues. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2008:0978 CESA-2008:0978-CentOS 5 CVE-2008-0017 CVE-2008-5014 CVE-2008-5015 CVE-2008-5016 CVE-2008-5017 CVE-2008-5018 CVE-2008-5019 CVE-2008-5021 CVE-2008-5022 CVE-2008-5023 CVE-2008-5024 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 CentOS Linux 5 | Product(s): | firefox nss devhelp xulrunner yelp |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7740 | |||
| Oval ID: | oval:org.mitre.oval:def:7740 | ||
| Title: | DSA-1669 xulrunner -- several vulnerabilities | ||
| Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems: Justin Schuh, Tom Cross and Peter Williams discovered a buffer overflow in the parser for UTF-8 URLs, which may lead to the execution of arbitrary code. "moz_bug_r_a4" discovered that the same-origin check in nsXMLDocument::OnChannelRedirect() could by bypassed. "moz_bug_r_a4" discovered that several vulnerabilities in feedWriter could lead to Chrome privilege escalation. Paul Nickerson discovered that an attacker could move windows during a mouse click, resulting in unwanted action triggered by drag-and-drop. "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. Olli Pettay and "moz_bug_r_a4" discovered a Chrome privilege escalation vulnerability in XSLT handling. Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. Dave Reed discovered that some Unicode byte order marks are stripped from Javascript code before execution, which can result in code being executed, which were otherwise part of a quoted string. Gareth Heyes discovered that some Unicode surrogate characters are ignored by the HTML parser. Boris Zbarsky discovered that resource: URls allow directory traversal when using URL-encoded slashes. Georgi Guninski discovered that resource: URLs could bypass local access restrictions. Billy Hoffman discovered that the XBM decoder could reveal uninitialised memory. Liu Die Yu discovered an information leak through local shortcut files. Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions. It was discovered that insufficient checks in the Flash plugin glue code could lead to arbitrary code execution. Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution. It was discovered that crashes in the layout engine could lead to arbitrary code execution. It was discovered that crashes in the Javascript engine could lead to arbitrary code execution. Justin Schuh discovered that a buffer overflow in http-index-format parser could lead to arbitrary code execution. It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code. "moz_bug_r_a4" discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners() could be bypassed. Collin Jackson discovered that the -moz-binding property bypasses security checks on codebase principals. Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1669 CVE-2008-0016 CVE-2008-3835 CVE-2008-3836 CVE-2008-3837 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4069 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5017 CVE-2008-5018 CVE-2008-0017 CVE-2008-5021 CVE-2008-5022 CVE-2008-5023 CVE-2008-5024 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7950 | |||
| Oval ID: | oval:org.mitre.oval:def:7950 | ||
| Title: | DSA-1697 iceape -- several vulnerabilities | ||
| Description: | Several remote vulnerabilities have been discovered in Iceape an unbranded version of the Seamonkey internet suite. The Common Vulnerabilities and Exposures project identifies the following problems: Justin Schuh, Tom Cross and Peter Williams discovered a buffer overflow in the parser for UTF-8 URLs, which may lead to the execution of arbitrary code. (MFSA 2008-37) It was discovered that a buffer overflow in MIME decoding can lead to the execution of arbitrary code. (MFSA 2008-26) It was discovered that missing boundary checks on a reference counter for CSS objects can lead to the execution of arbitrary code. (MFSA 2008-34) Devon Hubbard, Jesse Ruderman and Martijn Wargers discovered crashes in the layout engine, which might allow the execution of arbitrary code. (MFSA 2008-21) Igor Bukanov, Jesse Ruderman and Gary Kwong discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. (MFSA 2008-21) "moz_bug_r_a4" discovered several cross-site scripting vulnerabilities. (MFSA 2008-22) Collin Jackson and Adam Barth discovered that Javascript code could be executed in the context or signed JAR archives. (MFSA 2008-23) "moz_bug_r_a4" discovered that XUL documements can escalate privileges by accessing the pre-compiled "fastload" file. (MFSA 2008-24) "moz_bug_r_a4" discovered that missing input sanitising in the mozIJSSubScriptLoader.loadSubScript() function could lead to the execution of arbitrary code. Iceape itself is not affected, but some addons are. (MFSA 2008-25) Claudio Santambrogio discovered that missing access validation in DOM parsing allows malicious web sites to force the browser to upload local files to the server, which could lead to information disclosure. (MFSA 2008-27) Daniel Glazman discovered that a programming error in the code for parsing .properties files could lead to memory content being exposed to addons, which could lead to information disclosure. (MFSA 2008-29) Masahiro Yamada discovered that file URLs in directory listings were insufficiently escaped. (MFSA 2008-30) John G. Myers, Frank Benkstein and Nils Toedtmann discovered that alternate names on self-signed certificates were handled insufficiently, which could lead to spoofings of secure connections. (MFSA 2008-31) It was discovered that URL shortcut files could be used to bypass the same-origin restrictions. This issue does not affect current Iceape, but might occur with additional extensions installed. (MFSA 2008-32) Greg McManus discovered a crash in the block reflow code, which might allow the execution of arbitrary code. (MFSA 2008-33) Billy Rios discovered that passing an URL containing a pipe symbol to Iceape can lead to Chrome privilege escalation. (MFSA 2008-35) "moz_bug_r_a4" discovered that the same-origin check in nsXMLDocument::OnChannelRedirect() could be bypassed. (MFSA 2008-38) "moz_bug_r_a4" discovered that several vulnerabilities in feedWriter could lead to Chrome privilege escalation. (MFSA 2008-39) Paul Nickerson discovered that an attacker could move windows during a mouse click, resulting in unwanted action triggered by drag-and-drop. (MFSA 2008-40) "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. (MFSA 2008-41) "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. (MFSA 2008-41) Olli Pettay and "moz_bug_r_a4" discovered a Chrome privilege escalation vulnerability in XSLT handling. (MFSA 2008-41) Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. (MFSA 2008-42) Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. (MFSA 2008-42) Dave Reed discovered that some Unicode byte order marks are stripped from Javascript code before execution, which can result in code being executed, which were otherwise part of a quoted string. (MFSA 2008-43) Boris Zbarsky discovered that resource: URLs allow directory traversal when using URL-encoded slashes. (MFSA 2008-44) Georgi Guninski discovered that resource: URLs could bypass local access restrictions. (MFSA 2008-44) Billy Hoffman discovered that the XBM decoder could reveal uninitialised memory. (MFSA 2008-45) It was discovered that a buffer overflow could be triggered via a long header in a news article, which could lead to arbitrary code execution. (MFSA 2008-46) Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions. (MFSA 2008-48) It was discovered that insufficient checks in the Flash plugin glue code could lead to arbitrary code execution. (MFSA 2008-49) Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution. (MFSA 2008-50) It was discovered that crashes in the layout engine could lead to arbitrary code execution. (MFSA 2008-52) Justin Schuh discovered that a buffer overflow in http-index-format parser could lead to arbitrary code execution. (MFSA 2008-54) It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code. (MFSA 2008-55) "moz_bug_r_a4" discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners() could be bypassed. (MFSA 2008-56) Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents. (MFSA 2008-58) Liu Die Yu discovered an information leak through local shortcut files. (MFSA 2008-59) Jesse Ruderman discovered that the layout engine is vulnerable to DoS attacks that might trigger memory corruption and an integer overflow. (MFSA 2008-60) Boris Zbarsky discovered that an information disclosure attack could be performed via XBL bindings. (MFSA 2008-61) Marius Schilder discovered that it is possible to obtain sensible data via a XMLHttpRequest. (MFSA 2008-64) Chris Evans discovered that it is possible to obtain sensible data via a JavaScript URL. (MFSA 2008-65) Chip Salzenberg discovered possible phishing attacks via URLs with leading whitespaces or control characters. (MFSA 2008-66) It was discovered that it is possible to perform cross-site scripting attacks via an XBL binding to an "unloaded document." (MFSA 2008-68) It was discovered that it is possible to run arbitrary JavaScript with chrome privileges via unknown vectors. (MFSA 2008-68) | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1697 CVE-2008-0016 CVE-2008-0304 CVE-2008-2785 CVE-2008-2798 CVE-2008-2799 CVE-2008-2800 CVE-2008-2801 CVE-2008-2802 CVE-2008-2803 CVE-2008-2805 CVE-2008-2807 CVE-2008-2808 CVE-2008-2809 CVE-2008-2810 CVE-2008-2811 CVE-2008-2933 CVE-2008-3835 CVE-2008-3836 CVE-2008-3837 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4067 CVE-2008-4068 CVE-2008-4069 CVE-2008-4070 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5017 CVE-2008-0017 CVE-2008-5021 CVE-2008-5024 CVE-2008-5022 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5508 CVE-2008-5511 CVE-2008-5512 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceape |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:8021 | |||
| Oval ID: | oval:org.mitre.oval:def:8021 | ||
| Title: | DSA-1696 icedove -- several vulnerabilities | ||
| Description: | Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: Justin Schuh, Tom Cross and Peter Williams discovered a buffer overflow in the parser for UTF-8 URLs, which may lead to the execution of arbitrary code. (MFSA 2008-37) It was discovered that crashes in the Javascript engine could potentially lead to the execution of arbitrary code. (MFSA 2008-20) "moz_bug_r_a4" discovered that the same-origin check in nsXMLDocument::OnChannelRedirect() could be bypassed. (MFSA 2008-38) "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. (MFSA 2008-41) "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. (MFSA 2008-41) Olli Pettay and "moz_bug_r_a4" discovered a Chrome privilege escalation vulnerability in XSLT handling. (MFSA 2008-41) Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. (MFSA 2008-42) Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. (MFSA 2008-42) Dave Reed discovered that some Unicode byte order marks are stripped from Javascript code before execution, which can result in code being executed, which were otherwise part of a quoted string. (MFSA 2008-43) It was discovered that a directory traversal allows attackers to read arbitrary files via a certain character. (MFSA 2008-44) It was discovered that a directory traversal allows attackers to bypass security restrictions and obtain sensitive information. (MFSA 2008-44) It was discovered that a buffer overflow could be triggered via a long header in a news article, which could lead to arbitrary code execution. (MFSA 2008-46) Liu Die Yu and Boris Zbarsky discovered an information leak through local shortcut files. (MFSA 2008-47, MFSA 2008-59) Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions. (MFSA 2008-48) Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution. (MFSA 2008-50) It was discovered that crashes in the layout engine could lead to arbitrary code execution. (MFSA 2008-52) It was discovered that crashes in the Javascript engine could lead to arbitrary code execution. (MFSA 2008-52) It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code. (MFSA 2008-55) "moz_bug_r_a4" discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners() could be bypassed. (MFSA 2008-56) Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents. (MFSA 2008-58) Jesse Ruderman discovered that the layout engine is vulnerable to DoS attacks that might trigger memory corruption and an integer overflow. (MFSA 2008-60) Boris Zbarsky discovered that an information disclosure attack could be performed via XBL bindings. (MFSA 2008-61) Marius Schilder discovered that it is possible to obtain sensible data via a XMLHttpRequest. (MFSA 2008-64) Chris Evans discovered that it is possible to obtain sensible data via a JavaScript URL. (MFSA 2008-65) Chip Salzenberg discovered possible phishing attacks via URLs with leading whitespaces or control characters. (MFSA 2008-66) It was discovered that it is possible to perform cross-site scripting attacks via an XBL binding to an "unloaded document." (MFSA 2008-68) It was discovered that it is possible to run arbitrary JavaScript with chrome privileges via unknown vectors. (MFSA 2008-68) | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1696 CVE-2008-0016 CVE-2008-1380 CVE-2008-3835 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4067 CVE-2008-4068 CVE-2008-4070 CVE-2008-4582 CVE-2008-5012 CVE-2008-5014 CVE-2008-5017 CVE-2008-5018 CVE-2008-5021 CVE-2008-5022 CVE-2008-5024 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5508 CVE-2008-5511 CVE-2008-5512 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | icedove |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:8140 | |||
| Oval ID: | oval:org.mitre.oval:def:8140 | ||
| Title: | DSA-1671 iceweasel -- several vulnerabilities | ||
| Description: | Several remote vulnerabilities have been discovered in the Iceweasel webbrowser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems: Justin Schuh discovered that a buffer overflow in the http-index-format parser could lead to arbitrary code execution. Liu Die Yu discovered an information leak through local shortcut files. Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions. It was discovered that insufficient checks in the Flash plugin glue code could lead to arbitrary code execution. Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution. It was discovered that crashes in the layout engine could lead to arbitrary code execution. It was discovered that crashes in the Javascript engine could lead to arbitrary code execution. It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code. moz_bug_r_a4 discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners() could be bypassed. Collin Jackson discovered that the -moz-binding property bypasses security checks on codebase principals. Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1671 CVE-2008-0017 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5017 CVE-2008-5018 CVE-2008-5021 CVE-2008-5022 CVE-2008-5023 CVE-2008-5024 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceweasel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:9643 | |||
| Oval ID: | oval:org.mitre.oval:def:9643 | ||
| Title: | The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vectors. | ||
| Description: | The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vectors. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-3835 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
SAINT Exploits
| Description | Link |
|---|---|
| Mozilla Firefox UTF-8 URL buffer overflow | More info here |
ExploitDB Exploits
| id | Description |
|---|---|
| 2009-09-14 | Mozilla Firefox 2.0.0.16 UTF-8 URL Remote Buffer Overflow Exploit |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2011-08-09 | Name : CentOS Update for thunderbird CESA-2009:0002 centos4 i386 File : nvt/gb_CESA-2009_0002_thunderbird_centos4_i386.nasl |
| 2011-08-09 | Name : CentOS Update for thunderbird CESA-2009:0002 centos5 i386 File : nvt/gb_CESA-2009_0002_thunderbird_centos5_i386.nasl |
| 2009-10-13 | Name : SLES10: Security update for MozillaFirefox File : nvt/sles10_MozillaFirefox.nasl |
| 2009-10-13 | Name : SLES10: Security update for MozillaFirefox File : nvt/sles10_MozillaFirefox0.nasl |
| 2009-10-13 | Name : SLES10: Security update for MozillaFirefox File : nvt/sles10_MozillaFirefox4.nasl |
| 2009-10-13 | Name : SLES10: Security update for MozillaFirefox File : nvt/sles10_MozillaFirefox6.nasl |
| 2009-10-13 | Name : SLES10: Security update for Epiphany File : nvt/sles10_epiphany.nasl |
| 2009-10-13 | Name : SLES10: Security update for Mozilla File : nvt/sles10_gecko-sdk.nasl |
| 2009-10-13 | Name : SLES10: Security update for gecko-sdk and mozilla-xulrunner File : nvt/sles10_gecko-sdk0.nasl |
| 2009-10-10 | Name : SLES9: Security update for Epiphany and Mozilla File : nvt/sles9p5036604.nasl |
| 2009-10-10 | Name : SLES9: Security update for Epiphany File : nvt/sles9p5040940.nasl |
| 2009-06-05 | Name : Ubuntu USN-707-1 (cupsys) File : nvt/ubuntu_707_1.nasl |
| 2009-06-03 | Name : Solaris Update for Mozilla 1.7 125539-06 File : nvt/gb_solaris_125539_06.nasl |
| 2009-06-03 | Name : Solaris Update for Mozilla Firefox Web browser 125540-06 File : nvt/gb_solaris_125540_06.nasl |
| 2009-06-03 | Name : Solaris Update for Mozilla 1.7 125541-04 File : nvt/gb_solaris_125541_04.nasl |
| 2009-06-03 | Name : Solaris Update for Mozilla Thunderbird email client 125542-04 File : nvt/gb_solaris_125542_04.nasl |
| 2009-04-09 | Name : Mandriva Update for mozilla-firefox MDVSA-2008:110 (mozilla-firefox) File : nvt/gb_mandriva_MDVSA_2008_110.nasl |
| 2009-04-09 | Name : Mandriva Update for mozilla-firefox MDVSA-2008:205 (mozilla-firefox) File : nvt/gb_mandriva_MDVSA_2008_205.nasl |
| 2009-04-09 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2008:206 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2008_206.nasl |
| 2009-04-09 | Name : Mandriva Update for mozilla-firefox MDVSA-2008:228 (mozilla-firefox) File : nvt/gb_mandriva_MDVSA_2008_228.nasl |
| 2009-04-09 | Name : Mandriva Update for firefox MDVSA-2008:230 (firefox) File : nvt/gb_mandriva_MDVSA_2008_230.nasl |
| 2009-04-09 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2008:235 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2008_235.nasl |
| 2009-04-09 | Name : Mandriva Update for mozilla-firefox MDVSA-2008:244 (mozilla-firefox) File : nvt/gb_mandriva_MDVSA_2008_244.nasl |
| 2009-04-09 | Name : Mandriva Update for firefox MDVSA-2008:245 (firefox) File : nvt/gb_mandriva_MDVSA_2008_245.nasl |
| 2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-602-1 File : nvt/gb_ubuntu_USN_602_1.nasl |
| 2009-03-23 | Name : Ubuntu Update for firefox, firefox-3.0, xulrunner-1.9 vulnerabilities USN-645-1 File : nvt/gb_ubuntu_USN_645_1.nasl |
| 2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-645-2 File : nvt/gb_ubuntu_USN_645_2.nasl |
| 2009-03-23 | Name : Ubuntu Update for firefox-3.0, xulrunner-1.9 regression USN-645-3 File : nvt/gb_ubuntu_USN_645_3.nasl |
| 2009-03-23 | Name : Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-647-1 File : nvt/gb_ubuntu_USN_647_1.nasl |
| 2009-03-23 | Name : Ubuntu Update for firefox, firefox-3.0, xulrunner-1.9 vulnerabilities USN-667-1 File : nvt/gb_ubuntu_USN_667_1.nasl |
| 2009-03-23 | Name : Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-668-1 File : nvt/gb_ubuntu_USN_668_1.nasl |
| 2009-03-23 | Name : Ubuntu Update for firefox-3.0, xulrunner-1.9 vulnerabilities USN-690-1 File : nvt/gb_ubuntu_USN_690_1.nasl |
| 2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-690-2 File : nvt/gb_ubuntu_USN_690_2.nasl |
| 2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-690-3 File : nvt/gb_ubuntu_USN_690_3.nasl |
| 2009-03-06 | Name : RedHat Update for firefox RHSA-2008:0222-02 File : nvt/gb_RHSA-2008_0222-02_firefox.nasl |
| 2009-03-06 | Name : RedHat Update for seamonkey RHSA-2008:0223-02 File : nvt/gb_RHSA-2008_0223-02_seamonkey.nasl |
| 2009-03-06 | Name : RedHat Update for thunderbird RHSA-2008:0224-01 File : nvt/gb_RHSA-2008_0224-01_thunderbird.nasl |
| 2009-03-06 | Name : RedHat Update for firefox RHSA-2008:0879-01 File : nvt/gb_RHSA-2008_0879-01_firefox.nasl |
| 2009-03-06 | Name : RedHat Update for seamonkey RHSA-2008:0882-01 File : nvt/gb_RHSA-2008_0882-01_seamonkey.nasl |
| 2009-03-06 | Name : RedHat Update for thunderbird RHSA-2008:0908-01 File : nvt/gb_RHSA-2008_0908-01_thunderbird.nasl |
| 2009-03-06 | Name : RedHat Update for thunderbird RHSA-2008:0976-01 File : nvt/gb_RHSA-2008_0976-01_thunderbird.nasl |
| 2009-03-06 | Name : RedHat Update for seamonkey RHSA-2008:0977-01 File : nvt/gb_RHSA-2008_0977-01_seamonkey.nasl |
| 2009-03-06 | Name : RedHat Update for firefox RHSA-2008:0978-01 File : nvt/gb_RHSA-2008_0978-01_firefox.nasl |
| 2009-03-06 | Name : RedHat Update for firefox RHSA-2008:1036-01 File : nvt/gb_RHSA-2008_1036-01_firefox.nasl |
| 2009-03-06 | Name : RedHat Update for seamonkey RHSA-2008:1037-01 File : nvt/gb_RHSA-2008_1037-01_seamonkey.nasl |
| 2009-02-27 | Name : CentOS Update for firefox CESA-2008:0222 centos4 i386 File : nvt/gb_CESA-2008_0222_firefox_centos4_i386.nasl |
| 2009-02-27 | Name : CentOS Update for firefox CESA-2008:0222 centos4 x86_64 File : nvt/gb_CESA-2008_0222_firefox_centos4_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0223-02 centos2 i386 File : nvt/gb_CESA-2008_0223-02_seamonkey_centos2_i386.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0223 centos3 i386 File : nvt/gb_CESA-2008_0223_seamonkey_centos3_i386.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0223 centos3 x86_64 File : nvt/gb_CESA-2008_0223_seamonkey_centos3_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0223 centos4 i386 File : nvt/gb_CESA-2008_0223_seamonkey_centos4_i386.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0223 centos4 x86_64 File : nvt/gb_CESA-2008_0223_seamonkey_centos4_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0882-01 centos2 i386 File : nvt/gb_CESA-2008_0882-01_seamonkey_centos2_i386.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0882 centos3 i386 File : nvt/gb_CESA-2008_0882_seamonkey_centos3_i386.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0882 centos3 x86_64 File : nvt/gb_CESA-2008_0882_seamonkey_centos3_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0908 centos4 i386 File : nvt/gb_CESA-2008_0908_thunderbird_centos4_i386.nasl |
| 2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0908 centos4 x86_64 File : nvt/gb_CESA-2008_0908_thunderbird_centos4_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0976 centos4 i386 File : nvt/gb_CESA-2008_0976_thunderbird_centos4_i386.nasl |
| 2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0976 centos4 x86_64 File : nvt/gb_CESA-2008_0976_thunderbird_centos4_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0977-01 centos2 i386 File : nvt/gb_CESA-2008_0977-01_seamonkey_centos2_i386.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0977 centos3 i386 File : nvt/gb_CESA-2008_0977_seamonkey_centos3_i386.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0977 centos3 x86_64 File : nvt/gb_CESA-2008_0977_seamonkey_centos3_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0977 centos4 i386 File : nvt/gb_CESA-2008_0977_seamonkey_centos4_i386.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0977 centos4 x86_64 File : nvt/gb_CESA-2008_0977_seamonkey_centos4_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for firefox CESA-2008:0978 centos4 i386 File : nvt/gb_CESA-2008_0978_firefox_centos4_i386.nasl |
| 2009-02-27 | Name : CentOS Update for firefox CESA-2008:0978 centos4 x86_64 File : nvt/gb_CESA-2008_0978_firefox_centos4_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:1037-01 centos2 i386 File : nvt/gb_CESA-2008_1037-01_seamonkey_centos2_i386.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:1037 centos3 i386 File : nvt/gb_CESA-2008_1037_seamonkey_centos3_i386.nasl |
| 2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:1037 centos3 x86_64 File : nvt/gb_CESA-2008_1037_seamonkey_centos3_x86_64.nasl |
| 2009-02-17 | Name : Fedora Update for seamonkey FEDORA-2008-3231 File : nvt/gb_fedora_2008_3231_seamonkey_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for Miro FEDORA-2008-3249 File : nvt/gb_fedora_2008_3249_Miro_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for chmsee FEDORA-2008-3249 File : nvt/gb_fedora_2008_3249_chmsee_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for devhelp FEDORA-2008-3249 File : nvt/gb_fedora_2008_3249_devhelp_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for epiphany-extensions FEDORA-2008-3249 File : nvt/gb_fedora_2008_3249_epiphany-extensions_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for epiphany FEDORA-2008-3249 File : nvt/gb_fedora_2008_3249_epiphany_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for firefox FEDORA-2008-3249 File : nvt/gb_fedora_2008_3249_firefox_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for galeon FEDORA-2008-3249 File : nvt/gb_fedora_2008_3249_galeon_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-3249 File : nvt/gb_fedora_2008_3249_gnome-python2-extras_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-3249 File : nvt/gb_fedora_2008_3249_gtkmozembedmm_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for kazehakase FEDORA-2008-3249 File : nvt/gb_fedora_2008_3249_kazehakase_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for liferea FEDORA-2008-3249 File : nvt/gb_fedora_2008_3249_liferea_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for openvrml FEDORA-2008-3249 File : nvt/gb_fedora_2008_3249_openvrml_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-3249 File : nvt/gb_fedora_2008_3249_ruby-gnome2_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for yelp FEDORA-2008-3249 File : nvt/gb_fedora_2008_3249_yelp_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for seamonkey FEDORA-2008-3264 File : nvt/gb_fedora_2008_3264_seamonkey_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for Miro FEDORA-2008-3283 File : nvt/gb_fedora_2008_3283_Miro_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for chmsee FEDORA-2008-3283 File : nvt/gb_fedora_2008_3283_chmsee_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for devhelp FEDORA-2008-3283 File : nvt/gb_fedora_2008_3283_devhelp_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for epiphany-extensions FEDORA-2008-3283 File : nvt/gb_fedora_2008_3283_epiphany-extensions_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for epiphany FEDORA-2008-3283 File : nvt/gb_fedora_2008_3283_epiphany_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for firefox FEDORA-2008-3283 File : nvt/gb_fedora_2008_3283_firefox_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for galeon FEDORA-2008-3283 File : nvt/gb_fedora_2008_3283_galeon_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-3283 File : nvt/gb_fedora_2008_3283_gnome-python2-extras_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for gnome-web-photo FEDORA-2008-3283 File : nvt/gb_fedora_2008_3283_gnome-web-photo_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-3283 File : nvt/gb_fedora_2008_3283_gtkmozembedmm_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for kazehakase FEDORA-2008-3283 File : nvt/gb_fedora_2008_3283_kazehakase_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for liferea FEDORA-2008-3283 File : nvt/gb_fedora_2008_3283_liferea_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for openvrml FEDORA-2008-3283 File : nvt/gb_fedora_2008_3283_openvrml_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-3283 File : nvt/gb_fedora_2008_3283_ruby-gnome2_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for yelp FEDORA-2008-3283 File : nvt/gb_fedora_2008_3283_yelp_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for thunderbird FEDORA-2008-3519 File : nvt/gb_fedora_2008_3519_thunderbird_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for thunderbird FEDORA-2008-3557 File : nvt/gb_fedora_2008_3557_thunderbird_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for Miro FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_Miro_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for blam FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_blam_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for cairo-dock FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_cairo-dock_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for chmsee FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_chmsee_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for devhelp FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_devhelp_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for epiphany-extensions FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_epiphany-extensions_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for epiphany FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_epiphany_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for evolution-rss FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_evolution-rss_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for firefox FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_firefox_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for galeon FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_galeon_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_gnome-python2-extras_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for gnome-web-photo FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_gnome-web-photo_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_gtkmozembedmm_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for kazehakase FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_kazehakase_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for liferea FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_liferea_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for openvrml FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_openvrml_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_ruby-gnome2_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for yelp FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_yelp_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for seamonkey FEDORA-2008-8401 File : nvt/gb_fedora_2008_8401_seamonkey_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for Miro FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_Miro_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for blam FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_blam_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for cairo-dock FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_cairo-dock_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for chmsee FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_chmsee_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for devhelp FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_devhelp_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for epiphany-extensions FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_epiphany-extensions_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for epiphany FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_epiphany_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for evolution-rss FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_evolution-rss_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for firefox FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_firefox_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for galeon FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_galeon_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_gnome-python2-extras_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for gnome-web-photo FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_gnome-web-photo_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for google-gadgets FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_google-gadgets_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_gtkmozembedmm_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for kazehakase FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_kazehakase_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for mozvoikko FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_mozvoikko_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for mugshot FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_mugshot_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_ruby-gnome2_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for totem FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_totem_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for xulrunner FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_xulrunner_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for yelp FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_yelp_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for seamonkey FEDORA-2008-8429 File : nvt/gb_fedora_2008_8429_seamonkey_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for Miro FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_Miro_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for blam FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_blam_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for cairo-dock FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_cairo-dock_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for chmsee FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_chmsee_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for devhelp FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_devhelp_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for epiphany-extensions FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_epiphany-extensions_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for epiphany FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_epiphany_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for evolution-rss FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_evolution-rss_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for firefox FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_firefox_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for galeon FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_galeon_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_gnome-python2-extras_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for gnome-web-photo FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_gnome-web-photo_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for kazehakase FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_kazehakase_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for liferea FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_liferea_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for openvrml FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_openvrml_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_ruby-gnome2_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for seamonkey FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_seamonkey_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for yelp FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_yelp_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for Miro FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_Miro_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for cairo-dock FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_cairo-dock_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for chmsee FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_chmsee_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for devhelp FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_devhelp_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for epiphany-extensions FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_epiphany-extensions_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for epiphany FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_epiphany_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for evolution-rss FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_evolution-rss_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for firefox FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_firefox_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for galeon FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_galeon_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_gnome-python2-extras_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for gnome-web-photo FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_gnome-web-photo_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for google-gadgets FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_google-gadgets_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_gtkmozembedmm_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for kazehakase FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_kazehakase_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for mozvoikko FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_mozvoikko_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for mugshot FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_mugshot_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_ruby-gnome2_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for seamonkey FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_seamonkey_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for totem FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_totem_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for xulrunner FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_xulrunner_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for yelp FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_yelp_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for thunderbird FEDORA-2008-9807 File : nvt/gb_fedora_2008_9807_thunderbird_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for thunderbird FEDORA-2008-9859 File : nvt/gb_fedora_2008_9859_thunderbird_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for thunderbird FEDORA-2008-9901 File : nvt/gb_fedora_2008_9901_thunderbird_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for seamonkey FEDORA-2008-11490 File : nvt/gb_fedora_2008_11490_seamonkey_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for Miro FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_Miro_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for blam FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_blam_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for devhelp FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_devhelp_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for epiphany-extensions FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_epiphany-extensions_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for epiphany FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_epiphany_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for evolution-rss FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_evolution-rss_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for firefox FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_firefox_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for galeon FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_galeon_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for gecko-sharp2 FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_gecko-sharp2_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_gnome-python2-extras_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for gnome-web-photo FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_gnome-web-photo_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for google-gadgets FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_google-gadgets_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for kazehakase FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_kazehakase_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for mozvoikko FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_mozvoikko_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for mugshot FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_mugshot_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for pcmanx-gtk2 FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_pcmanx-gtk2_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_ruby-gnome2_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for xulrunner FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_xulrunner_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for yelp FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_yelp_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for seamonkey FEDORA-2008-11534 File : nvt/gb_fedora_2008_11534_seamonkey_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for Miro FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_Miro_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for blam FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_blam_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for cairo-dock FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_cairo-dock_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for chmsee FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_chmsee_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for devhelp FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_devhelp_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for epiphany-extensions FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_epiphany-extensions_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for epiphany FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_epiphany_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for evolution-rss FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_evolution-rss_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for firefox FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_firefox_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for galeon FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_galeon_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_gnome-python2-extras_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for gnome-web-photo FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_gnome-web-photo_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for kazehakase FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_kazehakase_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for liferea FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_liferea_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for openvrml FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_openvrml_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_ruby-gnome2_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for yelp FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_yelp_fc8.nasl |
| 2009-02-13 | Name : Fedora Update for seamonkey FEDORA-2008-11586 File : nvt/gb_fedora_2008_11586_seamonkey_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for Miro FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_Miro_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for blam FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_blam_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for cairo-dock FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_cairo-dock_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for chmsee FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_chmsee_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for devhelp FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_devhelp_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for epiphany-extensions FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_epiphany-extensions_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for epiphany FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_epiphany_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for evolution-rss FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_evolution-rss_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for firefox FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_firefox_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for galeon FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_galeon_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_gnome-python2-extras_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for gnome-web-photo FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_gnome-web-photo_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for google-gadgets FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_google-gadgets_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_gtkmozembedmm_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for kazehakase FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_kazehakase_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for mozvoikko FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_mozvoikko_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for mugshot FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_mugshot_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_ruby-gnome2_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for totem FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_totem_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for xulrunner FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_xulrunner_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for yelp FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_yelp_fc9.nasl |
| 2009-01-23 | Name : SuSE Update for MozillaFirefox,MozillaThunderbird,seamonkey,mozilla SUSE-SA:... File : nvt/gb_suse_2008_050.nasl |
| 2009-01-23 | Name : SuSE Update for MozillaFirefox,MozillaThunderbird,seamonkey SUSE-SA:2008:055 File : nvt/gb_suse_2008_055.nasl |
| 2009-01-23 | Name : SuSE Update for MozillaFirefox,seamonkey SUSE-SA:2008:058 File : nvt/gb_suse_2008_058.nasl |
| 2009-01-20 | Name : Debian Security Advisory DSA 1704-1 (xulrunner) File : nvt/deb_1704_1.nasl |
| 2009-01-20 | Name : Debian Security Advisory DSA 1707-1 (iceweasel) File : nvt/deb_1707_1.nasl |
| 2009-01-20 | Name : Mandrake Security Advisory MDVSA-2009:012 (mozilla-thunderbird) File : nvt/mdksa_2009_012.nasl |
| 2009-01-20 | Name : SuSE Security Advisory SUSE-SA:2009:002 (MozillaFirefox,MozillaThunderbird,mo... File : nvt/suse_sa_2009_002.nasl |
| 2009-01-20 | Name : Ubuntu USN-708-1 (hplip) File : nvt/ubuntu_708_1.nasl |
| 2009-01-13 | Name : Debian Security Advisory DSA 1696-1 (icedove) File : nvt/deb_1696_1.nasl |
| 2009-01-13 | Name : Debian Security Advisory DSA 1697-1 (iceape) File : nvt/deb_1697_1.nasl |
| 2009-01-13 | Name : CentOS Security Advisory CESA-2009:0002 (thunderbird) File : nvt/ovcesa2009_0002.nasl |
| 2009-01-13 | Name : Ubuntu USN-701-1 (thunderbird) File : nvt/ubuntu_701_1.nasl |
| 2009-01-13 | Name : Ubuntu USN-701-2 (mozilla-thunderbird) File : nvt/ubuntu_701_2.nasl |
| 2009-01-07 | Name : RedHat Security Advisory RHSA-2009:0002 File : nvt/RHSA_2009_0002.nasl |
| 2008-12-23 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox36.nasl |
| 2008-12-23 | Name : Mozilla Firefox Multiple Vulnerabilities December-08 (Linux) File : nvt/gb_firefox_mult_vuln_dec08_lin.nasl |
| 2008-12-23 | Name : Mozilla Firefox Multiple Vulnerabilities December-08 (Win) File : nvt/gb_firefox_mult_vuln_dec08_win.nasl |
| 2008-12-23 | Name : Mozilla Seamonkey Multiple Vulnerabilities December-08 (Linux) File : nvt/gb_seamonkey_mult_vuln_dec08_lin.nasl |
| 2008-12-23 | Name : Mozilla Seamonkey Multiple Vulnerabilities December-08 (Win) File : nvt/gb_seamonkey_mult_vuln_dec08_win.nasl |
| 2008-12-23 | Name : Mozilla Thunderbird Multiple Vulnerabilities December-08 (Linux) File : nvt/gb_thunderbird_mult_vuln_dec08_lin.nasl |
| 2008-12-23 | Name : Mozilla Thunderbird Multiple Vulnerabilities December-08 (Win) File : nvt/gb_thunderbird_mult_vuln_dec08_win.nasl |
| 2008-12-03 | Name : Debian Security Advisory DSA 1671-1 (iceweasel) File : nvt/deb_1671_1.nasl |
| 2008-11-24 | Name : Debian Security Advisory DSA 1669-1 (xulrunner) File : nvt/deb_1669_1.nasl |
| 2008-11-21 | Name : Mozilla Firefox Multiple Vulnerabilities November-08 (Linux) File : nvt/gb_firefox_mult_vuln_nov08_lin.nasl |
| 2008-11-21 | Name : Mozilla Firefox Multiple Vulnerabilities November-08 (Win) File : nvt/gb_firefox_mult_vuln_nov08_win.nasl |
| 2008-11-21 | Name : Mozilla Seamonkey Multiple Vulnerabilities November-08 (Linux) File : nvt/gb_seamonkey_mult_vuln_nov08_lin.nasl |
| 2008-11-21 | Name : Mozilla Seamonkey Multiple Vulnerabilities November-08 (Win) File : nvt/gb_seamonkey_mult_vuln_nov08_win.nasl |
| 2008-11-21 | Name : Mozilla Thunderbird Multiple Vulnerabilities November-08 (Linux) File : nvt/gb_thunderbird_mult_vuln_nov08_lin.nasl |
| 2008-11-21 | Name : Mozilla Thunderbird Multiple Vulnerabilities November-08 (Win) File : nvt/gb_thunderbird_mult_vuln_nov08_win.nasl |
| 2008-11-19 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox35.nasl |
| 2008-11-01 | Name : Debian Security Advisory DSA 1649-1 (iceweasel) File : nvt/deb_1649_1.nasl |
| 2008-10-17 | Name : Firefox .url Shortcut File Information Disclosure Vulnerability File : nvt/gb_firefox_url_file_info_dis_vuln.nasl |
| 2008-09-24 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox34.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200805-18 (mozilla ...) File : nvt/glsa_200805_18.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200808-03 (mozilla ...) File : nvt/glsa_200808_03.nasl |
| 2008-09-04 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox33.nasl |
| 2008-04-30 | Name : Debian Security Advisory DSA 1555-1 (iceweasel) File : nvt/deb_1555_1.nasl |
| 2008-04-30 | Name : Debian Security Advisory DSA 1558-1 (xulrunner) File : nvt/deb_1558_1.nasl |
| 2008-04-30 | Name : Debian Security Advisory DSA 1562-1 (iceape) File : nvt/deb_1562_1.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2008-108-01 mozilla-firefox File : nvt/esoft_slk_ssa_2008_108_01.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2008-191-03 seamonkey File : nvt/esoft_slk_ssa_2008_191_03.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2008-269-01 mozilla-firefox File : nvt/esoft_slk_ssa_2008_269_01.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2008-269-02 seamonkey File : nvt/esoft_slk_ssa_2008_269_02.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2008-270-01 mozilla-thunderbird File : nvt/esoft_slk_ssa_2008_270_01.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 51296 | Mozilla Multiple Products XPCNativeWrappers Pollution JavaScript Privilege Es... |
| 51295 | Mozilla Multiple Products XBL Binding Unloaded Document XSS |
| 51293 | Mozilla Multiple Products Whitespace / Control Character URL Handling Phishin... |
| 51292 | Mozilla Multiple Products window.onerror DOM API Same-origin Policy Bypass In... |
| 51291 | Mozilla Multiple Products XMLHttpRequest 302 Redirect Same-origin Policy Bypa... |
| 51288 | Mozilla Multiple Product loadBindingDocument Function XBL Binding Same-domain... |
| 51285 | Mozilla Multiple Products Layout Engine nsEscapeHTML2 Overflow |
| 51284 | Mozilla Multiple Products Layout Engine PresShell::InitialReflow XUL iframe O... |
| 50181 | Mozilla Multiple Products nsXMLHttpRequest::NotifyEventListeners Method Same-... |
| 50179 | Mozilla Multiple Products nsFrameManager File Input Element Modification Blur... |
| 50177 | Mozilla Multiple Products JavaScript Engine Date Class Unspecified Remote DoS |
| 50176 | Mozilla Multiple Products Browser Engine xpcom/io/nsEscape.cpp Unspecified Ov... |
| 50141 | Mozilla Multiple Products jslock.cpp OBJ_IS_NATIVE Function Non-Native Object... |
| 50139 | Mozilla Multiple Products Canvas Element Handling Same-policy Origin Bypass |
| 49995 | Mozilla Multiple Products EX4 Document Handling Remote XML Injection |
| 49073 | Mozilla Multiple Products HTML Element .url Shortcut File Arbitrary Cache Dis... |
| 48780 | Mozilla Multiple Products URL Parsing Implementation Crafted UTF-8 URL Arbitr... |
| 48773 | Mozilla Multiple Product nsXMLDocument::OnChannelRedirect Function Same Origi... |
| 48772 | Mozilla Multiple Products News Article Header Handling Overflow |
| 48770 | Mozilla Firefox XPConnect Component SCRIPT Element Privileged Code Execution |
| 48769 | Mozilla Multiple Products resource URI Traversal Access Restriction Bypass |
| 48761 | Mozilla Multiple Products on Linux URL-encoded resource URI Traversal Arbitra... |
| 48760 | Mozilla Multiple Products Stripped BOM Character XSS |
| 48759 | Mozilla Multiple Products MathML Component rowspan Attribute Handling Memory ... |
| 48751 | Mozilla Multiple Products nsJSNPRuntime.cpp nsNPObjWrapper::GetNewOrUsed Func... |
| 48750 | Mozilla Multiple Products nsEscape.cpp nsEscapeCount Function Memory Corruption |
| 48749 | Mozilla Multiple Products jsxml.c Namespace / Qname Characteristic Handling M... |
| 48748 | Mozilla Multiple Products XSLT Arbitrary Script Execution |
| 48747 | Mozilla Multiple Products document.loadBindingDocument() Arbitrary Script Exe... |
| 48746 | Mozilla Multiple Products XPCNativeWrappers Pollution Arbitrary Code Execution |
| 44467 | Mozilla Multiple Products Javascript Garbage Collector DoS |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2017-08-29 | Mozilla Firefox BOM character cross site scripting attempt RuleID : 43749 - Revision : 2 - Type : BROWSER-FIREFOX |
| 2017-08-29 | Mozilla Firefox BOM character cross site scripting attempt RuleID : 43748 - Revision : 2 - Type : BROWSER-FIREFOX |
| 2016-10-25 | Mozilla Firefox file type memory corruption attempt RuleID : 40280 - Revision : 1 - Type : BROWSER-FIREFOX |
| 2014-01-10 | Mozilla Firefox file type memory corruption attempt RuleID : 17603 - Revision : 10 - Type : BROWSER-FIREFOX |
| 2014-01-10 | Mozilla Firefox UTF-8 URL Handling Stack Buffer Overflow RuleID : 17519 - Revision : 9 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0222.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0223.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0224.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0879.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0882.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0908.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0976.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0977.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0978.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-1036.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-1037.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2009-0002.nasl - Type : ACT_GATHER_INFO |
| 2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-645-2.nasl - Type : ACT_GATHER_INFO |
| 2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-690-3.nasl - Type : ACT_GATHER_INFO |
| 2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-701-2.nasl - Type : ACT_GATHER_INFO |
| 2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080416_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080416_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080923_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080923_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20081001_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081112_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081112_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20081119_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081216_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081216_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20090107_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0224.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0879.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0976.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0978.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-1036.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2009-0002.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12326.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5826.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5890.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_epiphany-5889.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gecko-sdk-5813.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-081002.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-081124.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-081218.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaThunderbird-081003.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaThunderbird-081124.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaThunderbird-090108.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_mozilla-xulrunner181-081002.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_mozilla-xulrunner181-081122.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_mozilla-xulrunner181-081218.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_mozilla-xulrunner190-081002.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_mozilla-xulrunner190-081218.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_seamonkey-081003.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_seamonkey-081122.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_seamonkey-081218.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-081218.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaThunderbird-090108.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_mozilla-xulrunner181-081219.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_mozilla-xulrunner190-081218.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_seamonkey-081218.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0977.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2008-11490.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-11511.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9901.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-110.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-205.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-206.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-228.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-230.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-235.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-244.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-245.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-012.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-645-1.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-645-3.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-647-1.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-667-1.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-668-1.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-690-1.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-690-2.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-701-1.nasl - Type : ACT_GATHER_INFO |
| 2009-01-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1707.nasl - Type : ACT_GATHER_INFO |
| 2009-01-15 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1704.nasl - Type : ACT_GATHER_INFO |
| 2009-01-09 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-5900.nasl - Type : ACT_GATHER_INFO |
| 2009-01-08 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1696.nasl - Type : ACT_GATHER_INFO |
| 2009-01-08 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1697.nasl - Type : ACT_GATHER_INFO |
| 2009-01-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2009-0002.nasl - Type : ACT_GATHER_INFO |
| 2009-01-07 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-5885.nasl - Type : ACT_GATHER_INFO |
| 2009-01-07 | Name : The remote openSUSE host is missing a security update. File : suse_mozilla-xulrunner181-5881.nasl - Type : ACT_GATHER_INFO |
| 2009-01-02 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20019.nasl - Type : ACT_GATHER_INFO |
| 2008-12-22 | Name : The remote Windows host contains a web browser that is affected by a cross do... File : mozilla_firefox_20020.nasl - Type : ACT_GATHER_INFO |
| 2008-12-21 | Name : The remote Fedora host is missing a security update. File : fedora_2008-11534.nasl - Type : ACT_GATHER_INFO |
| 2008-12-21 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-11551.nasl - Type : ACT_GATHER_INFO |
| 2008-12-21 | Name : The remote Fedora host is missing a security update. File : fedora_2008-11586.nasl - Type : ACT_GATHER_INFO |
| 2008-12-21 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-11598.nasl - Type : ACT_GATHER_INFO |
| 2008-12-21 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_29f5bfc5ce0411dda7210030843d3802.nasl - Type : ACT_GATHER_INFO |
| 2008-12-21 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5880.nasl - Type : ACT_GATHER_INFO |
| 2008-12-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-1037.nasl - Type : ACT_GATHER_INFO |
| 2008-12-17 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_20019.nasl - Type : ACT_GATHER_INFO |
| 2008-12-17 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_305.nasl - Type : ACT_GATHER_INFO |
| 2008-12-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-1036.nasl - Type : ACT_GATHER_INFO |
| 2008-12-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-1037.nasl - Type : ACT_GATHER_INFO |
| 2008-12-17 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_1114.nasl - Type : ACT_GATHER_INFO |
| 2008-11-26 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gecko-sdk-5811.nasl - Type : ACT_GATHER_INFO |
| 2008-11-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1671.nasl - Type : ACT_GATHER_INFO |
| 2008-11-25 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-5812.nasl - Type : ACT_GATHER_INFO |
| 2008-11-25 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-5825.nasl - Type : ACT_GATHER_INFO |
| 2008-11-25 | Name : The remote openSUSE host is missing a security update. File : suse_mozilla-xulrunner181-5820.nasl - Type : ACT_GATHER_INFO |
| 2008-11-25 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5815.nasl - Type : ACT_GATHER_INFO |
| 2008-11-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1669.nasl - Type : ACT_GATHER_INFO |
| 2008-11-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5786.nasl - Type : ACT_GATHER_INFO |
| 2008-11-21 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9807.nasl - Type : ACT_GATHER_INFO |
| 2008-11-21 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9859.nasl - Type : ACT_GATHER_INFO |
| 2008-11-21 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0976.nasl - Type : ACT_GATHER_INFO |
| 2008-11-20 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20018.nasl - Type : ACT_GATHER_INFO |
| 2008-11-16 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-9667.nasl - Type : ACT_GATHER_INFO |
| 2008-11-16 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-9669.nasl - Type : ACT_GATHER_INFO |
| 2008-11-14 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_f29fea8fb19f11dda55e00163e000016.nasl - Type : ACT_GATHER_INFO |
| 2008-11-13 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_20018.nasl - Type : ACT_GATHER_INFO |
| 2008-11-13 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_304.nasl - Type : ACT_GATHER_INFO |
| 2008-11-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0977.nasl - Type : ACT_GATHER_INFO |
| 2008-11-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0978.nasl - Type : ACT_GATHER_INFO |
| 2008-11-13 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_1113.nasl - Type : ACT_GATHER_INFO |
| 2008-10-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1649.nasl - Type : ACT_GATHER_INFO |
| 2008-10-08 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gecko-sdk-5654.nasl - Type : ACT_GATHER_INFO |
| 2008-10-08 | Name : The remote openSUSE host is missing a security update. File : suse_mozilla-xulrunner181-5656.nasl - Type : ACT_GATHER_INFO |
| 2008-10-07 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5657.nasl - Type : ACT_GATHER_INFO |
| 2008-10-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0908.nasl - Type : ACT_GATHER_INFO |
| 2008-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-5655.nasl - Type : ACT_GATHER_INFO |
| 2008-10-02 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0908.nasl - Type : ACT_GATHER_INFO |
| 2008-10-01 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-5640.nasl - Type : ACT_GATHER_INFO |
| 2008-10-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5644.nasl - Type : ACT_GATHER_INFO |
| 2008-09-29 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-8399.nasl - Type : ACT_GATHER_INFO |
| 2008-09-29 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8401.nasl - Type : ACT_GATHER_INFO |
| 2008-09-29 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-8425.nasl - Type : ACT_GATHER_INFO |
| 2008-09-29 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8429.nasl - Type : ACT_GATHER_INFO |
| 2008-09-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-270-01.nasl - Type : ACT_GATHER_INFO |
| 2008-09-26 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-269-01.nasl - Type : ACT_GATHER_INFO |
| 2008-09-26 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-269-02.nasl - Type : ACT_GATHER_INFO |
| 2008-09-26 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20017.nasl - Type : ACT_GATHER_INFO |
| 2008-09-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0882.nasl - Type : ACT_GATHER_INFO |
| 2008-09-24 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2273879e8a2f11dda6fe0030843d3802.nasl - Type : ACT_GATHER_INFO |
| 2008-09-24 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_20017.nasl - Type : ACT_GATHER_INFO |
| 2008-09-24 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_302.nasl - Type : ACT_GATHER_INFO |
| 2008-09-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0879.nasl - Type : ACT_GATHER_INFO |
| 2008-09-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0882.nasl - Type : ACT_GATHER_INFO |
| 2008-09-24 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_1112.nasl - Type : ACT_GATHER_INFO |
| 2008-08-07 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200808-03.nasl - Type : ACT_GATHER_INFO |
| 2008-07-10 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-191-03.nasl - Type : ACT_GATHER_INFO |
| 2008-07-02 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_1110.nasl - Type : ACT_GATHER_INFO |
| 2008-06-09 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-5280.nasl - Type : ACT_GATHER_INFO |
| 2008-06-09 | Name : The remote openSUSE host is missing a security update. File : suse_epiphany-5293.nasl - Type : ACT_GATHER_INFO |
| 2008-05-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200805-18.nasl - Type : ACT_GATHER_INFO |
| 2008-05-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3519.nasl - Type : ACT_GATHER_INFO |
| 2008-05-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3557.nasl - Type : ACT_GATHER_INFO |
| 2008-05-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1562.nasl - Type : ACT_GATHER_INFO |
| 2008-05-01 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0224.nasl - Type : ACT_GATHER_INFO |
| 2008-05-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5218.nasl - Type : ACT_GATHER_INFO |
| 2008-05-01 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-5219.nasl - Type : ACT_GATHER_INFO |
| 2008-04-28 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1558.nasl - Type : ACT_GATHER_INFO |
| 2008-04-28 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_67bd39ba12b511ddbab70016179b2dd5.nasl - Type : ACT_GATHER_INFO |
| 2008-04-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1555.nasl - Type : ACT_GATHER_INFO |
| 2008-04-25 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3231.nasl - Type : ACT_GATHER_INFO |
| 2008-04-25 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-3249.nasl - Type : ACT_GATHER_INFO |
| 2008-04-25 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3264.nasl - Type : ACT_GATHER_INFO |
| 2008-04-25 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-3283.nasl - Type : ACT_GATHER_INFO |
| 2008-04-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-602-1.nasl - Type : ACT_GATHER_INFO |
| 2008-04-22 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-108-01.nasl - Type : ACT_GATHER_INFO |
| 2008-04-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0222.nasl - Type : ACT_GATHER_INFO |
| 2008-04-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0223.nasl - Type : ACT_GATHER_INFO |
| 2008-04-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0222.nasl - Type : ACT_GATHER_INFO |
| 2008-04-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0223.nasl - Type : ACT_GATHER_INFO |
| 2008-04-17 | Name : The remote Windows host contains a web browser that may allow arbitrary code ... File : mozilla_firefox_20014.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:28:06 |
|
