Executive Summary
Summary | |
---|---|
Title | New iceape packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-1697 | First vendor Publication | 2009-01-07 |
Vendor | Debian | Last vendor Modification | 2009-01-07 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several remote vulnerabilities have been discovered in Iceape an unbranded version of the Seamonkey internet suite. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-0016 Justin Schuh, Tom Cross and Peter Williams discovered a buffer overflow in the parser for UTF-8 URLs, which may lead to the execution of arbitrary code. (MFSA 2008-37) CVE-2008-0304 It was discovered that a buffer overflow in MIME decoding can lead to the execution of arbitrary code. (MFSA 2008-26) CVE-2008-2785 It was discovered that missing boundary checks on a reference counter for CSS objects can lead to the execution of arbitrary code. (MFSA 2008-34) CVE-2008-2798 Devon Hubbard, Jesse Ruderman and Martijn Wargers discovered crashes in the layout engine, which might allow the execution of arbitrary code. (MFSA 2008-21) CVE-2008-2799 Igor Bukanov, Jesse Ruderman and Gary Kwong discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. (MFSA 2008-21) CVE-2008-2800 "moz_bug_r_a4" discovered several cross-site scripting vulnerabilities. (MFSA 2008-22) CVE-2008-2801 Collin Jackson and Adam Barth discovered that Javascript code could be executed in the context or signed JAR archives. (MFSA 2008-23) CVE-2008-2802 "moz_bug_r_a4" discovered that XUL documements can escalate privileges by accessing the pre-compiled "fastload" file. (MFSA 2008-24) CVE-2008-2803 "moz_bug_r_a4" discovered that missing input sanitising in the mozIJSSubScriptLoader.loadSubScript() function could lead to the execution of arbitrary code. Iceape itself is not affected, but some addons are. (MFSA 2008-25) CVE-2008-2805 Claudio Santambrogio discovered that missing access validation in DOM parsing allows malicious web sites to force the browser to upload local files to the server, which could lead to information disclosure. (MFSA 2008-27) CVE-2008-2807 Daniel Glazman discovered that a programming error in the code for parsing .properties files could lead to memory content being exposed to addons, which could lead to information disclosure. (MFSA 2008-29) CVE-2008-2808 Masahiro Yamada discovered that file URLS in directory listings were insufficiently escaped. (MFSA 2008-30) CVE-2008-2809 John G. Myers, Frank Benkstein and Nils Toedtmann discovered that alternate names on self-signed certificates were handled insufficiently, which could lead to spoofings of secure connections. (MFSA 2008-31) CVE-2008-2810 It was discovered that URL shortcut files could be used to bypass the same-origin restrictions. This issue does not affect current Iceape, but might occur with additional extensions installed. (MFSA 2008-32) CVE-2008-2811 Greg McManus discovered a crash in the block reflow code, which might allow the execution of arbitrary code. (MFSA 2008-33) CVE-2008-2933 Billy Rios discovered that passing an URL containing a pipe symbol to Iceape can lead to Chrome privilege escalation. (MFSA 2008-35) CVE-2008-3835 "moz_bug_r_a4" discovered that the same-origin check in nsXMLDocument::OnChannelRedirect() could be bypassed. (MFSA 2008-38) CVE-2008-3836 "moz_bug_r_a4" discovered that several vulnerabilities in feedWriter could lead to Chrome privilege escalation. (MFSA 2008-39) CVE-2008-3837 Paul Nickerson discovered that an attacker could move windows during a mouse click, resulting in unwanted action triggered by drag-and-drop. (MFSA 2008-40) CVE-2008-4058 "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. (MFSA 2008-41) CVE-2008-4059 "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. (MFSA 2008-41) CVE-2008-4060 Olli Pettay and "moz_bug_r_a4" discovered a Chrome privilege escalation vulnerability in XSLT handling. (MFSA 2008-41) CVE-2008-4061 Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. (MFSA 2008-42) CVE-2008-4062 Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. (MFSA 2008-42) CVE-2008-4065 Dave Reed discovered that some Unicode byte order marks are stripped from Javascript code before execution, which can result in code being executed, which were otherwise part of a quoted string. (MFSA 2008-43) CVE-2008-4067 Boris Zbarsky discovered that resource: URls allow directory traversal when using URL-encoded slashes. (MFSA 2008-44) CVE-2008-4068 Georgi Guninski discovered that resource: URLs could bypass local access restrictions. (MFSA 2008-44) CVE-2008-4069 Billy Hoffman discovered that the XBM decoder could reveal uninitialised memory. (MFSA 2008-45) CVE-2008-4070 It was discovered that a buffer overflow could be triggered via a long header in a news article, which could lead to arbitrary code execution. (MFSA 2008-46) CVE-2008-5012 Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions. (MFSA 2008-48) CVE-2008-5013 It was discovered that insufficient checks in the Flash plugin glue code could lead to arbitrary code execution. (MFSA 2008-49) CVE-2008-5014 Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution. (MFSA 2008-50) CVE-2008-5017 It was discovered that crashes in the layout engine could lead to arbitrary code execution. (MFSA 2008-52) CVE-2008-0017 Justin Schuh discovered that a buffer overflow in http-index-format parser could lead to arbitrary code execution. (MFSA 2008-54) CVE-2008-5021 It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code. (MFSA 2008-55) CVE-2008-5022 "moz_bug_r_a4" discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners() could be bypassed. (MFSA 2008-56) CVE-2008-5024 Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents. (MFSA 2008-58) CVE-2008-4582 Liu Die Yu discovered an information leak through local shortcut files. (MFSA 2008-59) CVE-2008-5500 Jesse Ruderman discovered that the layout engine is vulnerable to DoS attacks that might trigger memory corruption and an integer overflow. (MFSA 2008-60) CVE-2008-5503 Boris Zbarsky discovered that an information disclosure attack could be performed via XBL bindings. (MFSA 2008-61) CVE-2008-5506 Marius Schilder discovered that it is possible to obtain sensible data via a XMLHttpRequest. (MFSA 2008-64) CVE-2008-5507 Chris Evans discovered that it is possible to obtain sensible data via a JavaScript URL. (MFSA 2008-65) CVE-2008-5508 Chip Salzenberg discovered possible phishing attacks via URLs with leading whitespaces or control characters. (MFSA 2008-66) CVE-2008-5511 It was discovered that it is possible to perform cross-site scripting attacks via an XBL binding to an "unloaded document." (MFSA 2008-68) CVE-2008-5512 It was discovered that it is possible to run arbitrary JavaScript with chrome privileges via unknown vectors. (MFSA 2008-68) For the stable distribution (etch) these problems have been fixed in version 1.0.13~pre080614i-0etch1. For the upcoming stable distribution (lenny) distribution these problems will be fixed soon. For the unstable (sid) distribution these problems have been fixed in version 1.1.14-1. We recommend that you upgrade your iceape packages. |
Original Source
Url : http://www.debian.org/security/2009/dsa-1697 |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-26 | Leveraging Race Conditions |
CAPEC-29 | Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions |
CAPEC-172 | Time and State Attacks |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
26 % | CWE-264 | Permissions, Privileges, and Access Controls |
14 % | CWE-399 | Resource Management Errors |
12 % | CWE-20 | Improper Input Validation |
9 % | CWE-200 | Information Exposure |
9 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
9 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
7 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
5 % | CWE-287 | Improper Authentication |
5 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
2 % | CWE-362 | Race Condition |
2 % | CWE-91 | XML Injection (aka Blind XPath Injection) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10205 | |||
Oval ID: | oval:org.mitre.oval:def:10205 | ||
Title: | Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site. | ||
Description: | Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-2809 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10206 | |||
Oval ID: | oval:org.mitre.oval:def:10206 | ||
Title: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine and (1) misinterpretation of the characteristics of Namespace and QName in jsxml.c, (2) misuse of signed integers in the nsEscapeCount function in nsEscape.cpp, and (3) interaction of JavaScript garbage collection with certain use of an NPObject in the nsNPObjWrapper::GetNewOrUsed function in nsJSNPRuntime.cpp. | ||
Description: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine and (1) misinterpretation of the characteristics of Namespace and QName in jsxml.c, (2) misuse of signed integers in the nsEscapeCount function in nsEscape.cpp, and (3) interaction of JavaScript garbage collection with certain use of an NPObject in the nsNPObjWrapper::GetNewOrUsed function in nsJSNPRuntime.cpp. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4062 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10750 | |||
Oval ID: | oval:org.mitre.oval:def:10750 | ||
Title: | Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin policy and access arbitrary images that are not directly accessible to the attacker. NOTE: this issue can be leveraged to enumerate software on the client by performing redirections related to moz-icon. | ||
Description: | Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin policy and access arbitrary images that are not directly accessible to the attacker. NOTE: this issue can be leveraged to enumerate software on the client by performing redirections related to moz-icon. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-5012 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10933 | |||
Oval ID: | oval:org.mitre.oval:def:10933 | ||
Title: | Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages." | ||
Description: | Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4070 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11075 | |||
Oval ID: | oval:org.mitre.oval:def:11075 | ||
Title: | Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message preview. | ||
Description: | Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message preview. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-0304 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11423 | |||
Oval ID: | oval:org.mitre.oval:def:11423 | ||
Title: | The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote attackers to read or access data from other domains via crafted XBL bindings. | ||
Description: | The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote attackers to read or access data from other domains via crafted XBL bindings. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-5503 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11618 | |||
Oval ID: | oval:org.mitre.oval:def:11618 | ||
Title: | Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of URIs that is not entirely handled by a vector application, as exploited in conjunction with CVE-2008-2540. NOTE: this issue exists because of an insufficient fix for CVE-2005-2267. | ||
Description: | Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of URIs that is not entirely handled by a vector application, as exploited in conjunction with CVE-2008-2540. NOTE: this issue exists because of an insufficient fix for CVE-2005-2267. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-2933 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12973 | |||
Oval ID: | oval:org.mitre.oval:def:12973 | ||
Title: | DSA-1696-1 icedove -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-0016 Justin Schuh, Tom Cross and Peter Williams discovered a buffer overflow in the parser for UTF-8 URLs, which may lead to the execution of arbitrary code. CVE-2008-1380 It was discovered that crashes in the Javascript engine could potentially lead to the execution of arbitrary code. CVE-2008-3835 "moz_bug_r_a4" discovered that the same-origin check in nsXMLDocument::OnChannelRedirect could be bypassed. CVE-2008-4058 "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. CVE-2008-4059 "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. CVE-2008-4060 Olli Pettay and "moz_bug_r_a4" discovered a Chrome privilege escalation vulnerability in XSLT handling. CVE-2008-4061 Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. CVE-2008-4062 Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. CVE-2008-4065 Dave Reed discovered that some Unicode byte order marks are stripped from Javascript code before execution, which can result in code being executed, which were otherwise part of a quoted string. CVE-2008-4067 It was discovered that a directory traversal allows attackers to read arbitrary files via a certain characters. CVE-2008-4068 It was discovered that a directory traversal allows attackers to bypass security restrictions and obtain sensitive information. CVE-2008-4070 It was discovered that a buffer overflow could be triggered via a long header in a news article, which could lead to arbitrary code execution. CVE-2008-4582 Liu Die Yu and Boris Zbarsky discovered an information leak through local shortcut files. CVE-2008-5012 Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions. CVE-2008-5014 Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution. CVE-2008-5017 It was discovered that crashes in the layout engine could lead to arbitrary code execution. CVE-2008-5018 It was discovered that crashes in the Javascript engine could lead to arbitrary code execution. CVE-2008-5021 It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code. CVE-2008-5022 "moz_bug_r_a4" discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners could be bypassed. CVE-2008-5024 Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents. CVE-2008-5500 Jesse Ruderman discovered that the layout engine is vulnerable to DoS attacks that might trigger memory corruption and an integer overflow. CVE-2008-5503 Boris Zbarsky discovered that an information disclosure attack could be performed via XBL bindings. CVE-2008-5506 Marius Schilder discovered that it is possible to obtain sensible data via a XMLHttpRequest. CVE-2008-5507 Chris Evans discovered that it is possible to obtain sensible data via a JavaScript URL. CVE-2008-5508 Chip Salzenberg discovered possible phishing attacks via URLs with leading whitespaces or control characters. CVE-2008-5511 It was discovered that it is possible to perform cross-site scripting attacks via an XBL binding to an "unloaded document." CVE-2008-5512 It was discovered that it is possible to run arbitrary JavaScript with chrome privileges via unknown vectors. For the stable distribution these problems have been fixed in version 1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1. Packages for s390 will be provided later. For the upcoming stable distribution these problems will be fixed soon. For the unstable distribution these problems have been fixed in version 2.0.0.19-1. We recommend that you upgrade your icedove packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1696-1 CVE-2008-0016 CVE-2008-1380 CVE-2008-3835 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4067 CVE-2008-4068 CVE-2008-4070 CVE-2008-4582 CVE-2008-5012 CVE-2008-5014 CVE-2008-5017 CVE-2008-5018 CVE-2008-5021 CVE-2008-5022 CVE-2008-5024 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5508 CVE-2008-5511 CVE-2008-5512 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | icedove |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13213 | |||
Oval ID: | oval:org.mitre.oval:def:13213 | ||
Title: | USN-701-2 -- mozilla-thunderbird vulnerabilities | ||
Description: | Several flaws were discovered in the browser engine. If a user had Javascript enabled, these problems could allow an attacker to crash Thunderbird and possibly execute arbitrary code with user privileges. Boris Zbarsky discovered that the same-origin check in Thunderbird could be bypassed by utilizing XBL-bindings. If a user had Javascript enabled, an attacker could exploit this to read data from other domains. Marius Schilder discovered that Thunderbird did not properly handle redirects to an outside domain when an XMLHttpRequest was made to a same-origin resource. When Javascript is enabled, it�s possible that sensitive information could be revealed in the XMLHttpRequest response. Chris Evans discovered that Thunderbird did not properly protect a user�s data when accessing a same-domain Javascript URL that is redirected to an unparsable Javascript off-site resource. If a user were tricked into opening a malicious website and had Javascript enabled, an attacker may be able to steal a limited amount of private data. Chip Salzenberg, Justin Schuh, Tom Cross, and Peter William discovered Thunderbird did not properly parse URLs when processing certain control characters. Several flaws were discovered in the Javascript engine. If a user were tricked into opening a malicious website and had Javascript enabled, an attacker could exploit this to execute arbitrary Javascript code within the context of another website or with chrome privileges | ||
Family: | unix | Class: | patch |
Reference(s): | USN-701-2 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5508 CVE-2008-5511 CVE-2008-5512 | Version: | 5 |
Platform(s): | Ubuntu 6.06 | Product(s): | mozilla-thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13233 | |||
Oval ID: | oval:org.mitre.oval:def:13233 | ||
Title: | USN-701-1 -- thunderbird vulnerabilities | ||
Description: | Several flaws were discovered in the browser engine. If a user had Javascript enabled, these problems could allow an attacker to crash Thunderbird and possibly execute arbitrary code with user privileges. Boris Zbarsky discovered that the same-origin check in Thunderbird could be bypassed by utilizing XBL-bindings. If a user had Javascript enabled, an attacker could exploit this to read data from other domains. Marius Schilder discovered that Thunderbird did not properly handle redirects to an outside domain when an XMLHttpRequest was made to a same-origin resource. When Javascript is enabled, it�s possible that sensitive information could be revealed in the XMLHttpRequest response. Chris Evans discovered that Thunderbird did not properly protect a user�s data when accessing a same-domain Javascript URL that is redirected to an unparsable Javascript off-site resource. If a user were tricked into opening a malicious website and had Javascript enabled, an attacker may be able to steal a limited amount of private data. Chip Salzenberg, Justin Schuh, Tom Cross, and Peter William discovered Thunderbird did not properly parse URLs when processing certain control characters. Kojima Hajime discovered that Thunderbird did not properly handle an escaped null character. An attacker may be able to exploit this flaw to bypass script sanitization. Several flaws were discovered in the Javascript engine. If a user were tricked into opening a malicious website and had Javascript enabled, an attacker could exploit this to execute arbitrary Javascript code within the context of another website or with chrome privileges | ||
Family: | unix | Class: | patch |
Reference(s): | USN-701-1 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5508 CVE-2008-5510 CVE-2008-5511 CVE-2008-5512 | Version: | 5 |
Platform(s): | Ubuntu 7.10 Ubuntu 8.10 Ubuntu 8.04 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13245 | |||
Oval ID: | oval:org.mitre.oval:def:13245 | ||
Title: | DSA-1697-1 iceape -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in Iceape an unbranded version of the Seamonkey internet suite. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-0016 Justin Schuh, Tom Cross and Peter Williams discovered a buffer overflow in the parser for UTF-8 URLs, which may lead to the execution of arbitrary code. CVE-2008-0304 It was discovered that a buffer overflow in MIME decoding can lead to the execution of arbitrary code. CVE-2008-2785 It was discovered that missing boundary checks on a reference counter for CSS objects can lead to the execution of arbitrary code. CVE-2008-2798 Devon Hubbard, Jesse Ruderman and Martijn Wargers discovered crashes in the layout engine, which might allow the execution of arbitrary code. CVE-2008-2799 Igor Bukanov, Jesse Ruderman and Gary Kwong discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. CVE-2008-2800 "moz_bug_r_a4" discovered several cross-site scripting vulnerabilities. CVE-2008-2801 Collin Jackson and Adam Barth discovered that Javascript code could be executed in the context or signed JAR archives. CVE-2008-2802 "moz_bug_r_a4" discovered that XUL documements can escalate privileges by accessing the pre-compiled "fastload" file. CVE-2008-2803 "moz_bug_r_a4" discovered that missing input sanitising in the mozIJSSubScriptLoader.loadSubScript function could lead to the execution of arbitrary code. Iceape itself is not affected, but some addons are. CVE-2008-2805 Claudio Santambrogio discovered that missing access validation in DOM parsing allows malicious web sites to force the browser to upload local files to the server, which could lead to information disclosure. CVE-2008-2807 Daniel Glazman discovered that a programming error in the code for parsing .properties files could lead to memory content being exposed to addons, which could lead to information disclosure. CVE-2008-2808 Masahiro Yamada discovered that file URLS in directory listings were insufficiently escaped. CVE-2008-2809 John G. Myers, Frank Benkstein and Nils Toedtmann discovered that alternate names on self-signed certificates were handled insufficiently, which could lead to spoofings of secure connections. CVE-2008-2810 It was discovered that URL shortcut files could be used to bypass the same-origin restrictions. This issue does not affect current Iceape, but might occur with additional extensions installed. CVE-2008-2811 Greg McManus discovered a crash in the block reflow code, which might allow the execution of arbitrary code. CVE-2008-2933 Billy Rios discovered that passing an URL containing a pipe symbol to Iceape can lead to Chrome privilege escalation. CVE-2008-3835 "moz_bug_r_a4" discovered that the same-origin check in nsXMLDocument::OnChannelRedirect could be bypassed. CVE-2008-3836 "moz_bug_r_a4" discovered that several vulnerabilities in feedWriter could lead to Chrome privilege escalation. CVE-2008-3837 Paul Nickerson discovered that an attacker could move windows during a mouse click, resulting in unwanted action triggered by drag-and-drop. CVE-2008-4058 "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. CVE-2008-4059 "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. CVE-2008-4060 Olli Pettay and "moz_bug_r_a4" discovered a Chrome privilege escalation vulnerability in XSLT handling. CVE-2008-4061 Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. CVE-2008-4062 Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. CVE-2008-4065 Dave Reed discovered that some Unicode byte order marks are stripped from Javascript code before execution, which can result in code being executed, which were otherwise part of a quoted string. CVE-2008-4067 Boris Zbarsky discovered that resource: URls allow directory traversal when using URL-encoded slashes. CVE-2008-4068 Georgi Guninski discovered that resource: URLs could bypass local access restrictions. CVE-2008-4069 Billy Hoffman discovered that the XBM decoder could reveal uninitialised memory. CVE-2008-4070 It was discovered that a buffer overflow could be triggered via a long header in a news article, which could lead to arbitrary code execution. CVE-2008-5012 Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions. CVE-2008-5013 It was discovered that insufficient checks in the Flash plugin glue code could lead to arbitrary code execution. CVE-2008-5014 Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution. CVE-2008-5017 It was discovered that crashes in the layout engine could lead to arbitrary code execution. CVE-2008-0017 Justin Schuh discovered that a buffer overflow in http-index-format parser could lead to arbitrary code execution. CVE-2008-5021 It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code. CVE-2008-5022 "moz_bug_r_a4" discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners could be bypassed. CVE-2008-5024 Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents. CVE-2008-4582 Liu Die Yu discovered an information leak through local shortcut files. CVE-2008-5500 Jesse Ruderman discovered that the layout engine is vulnerable to DoS attacks that might trigger memory corruption and an integer overflow. CVE-2008-5503 Boris Zbarsky discovered that an information disclosure attack could be performed via XBL bindings. CVE-2008-5506 Marius Schilder discovered that it is possible to obtain sensible data via a XMLHttpRequest. CVE-2008-5507 Chris Evans discovered that it is possible to obtain sensible data via a JavaScript URL. CVE-2008-5508 Chip Salzenberg discovered possible phishing attacks via URLs with leading whitespaces or control characters. CVE-2008-5511 It was discovered that it is possible to perform cross-site scripting attacks via an XBL binding to an "unloaded document." CVE-2008-5512 It was discovered that it is possible to run arbitrary JavaScript with chrome privileges via unknown vectors. For the stable distribution these problems have been fixed in version 1.0.13~pre080614i-0etch1. For the upcoming stable distribution distribution these problems will be fixed soon. For the unstable distribution these problems have been fixed in version 1.1.14-1. We recommend that you upgrade your iceape packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1697-1 CVE-2008-0016 CVE-2008-0304 CVE-2008-2785 CVE-2008-2798 CVE-2008-2799 CVE-2008-2800 CVE-2008-2801 CVE-2008-2802 CVE-2008-2803 CVE-2008-2805 CVE-2008-2807 CVE-2008-2808 CVE-2008-2809 CVE-2008-2810 CVE-2008-2811 CVE-2008-2933 CVE-2008-3835 CVE-2008-3836 CVE-2008-3837 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4067 CVE-2008-4068 CVE-2008-4069 CVE-2008-4070 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5017 CVE-2008-0017 CVE-2008-5021 CVE-2008-5024 CVE-2008-5022 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5508 CVE-2008-5511 CVE-2008-5512 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceape |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13754 | |||
Oval ID: | oval:org.mitre.oval:def:13754 | ||
Title: | DSA-1704-2 netatalk -- arbitrary code execution | ||
Description: | The update in DSA 1704-1 was incomplete as it missed to escape a few important characters which enabled an attacker to overwrite arbitrary files. It was discovered that netatalk, an implementation of the AppleTalk suite, is affected by a command injection vulnerability when processing PostScript streams via papd. This is leading to arbitrary remote code execution. Note that this only affects installations that are configured to use a pipe command in combination with wildcard symbols substituted with values of the printed job. For the stable distribution this problem has been fixed in version 2.0.3-4+etch2. For the unstable distribution this problem has been fixed in version 2.0.4~beta2-1.1. We recommend that you upgrade your netatalk package. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1704-2 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5508 CVE-2008-5511 CVE-2008-5512 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | netatalk |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16973 | |||
Oval ID: | oval:org.mitre.oval:def:16973 | ||
Title: | USN-690-3 -- firefox vulnerabilities | ||
Description: | Several flaws were discovered in the browser engine. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-690-3 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5511 CVE-2008-5512 | Version: | 7 |
Platform(s): | Ubuntu 6.06 | Product(s): | firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17505 | |||
Oval ID: | oval:org.mitre.oval:def:17505 | ||
Title: | USN-619-1 -- firefox vulnerabilities | ||
Description: | Various flaws were discovered in the browser engine. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-619-1 CVE-2008-2798 CVE-2008-2799 CVE-2008-2800 CVE-2008-2801 CVE-2008-2802 CVE-2008-2803 CVE-2008-2805 CVE-2008-2806 CVE-2008-2807 CVE-2008-2808 CVE-2008-2809 CVE-2008-2810 CVE-2008-2811 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17610 | |||
Oval ID: | oval:org.mitre.oval:def:17610 | ||
Title: | USN-647-1 -- mozilla-thunderbird, thunderbird vulnerabilities | ||
Description: | It was discovered that the same-origin check in Thunderbird could be bypassed. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-647-1 CVE-2008-3835 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4063 CVE-2008-4064 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4070 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | mozilla-thunderbird thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17616 | |||
Oval ID: | oval:org.mitre.oval:def:17616 | ||
Title: | USN-667-1 -- firefox, firefox-3.0, xulrunner-1.9 vulnerabilities | ||
Description: | Liu Die Yu discovered an information disclosure vulnerability in Firefox when using saved .url shortcut files. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-667-1 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5015 CVE-2008-5016 CVE-2008-5017 CVE-2008-5018 CVE-2008-5019 CVE-2008-0017 CVE-2008-5021 CVE-2008-5022 CVE-2008-5023 CVE-2008-5024 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.10 Ubuntu 8.04 Ubuntu 8.10 | Product(s): | firefox firefox-3.0 xulrunner-1.9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17626 | |||
Oval ID: | oval:org.mitre.oval:def:17626 | ||
Title: | USN-645-1 -- firefox, firefox-3.0, xulrunner-1.9 vulnerabilities | ||
Description: | Justin Schuh, Tom Cross and Peter Williams discovered errors in the Firefox URL parsing routines. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-645-1 CVE-2008-0016 CVE-2008-3835 CVE-2008-3836 CVE-2008-3837 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4063 CVE-2008-4064 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4069 | Version: | 7 |
Platform(s): | Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | firefox firefox-3.0 xulrunner-1.9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17644 | |||
Oval ID: | oval:org.mitre.oval:def:17644 | ||
Title: | USN-626-2 -- devhelp, epiphany-browser, midbrowser, yelp update | ||
Description: | USN-626-1 fixed vulnerabilities in xulrunner-1.9. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-626-2 CVE-2008-2785 CVE-2008-2933 | Version: | 7 |
Platform(s): | Ubuntu 8.04 | Product(s): | devhelp epiphany-browser midbrowser yelp |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17661 | |||
Oval ID: | oval:org.mitre.oval:def:17661 | ||
Title: | USN-645-3 -- firefox-3.0, xulrunner-1.9 regression | ||
Description: | USN-645-1 fixed vulnerabilities in Firefox and xulrunner. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-645-3 CVE-2008-0016 CVE-2008-3835 CVE-2008-3836 CVE-2008-3837 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4063 CVE-2008-4064 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4069 | Version: | 7 |
Platform(s): | Ubuntu 8.04 | Product(s): | firefox-3.0 xulrunner-1.9 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17681 | |||
Oval ID: | oval:org.mitre.oval:def:17681 | ||
Title: | USN-623-1 -- firefox vulnerabilities | ||
Description: | A flaw was discovered in the browser engine. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-623-1 CVE-2008-2785 CVE-2008-2933 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17765 | |||
Oval ID: | oval:org.mitre.oval:def:17765 | ||
Title: | USN-629-1 -- mozilla-thunderbird, thunderbird vulnerabilities | ||
Description: | Various flaws were discovered in the browser engine. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-629-1 CVE-2008-2798 CVE-2008-2799 CVE-2008-2802 CVE-2008-2803 CVE-2008-2807 CVE-2008-2809 CVE-2008-2811 CVE-2008-2785 CVE-2008-0304 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | mozilla-thunderbird thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17769 | |||
Oval ID: | oval:org.mitre.oval:def:17769 | ||
Title: | USN-645-2 -- firefox vulnerabilities | ||
Description: | USN-645-1 fixed vulnerabilities in Firefox and xulrunner for Ubuntu 7.04, 7.10 and 8.04 LTS. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-645-2 CVE-2008-0016 CVE-2008-3835 CVE-2008-3836 CVE-2008-3837 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4063 CVE-2008-4064 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4069 | Version: | 7 |
Platform(s): | Ubuntu 6.06 | Product(s): | firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17791 | |||
Oval ID: | oval:org.mitre.oval:def:17791 | ||
Title: | DSA-1704-1 xulrunner - several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1704-1 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5508 CVE-2008-5511 CVE-2008-5512 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17848 | |||
Oval ID: | oval:org.mitre.oval:def:17848 | ||
Title: | USN-668-1 -- mozilla-thunderbird, thunderbird vulnerabilities | ||
Description: | Georgi Guninski, Michal Zalewsk and Chris Evans discovered that the same-origin check in Thunderbird could be bypassed. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-668-1 CVE-2008-5012 CVE-2008-5014 CVE-2008-5016 CVE-2008-5017 CVE-2008-5018 CVE-2008-5021 CVE-2008-5022 CVE-2008-5024 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.10 Ubuntu 8.04 Ubuntu 8.10 | Product(s): | mozilla-thunderbird thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18500 | |||
Oval ID: | oval:org.mitre.oval:def:18500 | ||
Title: | DSA-1615-1 xulrunner - several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1615-1 CVE-2008-2785 CVE-2008-2798 CVE-2008-2799 CVE-2008-2800 CVE-2008-2801 CVE-2008-2802 CVE-2008-2803 CVE-2008-2805 CVE-2008-2807 CVE-2008-2808 CVE-2008-2809 CVE-2008-2811 CVE-2008-2933 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18570 | |||
Oval ID: | oval:org.mitre.oval:def:18570 | ||
Title: | DSA-1621-1 icedove - several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1621-1 CVE-2008-0304 CVE-2008-2785 CVE-2008-2798 CVE-2008-2799 CVE-2008-2802 CVE-2008-2803 CVE-2008-2807 CVE-2008-2809 CVE-2008-2811 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | icedove |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:19874 | |||
Oval ID: | oval:org.mitre.oval:def:19874 | ||
Title: | DSA-1669-1 xulrunner - several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1669-1 CVE-2008-0016 CVE-2008-3835 CVE-2008-3836 CVE-2008-3837 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4069 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5017 CVE-2008-5018 CVE-2008-0017 CVE-2008-5021 CVE-2008-5022 CVE-2008-5023 CVE-2008-5024 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:19875 | |||
Oval ID: | oval:org.mitre.oval:def:19875 | ||
Title: | DSA-1614-1 iceweasel - several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1614-1 CVE-2008-2785 CVE-2008-2933 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:19884 | |||
Oval ID: | oval:org.mitre.oval:def:19884 | ||
Title: | DSA-1649-1 iceweasel - several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1649-1 CVE-2008-0016 CVE-2008-3835 CVE-2008-3836 CVE-2008-3837 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4069 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20161 | |||
Oval ID: | oval:org.mitre.oval:def:20161 | ||
Title: | DSA-1671-1 iceweasel - several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Iceweasel webbrowser, an unbranded version of the Firefox browser. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1671-1 CVE-2008-0017 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5017 CVE-2008-5018 CVE-2008-5021 CVE-2008-5022 CVE-2008-5023 CVE-2008-5024 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20284 | |||
Oval ID: | oval:org.mitre.oval:def:20284 | ||
Title: | DSA-1607-1 iceweasel - several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1607-1 CVE-2008-2798 CVE-2008-2799 CVE-2008-2800 CVE-2008-2801 CVE-2008-2802 CVE-2008-2803 CVE-2008-2805 CVE-2008-2807 CVE-2008-2808 CVE-2008-2809 CVE-2008-2811 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22266 | |||
Oval ID: | oval:org.mitre.oval:def:22266 | ||
Title: | ELSA-2008:0616: thunderbird security update (Moderate) | ||
Description: | The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display requires more pixels than nscoord_MAX, related to nsBlockFrame::DrainOverflowLines. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0616-01 CVE-2008-2785 CVE-2008-2798 CVE-2008-2799 CVE-2008-2800 CVE-2008-2801 CVE-2008-2802 CVE-2008-2803 CVE-2008-2805 CVE-2008-2807 CVE-2008-2808 CVE-2008-2809 CVE-2008-2810 CVE-2008-2811 | Version: | 57 |
Platform(s): | Oracle Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22654 | |||
Oval ID: | oval:org.mitre.oval:def:22654 | ||
Title: | ELSA-2008:0569: firefox security update (Critical) | ||
Description: | The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display requires more pixels than nscoord_MAX, related to nsBlockFrame::DrainOverflowLines. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0569-01 CVE-2008-2798 CVE-2008-2799 CVE-2008-2800 CVE-2008-2801 CVE-2008-2802 CVE-2008-2803 CVE-2008-2805 CVE-2008-2807 CVE-2008-2808 CVE-2008-2809 CVE-2008-2810 CVE-2008-2811 | Version: | 53 |
Platform(s): | Oracle Linux 5 | Product(s): | devhelp firefox xulrunner yelp |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22664 | |||
Oval ID: | oval:org.mitre.oval:def:22664 | ||
Title: | ELSA-2008:0908: thunderbird security update (Moderate) | ||
Description: | Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0908-01 CVE-2008-0016 CVE-2008-3835 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4070 | Version: | 53 |
Platform(s): | Oracle Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28693 | |||
Oval ID: | oval:org.mitre.oval:def:28693 | ||
Title: | RHSA-2008:0908 -- thunderbird security update (Moderate) | ||
Description: | Updated thunderbird packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird. (CVE-2008-0016, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0908 CESA-2008:0908-CentOS 5 CVE-2008-0016 CVE-2008-3835 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4070 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28716 | |||
Oval ID: | oval:org.mitre.oval:def:28716 | ||
Title: | RHSA-2008:0616 -- thunderbird security update (Moderate) | ||
Description: | Updated thunderbird packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Multiple flaws were found in the processing of malformed JavaScript content. An HTML mail containing such malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird. (CVE-2008-2801, CVE-2008-2802, CVE-2008-2803) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0616 CESA-2008:0616-CentOS 5 CVE-2008-2785 CVE-2008-2798 CVE-2008-2799 CVE-2008-2800 CVE-2008-2801 CVE-2008-2802 CVE-2008-2803 CVE-2008-2805 CVE-2008-2807 CVE-2008-2808 CVE-2008-2809 CVE-2008-2810 CVE-2008-2811 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29008 | |||
Oval ID: | oval:org.mitre.oval:def:29008 | ||
Title: | RHSA-2008:0879 -- firefox security update (Critical) | ||
Description: | All firefox users should upgrade to this updated package, which contains backported patches that correct these issues. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0879 CESA-2008:0879-CentOS 5 CVE-2008-3837 CVE-2008-4058 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4063 CVE-2008-4064 CVE-2008-4065 CVE-2008-4067 CVE-2008-4068 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 CentOS Linux 5 | Product(s): | firefox devhelp nss xulrunner yelp |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29028 | |||
Oval ID: | oval:org.mitre.oval:def:29028 | ||
Title: | RHSA-2008:0569 -- firefox security update (Critical) | ||
Description: | Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Multiple flaws were found in the processing of malformed JavaScript content. A web page containing such malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-2801, CVE-2008-2802, CVE-2008-2803) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0569 CESA-2008:0569-CentOS 5 CVE-2008-2798 CVE-2008-2799 CVE-2008-2800 CVE-2008-2801 CVE-2008-2802 CVE-2008-2803 CVE-2008-2805 CVE-2008-2807 CVE-2008-2808 CVE-2008-2809 CVE-2008-2810 CVE-2008-2811 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | devhelp firefox xulrunner yelp |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29237 | |||
Oval ID: | oval:org.mitre.oval:def:29237 | ||
Title: | RHSA-2008:0978 -- firefox security update (Critical) | ||
Description: | All firefox users should upgrade to these updated packages, which contain backported patches that correct these issues. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0978 CESA-2008:0978-CentOS 5 CVE-2008-0017 CVE-2008-5014 CVE-2008-5015 CVE-2008-5016 CVE-2008-5017 CVE-2008-5018 CVE-2008-5019 CVE-2008-5021 CVE-2008-5022 CVE-2008-5023 CVE-2008-5024 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 CentOS Linux 5 | Product(s): | firefox nss devhelp xulrunner yelp |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7461 | |||
Oval ID: | oval:org.mitre.oval:def:7461 | ||
Title: | DSA-1614 iceweasel -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that missing boundary checks on a reference counter for CSS objects can lead to the execution of arbitrary code. Billy Rios discovered that passing an URL containing a pipe symbol to Iceweasel can lead to Chrome privilege escalation. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1614 CVE-2008-2785 CVE-2008-2933 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7564 | |||
Oval ID: | oval:org.mitre.oval:def:7564 | ||
Title: | DSA-1621 icedove -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that a buffer overflow in MIME decoding can lead to the execution of arbitrary code. It was discovered that missing boundary checks on a reference counter for CSS objects can lead to the execution of arbitrary code. Devon Hubbard, Jesse Ruderman and Martijn Wargers discovered crashes in the layout engine, which might allow the execution of arbitrary code. Igor Bukanov, Jesse Ruderman and Gary Kwong discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. "moz_bug_r_a4" discovered that XUL documents can escalate privileges by accessing the pre-compiled "fastload" file. "moz_bug_r_a4" discovered that missing input sanitising in the mozIJSSubScriptLoader.loadSubScript() function could lead to the execution of arbitrary code. Iceweasel itself is not affected, but some addons are. Daniel Glazman discovered that a programming error in the code for parsing .properties files could lead to memory content being exposed to addons, which could lead to information disclosure. John G. Myers, Frank Benkstein and Nils Toedtmann discovered that alternate names on self-signed certificates were handled insufficiently, which could lead to spoofings secure connections. Greg McManus discovered discovered a crash in the block reflow code, which might allow the execution of arbitrary code. For the stable distribution (etch), these problems have been fixed in version 1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1. Packages for s390 are not yet available and will be provided later. For the unstable distribution (sid), these problems have been fixed in version 2.0.0.16-1. We recommend that you upgrade your icedove package. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1621 CVE-2008-0304 CVE-2008-2785 CVE-2008-2798 CVE-2008-2799 CVE-2008-2802 CVE-2008-2803 CVE-2008-2807 CVE-2008-2809 CVE-2008-2811 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | icedove |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7657 | |||
Oval ID: | oval:org.mitre.oval:def:7657 | ||
Title: | DSA-1649 iceweasel -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems: Justin Schuh, Tom Cross and Peter Williams discovered a buffer overflow in the parser for UTF-8 URLs, which may lead to the execution of arbitrary code. moz_bug_r_a4 discovered that the same-origin check in nsXMLDocument::OnChannelRedirect() could by bypassed. moz_bug_r_a4 discovered that several vulnerabilities in feedWriter could lead to Chrome privilege escalation. Paul Nickerson discovered that an attacker could move windows during a mouse click, resulting in unwanted action triggered by drag-and-drop. moz_bug_r_a4 discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. moz_bug_r_a4 discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. Olli Pettay and moz_bug_r_a4 discovered a Chrome privilege escalation vulnerability in XSLT handling. Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. Dave Reed discovered that some Unicode byte order marks are stripped from Javascript code before execution, which can result in code being executed, which were otherwise part of a quoted string. Gareth Heyes discovered that some Unicode surrogate characters are ignored by the HTML parser. Boris Zbarsky discovered that resource: URLs allow directory traversal when using URL-encoded slashes. Georgi Guninski discovered that resource: URLs could bypass local access restrictions. Billy Hoffman discovered that the XBM decoder could reveal uninitialised memory. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1649 CVE-2008-0016 CVE-2008-3835 CVE-2008-3836 CVE-2008-3837 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4069 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7740 | |||
Oval ID: | oval:org.mitre.oval:def:7740 | ||
Title: | DSA-1669 xulrunner -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems: Justin Schuh, Tom Cross and Peter Williams discovered a buffer overflow in the parser for UTF-8 URLs, which may lead to the execution of arbitrary code. "moz_bug_r_a4" discovered that the same-origin check in nsXMLDocument::OnChannelRedirect() could by bypassed. "moz_bug_r_a4" discovered that several vulnerabilities in feedWriter could lead to Chrome privilege escalation. Paul Nickerson discovered that an attacker could move windows during a mouse click, resulting in unwanted action triggered by drag-and-drop. "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. Olli Pettay and "moz_bug_r_a4" discovered a Chrome privilege escalation vulnerability in XSLT handling. Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. Dave Reed discovered that some Unicode byte order marks are stripped from Javascript code before execution, which can result in code being executed, which were otherwise part of a quoted string. Gareth Heyes discovered that some Unicode surrogate characters are ignored by the HTML parser. Boris Zbarsky discovered that resource: URls allow directory traversal when using URL-encoded slashes. Georgi Guninski discovered that resource: URLs could bypass local access restrictions. Billy Hoffman discovered that the XBM decoder could reveal uninitialised memory. Liu Die Yu discovered an information leak through local shortcut files. Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions. It was discovered that insufficient checks in the Flash plugin glue code could lead to arbitrary code execution. Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution. It was discovered that crashes in the layout engine could lead to arbitrary code execution. It was discovered that crashes in the Javascript engine could lead to arbitrary code execution. Justin Schuh discovered that a buffer overflow in http-index-format parser could lead to arbitrary code execution. It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code. "moz_bug_r_a4" discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners() could be bypassed. Collin Jackson discovered that the -moz-binding property bypasses security checks on codebase principals. Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1669 CVE-2008-0016 CVE-2008-3835 CVE-2008-3836 CVE-2008-3837 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4069 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5017 CVE-2008-5018 CVE-2008-0017 CVE-2008-5021 CVE-2008-5022 CVE-2008-5023 CVE-2008-5024 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7950 | |||
Oval ID: | oval:org.mitre.oval:def:7950 | ||
Title: | DSA-1697 iceape -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in Iceape an unbranded version of the Seamonkey internet suite. The Common Vulnerabilities and Exposures project identifies the following problems: Justin Schuh, Tom Cross and Peter Williams discovered a buffer overflow in the parser for UTF-8 URLs, which may lead to the execution of arbitrary code. (MFSA 2008-37) It was discovered that a buffer overflow in MIME decoding can lead to the execution of arbitrary code. (MFSA 2008-26) It was discovered that missing boundary checks on a reference counter for CSS objects can lead to the execution of arbitrary code. (MFSA 2008-34) Devon Hubbard, Jesse Ruderman and Martijn Wargers discovered crashes in the layout engine, which might allow the execution of arbitrary code. (MFSA 2008-21) Igor Bukanov, Jesse Ruderman and Gary Kwong discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. (MFSA 2008-21) "moz_bug_r_a4" discovered several cross-site scripting vulnerabilities. (MFSA 2008-22) Collin Jackson and Adam Barth discovered that Javascript code could be executed in the context or signed JAR archives. (MFSA 2008-23) "moz_bug_r_a4" discovered that XUL documements can escalate privileges by accessing the pre-compiled "fastload" file. (MFSA 2008-24) "moz_bug_r_a4" discovered that missing input sanitising in the mozIJSSubScriptLoader.loadSubScript() function could lead to the execution of arbitrary code. Iceape itself is not affected, but some addons are. (MFSA 2008-25) Claudio Santambrogio discovered that missing access validation in DOM parsing allows malicious web sites to force the browser to upload local files to the server, which could lead to information disclosure. (MFSA 2008-27) Daniel Glazman discovered that a programming error in the code for parsing .properties files could lead to memory content being exposed to addons, which could lead to information disclosure. (MFSA 2008-29) Masahiro Yamada discovered that file URLs in directory listings were insufficiently escaped. (MFSA 2008-30) John G. Myers, Frank Benkstein and Nils Toedtmann discovered that alternate names on self-signed certificates were handled insufficiently, which could lead to spoofings of secure connections. (MFSA 2008-31) It was discovered that URL shortcut files could be used to bypass the same-origin restrictions. This issue does not affect current Iceape, but might occur with additional extensions installed. (MFSA 2008-32) Greg McManus discovered a crash in the block reflow code, which might allow the execution of arbitrary code. (MFSA 2008-33) Billy Rios discovered that passing an URL containing a pipe symbol to Iceape can lead to Chrome privilege escalation. (MFSA 2008-35) "moz_bug_r_a4" discovered that the same-origin check in nsXMLDocument::OnChannelRedirect() could be bypassed. (MFSA 2008-38) "moz_bug_r_a4" discovered that several vulnerabilities in feedWriter could lead to Chrome privilege escalation. (MFSA 2008-39) Paul Nickerson discovered that an attacker could move windows during a mouse click, resulting in unwanted action triggered by drag-and-drop. (MFSA 2008-40) "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. (MFSA 2008-41) "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. (MFSA 2008-41) Olli Pettay and "moz_bug_r_a4" discovered a Chrome privilege escalation vulnerability in XSLT handling. (MFSA 2008-41) Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. (MFSA 2008-42) Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. (MFSA 2008-42) Dave Reed discovered that some Unicode byte order marks are stripped from Javascript code before execution, which can result in code being executed, which were otherwise part of a quoted string. (MFSA 2008-43) Boris Zbarsky discovered that resource: URLs allow directory traversal when using URL-encoded slashes. (MFSA 2008-44) Georgi Guninski discovered that resource: URLs could bypass local access restrictions. (MFSA 2008-44) Billy Hoffman discovered that the XBM decoder could reveal uninitialised memory. (MFSA 2008-45) It was discovered that a buffer overflow could be triggered via a long header in a news article, which could lead to arbitrary code execution. (MFSA 2008-46) Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions. (MFSA 2008-48) It was discovered that insufficient checks in the Flash plugin glue code could lead to arbitrary code execution. (MFSA 2008-49) Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution. (MFSA 2008-50) It was discovered that crashes in the layout engine could lead to arbitrary code execution. (MFSA 2008-52) Justin Schuh discovered that a buffer overflow in http-index-format parser could lead to arbitrary code execution. (MFSA 2008-54) It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code. (MFSA 2008-55) "moz_bug_r_a4" discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners() could be bypassed. (MFSA 2008-56) Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents. (MFSA 2008-58) Liu Die Yu discovered an information leak through local shortcut files. (MFSA 2008-59) Jesse Ruderman discovered that the layout engine is vulnerable to DoS attacks that might trigger memory corruption and an integer overflow. (MFSA 2008-60) Boris Zbarsky discovered that an information disclosure attack could be performed via XBL bindings. (MFSA 2008-61) Marius Schilder discovered that it is possible to obtain sensible data via a XMLHttpRequest. (MFSA 2008-64) Chris Evans discovered that it is possible to obtain sensible data via a JavaScript URL. (MFSA 2008-65) Chip Salzenberg discovered possible phishing attacks via URLs with leading whitespaces or control characters. (MFSA 2008-66) It was discovered that it is possible to perform cross-site scripting attacks via an XBL binding to an "unloaded document." (MFSA 2008-68) It was discovered that it is possible to run arbitrary JavaScript with chrome privileges via unknown vectors. (MFSA 2008-68) | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1697 CVE-2008-0016 CVE-2008-0304 CVE-2008-2785 CVE-2008-2798 CVE-2008-2799 CVE-2008-2800 CVE-2008-2801 CVE-2008-2802 CVE-2008-2803 CVE-2008-2805 CVE-2008-2807 CVE-2008-2808 CVE-2008-2809 CVE-2008-2810 CVE-2008-2811 CVE-2008-2933 CVE-2008-3835 CVE-2008-3836 CVE-2008-3837 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4067 CVE-2008-4068 CVE-2008-4069 CVE-2008-4070 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5017 CVE-2008-0017 CVE-2008-5021 CVE-2008-5024 CVE-2008-5022 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5508 CVE-2008-5511 CVE-2008-5512 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceape |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8021 | |||
Oval ID: | oval:org.mitre.oval:def:8021 | ||
Title: | DSA-1696 icedove -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: Justin Schuh, Tom Cross and Peter Williams discovered a buffer overflow in the parser for UTF-8 URLs, which may lead to the execution of arbitrary code. (MFSA 2008-37) It was discovered that crashes in the Javascript engine could potentially lead to the execution of arbitrary code. (MFSA 2008-20) "moz_bug_r_a4" discovered that the same-origin check in nsXMLDocument::OnChannelRedirect() could be bypassed. (MFSA 2008-38) "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. (MFSA 2008-41) "moz_bug_r_a4" discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. (MFSA 2008-41) Olli Pettay and "moz_bug_r_a4" discovered a Chrome privilege escalation vulnerability in XSLT handling. (MFSA 2008-41) Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. (MFSA 2008-42) Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. (MFSA 2008-42) Dave Reed discovered that some Unicode byte order marks are stripped from Javascript code before execution, which can result in code being executed, which were otherwise part of a quoted string. (MFSA 2008-43) It was discovered that a directory traversal allows attackers to read arbitrary files via a certain character. (MFSA 2008-44) It was discovered that a directory traversal allows attackers to bypass security restrictions and obtain sensitive information. (MFSA 2008-44) It was discovered that a buffer overflow could be triggered via a long header in a news article, which could lead to arbitrary code execution. (MFSA 2008-46) Liu Die Yu and Boris Zbarsky discovered an information leak through local shortcut files. (MFSA 2008-47, MFSA 2008-59) Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions. (MFSA 2008-48) Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution. (MFSA 2008-50) It was discovered that crashes in the layout engine could lead to arbitrary code execution. (MFSA 2008-52) It was discovered that crashes in the Javascript engine could lead to arbitrary code execution. (MFSA 2008-52) It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code. (MFSA 2008-55) "moz_bug_r_a4" discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners() could be bypassed. (MFSA 2008-56) Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents. (MFSA 2008-58) Jesse Ruderman discovered that the layout engine is vulnerable to DoS attacks that might trigger memory corruption and an integer overflow. (MFSA 2008-60) Boris Zbarsky discovered that an information disclosure attack could be performed via XBL bindings. (MFSA 2008-61) Marius Schilder discovered that it is possible to obtain sensible data via a XMLHttpRequest. (MFSA 2008-64) Chris Evans discovered that it is possible to obtain sensible data via a JavaScript URL. (MFSA 2008-65) Chip Salzenberg discovered possible phishing attacks via URLs with leading whitespaces or control characters. (MFSA 2008-66) It was discovered that it is possible to perform cross-site scripting attacks via an XBL binding to an "unloaded document." (MFSA 2008-68) It was discovered that it is possible to run arbitrary JavaScript with chrome privileges via unknown vectors. (MFSA 2008-68) | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1696 CVE-2008-0016 CVE-2008-1380 CVE-2008-3835 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4067 CVE-2008-4068 CVE-2008-4070 CVE-2008-4582 CVE-2008-5012 CVE-2008-5014 CVE-2008-5017 CVE-2008-5018 CVE-2008-5021 CVE-2008-5022 CVE-2008-5024 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5508 CVE-2008-5511 CVE-2008-5512 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | icedove |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8044 | |||
Oval ID: | oval:org.mitre.oval:def:8044 | ||
Title: | DSA-1615 xulrunner -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that missing boundary checks on a reference counter for CSS objects can lead to the execution of arbitrary code. Devon Hubbard, Jesse Ruderman and Martijn Wargers discovered crashes in the layout engine, which might allow the execution of arbitrary code. Igor Bukanov, Jesse Ruderman and Gary Kwong discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. moz_bug_r_a4 discovered several cross-site scripting vulnerabilities. Collin Jackson and Adam Barth discovered that Javascript code could be executed in the context of signed JAR archives. moz_bug_r_a4 discovered that XUL documents can escalate privileges by accessing the pre-compiled fastload file. moz_bug_r_a4 discovered that missing input sanitising in the mozIJSSubScriptLoader.loadSubScript() function could lead to the execution of arbitrary code. Iceweasel itself is not affected, but some addons are. Claudio Santambrogio discovered that missing access validation in DOM parsing allows malicious web sites to force the browser to upload local files to the server, which could lead to information disclosure. Daniel Glazman discovered that a programming error in the code for parsing .properties files could lead to memory content being exposed to addons, which could lead to information disclosure. Masahiro Yamada discovered that file URLs in directory listings were insufficiently escaped. John G. Myers, Frank Benkstein and Nils Toedtmann discovered that alternate names on self-signed certificates were handled insufficiently, which could lead to spoofing of secure connections. Greg McManus discovered a crash in the block reflow code, which might allow the execution of arbitrary code. Billy Rios discovered that passing an URL containing a pipe symbol to Iceweasel can lead to Chrome privilege escalation. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1615 CVE-2008-2785 CVE-2008-2798 CVE-2008-2799 CVE-2008-2800 CVE-2008-2801 CVE-2008-2802 CVE-2008-2803 CVE-2008-2805 CVE-2008-2807 CVE-2008-2808 CVE-2008-2809 CVE-2008-2811 CVE-2008-2933 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8140 | |||
Oval ID: | oval:org.mitre.oval:def:8140 | ||
Title: | DSA-1671 iceweasel -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Iceweasel webbrowser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems: Justin Schuh discovered that a buffer overflow in the http-index-format parser could lead to arbitrary code execution. Liu Die Yu discovered an information leak through local shortcut files. Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions. It was discovered that insufficient checks in the Flash plugin glue code could lead to arbitrary code execution. Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution. It was discovered that crashes in the layout engine could lead to arbitrary code execution. It was discovered that crashes in the Javascript engine could lead to arbitrary code execution. It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code. moz_bug_r_a4 discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners() could be bypassed. Collin Jackson discovered that the -moz-binding property bypasses security checks on codebase principals. Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1671 CVE-2008-0017 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5017 CVE-2008-5018 CVE-2008-5021 CVE-2008-5022 CVE-2008-5023 CVE-2008-5024 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8196 | |||
Oval ID: | oval:org.mitre.oval:def:8196 | ||
Title: | DSA-1607 iceweasel -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems: Devon Hubbard, Jesse Ruderman and Martijn Wargers discovered crashes in the layout engine, which might allow the execution of arbitrary code. Igor Bukanov, Jesse Ruderman and Gary Kwong discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. "moz_bug_r_a4" discovered several cross-site scripting vulnerabilities. Collin Jackson and Adam Barth discovered that Javascript code could be executed in the context of signed JAR archives. "moz_bug_r_a4" discovered that XUL documents can escalate privileges by accessing the pre-compiled "fastload" file. "moz_bug_r_a4" discovered that missing input sanitising in the mozIJSSubScriptLoader.loadSubScript() function could lead to the execution of arbitrary code. Iceweasel itself is not affected, but some addons are. Claudio Santambrogio discovered that missing access validation in DOM parsing allows malicious web sites to force the browser to upload local files to the server, which could lead to information disclosure. Daniel Glazman discovered that a programming error in the code for parsing .properties files could lead to memory content being exposed to addons, which could lead to information disclosure. Masahiro Yamada discovered that file URLS in directory listings were insufficiently escaped. John G. Myers, Frank Benkstein and Nils Toedtmann discovered that alternate names on self-signed certificates were handled insufficiently, which could lead to spoofings secure connections. Greg McManus discovered a crash in the block reflow code, which might allow the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1607 CVE-2008-2798 CVE-2008-2799 CVE-2008-2800 CVE-2008-2801 CVE-2008-2802 CVE-2008-2803 CVE-2008-2805 CVE-2008-2807 CVE-2008-2808 CVE-2008-2809 CVE-2008-2811 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9643 | |||
Oval ID: | oval:org.mitre.oval:def:9643 | ||
Title: | The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vectors. | ||
Description: | The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3835 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9660 | |||
Oval ID: | oval:org.mitre.oval:def:9660 | ||
Title: | Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do not properly check when the Flash module has been dynamically unloaded properly, which allows remote attackers to execute arbitrary code via a crafted SWF file that "dynamically unloads itself from an outside JavaScript function," which triggers an access of an expired memory address. | ||
Description: | Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do not properly check when the Flash module has been dynamically unloaded properly, which allows remote attackers to execute arbitrary code via a crafted SWF file that "dynamically unloads itself from an outside JavaScript function," which triggers an access of an expired memory address. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-5013 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Mozilla Firefox UTF-8 URL buffer overflow | More info here |
ExploitDB Exploits
id | Description |
---|---|
2009-09-14 | Mozilla Firefox 2.0.0.16 UTF-8 URL Remote Buffer Overflow Exploit |
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for thunderbird CESA-2009:0002 centos4 i386 File : nvt/gb_CESA-2009_0002_thunderbird_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for thunderbird CESA-2009:0002 centos5 i386 File : nvt/gb_CESA-2009_0002_thunderbird_centos5_i386.nasl |
2009-10-13 | Name : SLES10: Security update for MozillaFirefox File : nvt/sles10_MozillaFirefox.nasl |
2009-10-13 | Name : SLES10: Security update for MozillaFirefox File : nvt/sles10_MozillaFirefox0.nasl |
2009-10-13 | Name : SLES10: Security update for MozillaFirefox File : nvt/sles10_MozillaFirefox1.nasl |
2009-10-13 | Name : SLES10: Security update for MozillaFirefox File : nvt/sles10_MozillaFirefox4.nasl |
2009-10-13 | Name : SLES10: Security update for MozillaFirefox File : nvt/sles10_MozillaFirefox5.nasl |
2009-10-13 | Name : SLES10: Security update for MozillaFirefox File : nvt/sles10_MozillaFirefox6.nasl |
2009-10-13 | Name : SLES10: Security update for Epiphany File : nvt/sles10_epiphany.nasl |
2009-10-13 | Name : SLES10: Security update for Mozilla File : nvt/sles10_gecko-sdk.nasl |
2009-10-13 | Name : SLES10: Security update for gecko-sdk and mozilla-xulrunner File : nvt/sles10_gecko-sdk0.nasl |
2009-10-10 | Name : SLES9: Security update for Epiphany and Mozilla File : nvt/sles9p5036604.nasl |
2009-10-10 | Name : SLES9: Security update for Epiphany File : nvt/sles9p5040940.nasl |
2009-06-05 | Name : Ubuntu USN-707-1 (cupsys) File : nvt/ubuntu_707_1.nasl |
2009-06-03 | Name : Solaris Update for Mozilla 1.7 125539-06 File : nvt/gb_solaris_125539_06.nasl |
2009-06-03 | Name : Solaris Update for Mozilla Firefox Web browser 125540-06 File : nvt/gb_solaris_125540_06.nasl |
2009-06-03 | Name : Solaris Update for Mozilla 1.7 125541-04 File : nvt/gb_solaris_125541_04.nasl |
2009-06-03 | Name : Solaris Update for Mozilla Thunderbird email client 125542-04 File : nvt/gb_solaris_125542_04.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2008_062.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-firefox MDVSA-2008:136 (mozilla-firefox) File : nvt/gb_mandriva_MDVSA_2008_136.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-firefox MDVSA-2008:148 (mozilla-firefox) File : nvt/gb_mandriva_MDVSA_2008_148.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2008:155 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2008_155.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2008:155-1 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2008_155_1.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-firefox MDVSA-2008:205 (mozilla-firefox) File : nvt/gb_mandriva_MDVSA_2008_205.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2008:206 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2008_206.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-firefox MDVSA-2008:228 (mozilla-firefox) File : nvt/gb_mandriva_MDVSA_2008_228.nasl |
2009-04-09 | Name : Mandriva Update for firefox MDVSA-2008:230 (firefox) File : nvt/gb_mandriva_MDVSA_2008_230.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2008:235 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2008_235.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-firefox MDVSA-2008:244 (mozilla-firefox) File : nvt/gb_mandriva_MDVSA_2008_244.nasl |
2009-04-09 | Name : Mandriva Update for firefox MDVSA-2008:245 (firefox) File : nvt/gb_mandriva_MDVSA_2008_245.nasl |
2009-03-23 | Name : Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-582-1 File : nvt/gb_ubuntu_USN_582_1.nasl |
2009-03-23 | Name : Ubuntu Update for mozilla-thunderbird USN-582-2 File : nvt/gb_ubuntu_USN_582_2.nasl |
2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-619-1 File : nvt/gb_ubuntu_USN_619_1.nasl |
2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-623-1 File : nvt/gb_ubuntu_USN_623_1.nasl |
2009-03-23 | Name : Ubuntu Update for firefox-3.0, xulrunner-1.9 vulnerabilities USN-626-1 File : nvt/gb_ubuntu_USN_626_1.nasl |
2009-03-23 | Name : Ubuntu Update for devhelp, epiphany-browser, midbrowser, yelp update USN-626-2 File : nvt/gb_ubuntu_USN_626_2.nasl |
2009-03-23 | Name : Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-629-1 File : nvt/gb_ubuntu_USN_629_1.nasl |
2009-03-23 | Name : Ubuntu Update for firefox, firefox-3.0, xulrunner-1.9 vulnerabilities USN-645-1 File : nvt/gb_ubuntu_USN_645_1.nasl |
2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-645-2 File : nvt/gb_ubuntu_USN_645_2.nasl |
2009-03-23 | Name : Ubuntu Update for firefox-3.0, xulrunner-1.9 regression USN-645-3 File : nvt/gb_ubuntu_USN_645_3.nasl |
2009-03-23 | Name : Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-647-1 File : nvt/gb_ubuntu_USN_647_1.nasl |
2009-03-23 | Name : Ubuntu Update for firefox, firefox-3.0, xulrunner-1.9 vulnerabilities USN-667-1 File : nvt/gb_ubuntu_USN_667_1.nasl |
2009-03-23 | Name : Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-668-1 File : nvt/gb_ubuntu_USN_668_1.nasl |
2009-03-23 | Name : Ubuntu Update for firefox-3.0, xulrunner-1.9 vulnerabilities USN-690-1 File : nvt/gb_ubuntu_USN_690_1.nasl |
2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-690-2 File : nvt/gb_ubuntu_USN_690_2.nasl |
2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-690-3 File : nvt/gb_ubuntu_USN_690_3.nasl |
2009-03-06 | Name : RedHat Update for thunderbird RHSA-2008:0105-02 File : nvt/gb_RHSA-2008_0105-02_thunderbird.nasl |
2009-03-06 | Name : RedHat Update for seamonkey RHSA-2008:0547-01 File : nvt/gb_RHSA-2008_0547-01_seamonkey.nasl |
2009-03-06 | Name : RedHat Update for firefox RHSA-2008:0549-01 File : nvt/gb_RHSA-2008_0549-01_firefox.nasl |
2009-03-06 | Name : RedHat Update for firefox RHSA-2008:0569-01 File : nvt/gb_RHSA-2008_0569-01_firefox.nasl |
2009-03-06 | Name : RedHat Update for firefox RHSA-2008:0597-01 File : nvt/gb_RHSA-2008_0597-01_firefox.nasl |
2009-03-06 | Name : RedHat Update for firefox RHSA-2008:0598-02 File : nvt/gb_RHSA-2008_0598-02_firefox.nasl |
2009-03-06 | Name : RedHat Update for seamonkey RHSA-2008:0599-01 File : nvt/gb_RHSA-2008_0599-01_seamonkey.nasl |
2009-03-06 | Name : RedHat Update for thunderbird RHSA-2008:0616-01 File : nvt/gb_RHSA-2008_0616-01_thunderbird.nasl |
2009-03-06 | Name : RedHat Update for firefox RHSA-2008:0879-01 File : nvt/gb_RHSA-2008_0879-01_firefox.nasl |
2009-03-06 | Name : RedHat Update for seamonkey RHSA-2008:0882-01 File : nvt/gb_RHSA-2008_0882-01_seamonkey.nasl |
2009-03-06 | Name : RedHat Update for thunderbird RHSA-2008:0908-01 File : nvt/gb_RHSA-2008_0908-01_thunderbird.nasl |
2009-03-06 | Name : RedHat Update for thunderbird RHSA-2008:0976-01 File : nvt/gb_RHSA-2008_0976-01_thunderbird.nasl |
2009-03-06 | Name : RedHat Update for seamonkey RHSA-2008:0977-01 File : nvt/gb_RHSA-2008_0977-01_seamonkey.nasl |
2009-03-06 | Name : RedHat Update for firefox RHSA-2008:0978-01 File : nvt/gb_RHSA-2008_0978-01_firefox.nasl |
2009-03-06 | Name : RedHat Update for firefox RHSA-2008:1036-01 File : nvt/gb_RHSA-2008_1036-01_firefox.nasl |
2009-03-06 | Name : RedHat Update for seamonkey RHSA-2008:1037-01 File : nvt/gb_RHSA-2008_1037-01_seamonkey.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0547-01 centos2 i386 File : nvt/gb_CESA-2008_0547-01_seamonkey_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0547 centos3 i386 File : nvt/gb_CESA-2008_0547_seamonkey_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0547 centos3 x86_64 File : nvt/gb_CESA-2008_0547_seamonkey_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0547 centos4 i386 File : nvt/gb_CESA-2008_0547_seamonkey_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0547 centos4 x86_64 File : nvt/gb_CESA-2008_0547_seamonkey_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0549 centos3 i386 File : nvt/gb_CESA-2008_0549_firefox_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0549 centos3 x86_64 File : nvt/gb_CESA-2008_0549_firefox_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0549 centos4 i386 File : nvt/gb_CESA-2008_0549_firefox_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0549 centos4 x86_64 File : nvt/gb_CESA-2008_0549_firefox_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0598 centos3 i386 File : nvt/gb_CESA-2008_0598_firefox_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0598 centos3 x86_64 File : nvt/gb_CESA-2008_0598_firefox_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0599-01 centos2 i386 File : nvt/gb_CESA-2008_0599-01_seamonkey_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0599 centos3 i386 File : nvt/gb_CESA-2008_0599_seamonkey_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0599 centos3 x86_64 File : nvt/gb_CESA-2008_0599_seamonkey_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0882-01 centos2 i386 File : nvt/gb_CESA-2008_0882-01_seamonkey_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0882 centos3 i386 File : nvt/gb_CESA-2008_0882_seamonkey_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0882 centos3 x86_64 File : nvt/gb_CESA-2008_0882_seamonkey_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0908 centos4 i386 File : nvt/gb_CESA-2008_0908_thunderbird_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0908 centos4 x86_64 File : nvt/gb_CESA-2008_0908_thunderbird_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0976 centos4 i386 File : nvt/gb_CESA-2008_0976_thunderbird_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0976 centos4 x86_64 File : nvt/gb_CESA-2008_0976_thunderbird_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0977-01 centos2 i386 File : nvt/gb_CESA-2008_0977-01_seamonkey_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0977 centos3 i386 File : nvt/gb_CESA-2008_0977_seamonkey_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0977 centos3 x86_64 File : nvt/gb_CESA-2008_0977_seamonkey_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0977 centos4 i386 File : nvt/gb_CESA-2008_0977_seamonkey_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0977 centos4 x86_64 File : nvt/gb_CESA-2008_0977_seamonkey_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0978 centos4 i386 File : nvt/gb_CESA-2008_0978_firefox_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0978 centos4 x86_64 File : nvt/gb_CESA-2008_0978_firefox_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:1037-01 centos2 i386 File : nvt/gb_CESA-2008_1037-01_seamonkey_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:1037 centos3 i386 File : nvt/gb_CESA-2008_1037_seamonkey_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:1037 centos3 x86_64 File : nvt/gb_CESA-2008_1037_seamonkey_centos3_x86_64.nasl |
2009-02-17 | Name : Fedora Update for Miro FEDORA-2008-6127 File : nvt/gb_fedora_2008_6127_Miro_fc8.nasl |
2009-02-17 | Name : Fedora Update for blam FEDORA-2008-6127 File : nvt/gb_fedora_2008_6127_blam_fc8.nasl |
2009-02-17 | Name : Fedora Update for chmsee FEDORA-2008-6127 File : nvt/gb_fedora_2008_6127_chmsee_fc8.nasl |
2009-02-17 | Name : Fedora Update for devhelp FEDORA-2008-6127 File : nvt/gb_fedora_2008_6127_devhelp_fc8.nasl |
2009-02-17 | Name : Fedora Update for epiphany-extensions FEDORA-2008-6127 File : nvt/gb_fedora_2008_6127_epiphany-extensions_fc8.nasl |
2009-02-17 | Name : Fedora Update for epiphany FEDORA-2008-6127 File : nvt/gb_fedora_2008_6127_epiphany_fc8.nasl |
2009-02-17 | Name : Fedora Update for firefox FEDORA-2008-6127 File : nvt/gb_fedora_2008_6127_firefox_fc8.nasl |
2009-02-17 | Name : Fedora Update for galeon FEDORA-2008-6127 File : nvt/gb_fedora_2008_6127_galeon_fc8.nasl |
2009-02-17 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-6127 File : nvt/gb_fedora_2008_6127_gnome-python2-extras_fc8.nasl |
2009-02-17 | Name : Fedora Update for gnome-web-photo FEDORA-2008-6127 File : nvt/gb_fedora_2008_6127_gnome-web-photo_fc8.nasl |
2009-02-17 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-6127 File : nvt/gb_fedora_2008_6127_gtkmozembedmm_fc8.nasl |
2009-02-17 | Name : Fedora Update for kazehakase FEDORA-2008-6127 File : nvt/gb_fedora_2008_6127_kazehakase_fc8.nasl |
2009-02-17 | Name : Fedora Update for liferea FEDORA-2008-6127 File : nvt/gb_fedora_2008_6127_liferea_fc8.nasl |
2009-02-17 | Name : Fedora Update for openvrml FEDORA-2008-6127 File : nvt/gb_fedora_2008_6127_openvrml_fc8.nasl |
2009-02-17 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-6127 File : nvt/gb_fedora_2008_6127_ruby-gnome2_fc8.nasl |
2009-02-17 | Name : Fedora Update for yelp FEDORA-2008-6127 File : nvt/gb_fedora_2008_6127_yelp_fc8.nasl |
2009-02-17 | Name : Fedora Update for seamonkey FEDORA-2008-6193 File : nvt/gb_fedora_2008_6193_seamonkey_fc9.nasl |
2009-02-17 | Name : Fedora Update for seamonkey FEDORA-2008-6196 File : nvt/gb_fedora_2008_6196_seamonkey_fc8.nasl |
2009-02-17 | Name : Fedora Update for Miro FEDORA-2008-6491 File : nvt/gb_fedora_2008_6491_Miro_fc8.nasl |
2009-02-17 | Name : Fedora Update for blam FEDORA-2008-6491 File : nvt/gb_fedora_2008_6491_blam_fc8.nasl |
2009-02-17 | Name : Fedora Update for cairo-dock FEDORA-2008-6491 File : nvt/gb_fedora_2008_6491_cairo-dock_fc8.nasl |
2009-02-17 | Name : Fedora Update for chmsee FEDORA-2008-6491 File : nvt/gb_fedora_2008_6491_chmsee_fc8.nasl |
2009-02-17 | Name : Fedora Update for devhelp FEDORA-2008-6491 File : nvt/gb_fedora_2008_6491_devhelp_fc8.nasl |
2009-02-17 | Name : Fedora Update for epiphany-extensions FEDORA-2008-6491 File : nvt/gb_fedora_2008_6491_epiphany-extensions_fc8.nasl |
2009-02-17 | Name : Fedora Update for epiphany FEDORA-2008-6491 File : nvt/gb_fedora_2008_6491_epiphany_fc8.nasl |
2009-02-17 | Name : Fedora Update for firefox FEDORA-2008-6491 File : nvt/gb_fedora_2008_6491_firefox_fc8.nasl |
2009-02-17 | Name : Fedora Update for galeon FEDORA-2008-6491 File : nvt/gb_fedora_2008_6491_galeon_fc8.nasl |
2009-02-17 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-6491 File : nvt/gb_fedora_2008_6491_gnome-python2-extras_fc8.nasl |
2009-02-17 | Name : Fedora Update for gnome-web-photo FEDORA-2008-6491 File : nvt/gb_fedora_2008_6491_gnome-web-photo_fc8.nasl |
2009-02-17 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-6491 File : nvt/gb_fedora_2008_6491_gtkmozembedmm_fc8.nasl |
2009-02-17 | Name : Fedora Update for kazehakase FEDORA-2008-6491 File : nvt/gb_fedora_2008_6491_kazehakase_fc8.nasl |
2009-02-17 | Name : Fedora Update for liferea FEDORA-2008-6491 File : nvt/gb_fedora_2008_6491_liferea_fc8.nasl |
2009-02-17 | Name : Fedora Update for openvrml FEDORA-2008-6491 File : nvt/gb_fedora_2008_6491_openvrml_fc8.nasl |
2009-02-17 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-6491 File : nvt/gb_fedora_2008_6491_ruby-gnome2_fc8.nasl |
2009-02-17 | Name : Fedora Update for yelp FEDORA-2008-6491 File : nvt/gb_fedora_2008_6491_yelp_fc8.nasl |
2009-02-17 | Name : Fedora Update for seamonkey FEDORA-2008-6517 File : nvt/gb_fedora_2008_6517_seamonkey_fc8.nasl |
2009-02-17 | Name : Fedora Update for devhelp FEDORA-2008-6518 File : nvt/gb_fedora_2008_6518_devhelp_fc9.nasl |
2009-02-17 | Name : Fedora Update for epiphany-extensions FEDORA-2008-6518 File : nvt/gb_fedora_2008_6518_epiphany-extensions_fc9.nasl |
2009-02-17 | Name : Fedora Update for epiphany FEDORA-2008-6518 File : nvt/gb_fedora_2008_6518_epiphany_fc9.nasl |
2009-02-17 | Name : Fedora Update for firefox FEDORA-2008-6518 File : nvt/gb_fedora_2008_6518_firefox_fc9.nasl |
2009-02-17 | Name : Fedora Update for xulrunner FEDORA-2008-6518 File : nvt/gb_fedora_2008_6518_xulrunner_fc9.nasl |
2009-02-17 | Name : Fedora Update for yelp FEDORA-2008-6518 File : nvt/gb_fedora_2008_6518_yelp_fc9.nasl |
2009-02-17 | Name : Fedora Update for seamonkey FEDORA-2008-6519 File : nvt/gb_fedora_2008_6519_seamonkey_fc9.nasl |
2009-02-17 | Name : Fedora Update for thunderbird FEDORA-2008-6706 File : nvt/gb_fedora_2008_6706_thunderbird_fc8.nasl |
2009-02-17 | Name : Fedora Update for thunderbird FEDORA-2008-6737 File : nvt/gb_fedora_2008_6737_thunderbird_fc9.nasl |
2009-02-17 | Name : Fedora Update for Miro FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_Miro_fc8.nasl |
2009-02-17 | Name : Fedora Update for blam FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_blam_fc8.nasl |
2009-02-17 | Name : Fedora Update for cairo-dock FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_cairo-dock_fc8.nasl |
2009-02-17 | Name : Fedora Update for chmsee FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_chmsee_fc8.nasl |
2009-02-17 | Name : Fedora Update for devhelp FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_devhelp_fc8.nasl |
2009-02-17 | Name : Fedora Update for epiphany-extensions FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_epiphany-extensions_fc8.nasl |
2009-02-17 | Name : Fedora Update for epiphany FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_epiphany_fc8.nasl |
2009-02-17 | Name : Fedora Update for evolution-rss FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_evolution-rss_fc8.nasl |
2009-02-17 | Name : Fedora Update for firefox FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_firefox_fc8.nasl |
2009-02-17 | Name : Fedora Update for galeon FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_galeon_fc8.nasl |
2009-02-17 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_gnome-python2-extras_fc8.nasl |
2009-02-17 | Name : Fedora Update for gnome-web-photo FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_gnome-web-photo_fc8.nasl |
2009-02-17 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_gtkmozembedmm_fc8.nasl |
2009-02-17 | Name : Fedora Update for kazehakase FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_kazehakase_fc8.nasl |
2009-02-17 | Name : Fedora Update for liferea FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_liferea_fc8.nasl |
2009-02-17 | Name : Fedora Update for openvrml FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_openvrml_fc8.nasl |
2009-02-17 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_ruby-gnome2_fc8.nasl |
2009-02-17 | Name : Fedora Update for yelp FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_yelp_fc8.nasl |
2009-02-17 | Name : Fedora Update for seamonkey FEDORA-2008-8401 File : nvt/gb_fedora_2008_8401_seamonkey_fc8.nasl |
2009-02-17 | Name : Fedora Update for Miro FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_Miro_fc9.nasl |
2009-02-17 | Name : Fedora Update for blam FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_blam_fc9.nasl |
2009-02-17 | Name : Fedora Update for cairo-dock FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_cairo-dock_fc9.nasl |
2009-02-17 | Name : Fedora Update for chmsee FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_chmsee_fc9.nasl |
2009-02-17 | Name : Fedora Update for devhelp FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_devhelp_fc9.nasl |
2009-02-17 | Name : Fedora Update for epiphany-extensions FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_epiphany-extensions_fc9.nasl |
2009-02-17 | Name : Fedora Update for epiphany FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_epiphany_fc9.nasl |
2009-02-17 | Name : Fedora Update for evolution-rss FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_evolution-rss_fc9.nasl |
2009-02-17 | Name : Fedora Update for firefox FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_firefox_fc9.nasl |
2009-02-17 | Name : Fedora Update for galeon FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_galeon_fc9.nasl |
2009-02-17 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_gnome-python2-extras_fc9.nasl |
2009-02-17 | Name : Fedora Update for gnome-web-photo FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_gnome-web-photo_fc9.nasl |
2009-02-17 | Name : Fedora Update for google-gadgets FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_google-gadgets_fc9.nasl |
2009-02-17 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_gtkmozembedmm_fc9.nasl |
2009-02-17 | Name : Fedora Update for kazehakase FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_kazehakase_fc9.nasl |
2009-02-17 | Name : Fedora Update for mozvoikko FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_mozvoikko_fc9.nasl |
2009-02-17 | Name : Fedora Update for mugshot FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_mugshot_fc9.nasl |
2009-02-17 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_ruby-gnome2_fc9.nasl |
2009-02-17 | Name : Fedora Update for totem FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_totem_fc9.nasl |
2009-02-17 | Name : Fedora Update for xulrunner FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_xulrunner_fc9.nasl |
2009-02-17 | Name : Fedora Update for yelp FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_yelp_fc9.nasl |
2009-02-17 | Name : Fedora Update for seamonkey FEDORA-2008-8429 File : nvt/gb_fedora_2008_8429_seamonkey_fc9.nasl |
2009-02-17 | Name : Fedora Update for Miro FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_Miro_fc8.nasl |
2009-02-17 | Name : Fedora Update for blam FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_blam_fc8.nasl |
2009-02-17 | Name : Fedora Update for cairo-dock FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_cairo-dock_fc8.nasl |
2009-02-17 | Name : Fedora Update for chmsee FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_chmsee_fc8.nasl |
2009-02-17 | Name : Fedora Update for devhelp FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_devhelp_fc8.nasl |
2009-02-17 | Name : Fedora Update for epiphany-extensions FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_epiphany-extensions_fc8.nasl |
2009-02-17 | Name : Fedora Update for epiphany FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_epiphany_fc8.nasl |
2009-02-17 | Name : Fedora Update for evolution-rss FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_evolution-rss_fc8.nasl |
2009-02-17 | Name : Fedora Update for firefox FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_firefox_fc8.nasl |
2009-02-17 | Name : Fedora Update for galeon FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_galeon_fc8.nasl |
2009-02-17 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_gnome-python2-extras_fc8.nasl |
2009-02-17 | Name : Fedora Update for gnome-web-photo FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_gnome-web-photo_fc8.nasl |
2009-02-17 | Name : Fedora Update for kazehakase FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_kazehakase_fc8.nasl |
2009-02-17 | Name : Fedora Update for liferea FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_liferea_fc8.nasl |
2009-02-17 | Name : Fedora Update for openvrml FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_openvrml_fc8.nasl |
2009-02-17 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_ruby-gnome2_fc8.nasl |
2009-02-17 | Name : Fedora Update for seamonkey FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_seamonkey_fc8.nasl |
2009-02-17 | Name : Fedora Update for yelp FEDORA-2008-9667 File : nvt/gb_fedora_2008_9667_yelp_fc8.nasl |
2009-02-17 | Name : Fedora Update for Miro FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_Miro_fc9.nasl |
2009-02-17 | Name : Fedora Update for cairo-dock FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_cairo-dock_fc9.nasl |
2009-02-17 | Name : Fedora Update for chmsee FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_chmsee_fc9.nasl |
2009-02-17 | Name : Fedora Update for devhelp FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_devhelp_fc9.nasl |
2009-02-17 | Name : Fedora Update for epiphany-extensions FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_epiphany-extensions_fc9.nasl |
2009-02-17 | Name : Fedora Update for epiphany FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_epiphany_fc9.nasl |
2009-02-17 | Name : Fedora Update for evolution-rss FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_evolution-rss_fc9.nasl |
2009-02-17 | Name : Fedora Update for firefox FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_firefox_fc9.nasl |
2009-02-17 | Name : Fedora Update for galeon FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_galeon_fc9.nasl |
2009-02-17 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_gnome-python2-extras_fc9.nasl |
2009-02-17 | Name : Fedora Update for gnome-web-photo FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_gnome-web-photo_fc9.nasl |
2009-02-17 | Name : Fedora Update for google-gadgets FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_google-gadgets_fc9.nasl |
2009-02-17 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_gtkmozembedmm_fc9.nasl |
2009-02-17 | Name : Fedora Update for kazehakase FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_kazehakase_fc9.nasl |
2009-02-17 | Name : Fedora Update for mozvoikko FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_mozvoikko_fc9.nasl |
2009-02-17 | Name : Fedora Update for mugshot FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_mugshot_fc9.nasl |
2009-02-17 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_ruby-gnome2_fc9.nasl |
2009-02-17 | Name : Fedora Update for seamonkey FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_seamonkey_fc9.nasl |
2009-02-17 | Name : Fedora Update for totem FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_totem_fc9.nasl |
2009-02-17 | Name : Fedora Update for xulrunner FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_xulrunner_fc9.nasl |
2009-02-17 | Name : Fedora Update for yelp FEDORA-2008-9669 File : nvt/gb_fedora_2008_9669_yelp_fc9.nasl |
2009-02-17 | Name : Fedora Update for thunderbird FEDORA-2008-9807 File : nvt/gb_fedora_2008_9807_thunderbird_fc8.nasl |
2009-02-17 | Name : Fedora Update for thunderbird FEDORA-2008-9859 File : nvt/gb_fedora_2008_9859_thunderbird_fc9.nasl |
2009-02-17 | Name : Fedora Update for thunderbird FEDORA-2008-9901 File : nvt/gb_fedora_2008_9901_thunderbird_fc10.nasl |
2009-02-16 | Name : Fedora Update for thunderbird FEDORA-2008-2060 File : nvt/gb_fedora_2008_2060_thunderbird_fc8.nasl |
2009-02-16 | Name : Fedora Update for thunderbird FEDORA-2008-2118 File : nvt/gb_fedora_2008_2118_thunderbird_fc7.nasl |
2009-02-13 | Name : Fedora Update for seamonkey FEDORA-2008-11490 File : nvt/gb_fedora_2008_11490_seamonkey_fc10.nasl |
2009-02-13 | Name : Fedora Update for Miro FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_Miro_fc10.nasl |
2009-02-13 | Name : Fedora Update for blam FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_blam_fc10.nasl |
2009-02-13 | Name : Fedora Update for devhelp FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_devhelp_fc10.nasl |
2009-02-13 | Name : Fedora Update for epiphany-extensions FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_epiphany-extensions_fc10.nasl |
2009-02-13 | Name : Fedora Update for epiphany FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_epiphany_fc10.nasl |
2009-02-13 | Name : Fedora Update for evolution-rss FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_evolution-rss_fc10.nasl |
2009-02-13 | Name : Fedora Update for firefox FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_firefox_fc10.nasl |
2009-02-13 | Name : Fedora Update for galeon FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_galeon_fc10.nasl |
2009-02-13 | Name : Fedora Update for gecko-sharp2 FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_gecko-sharp2_fc10.nasl |
2009-02-13 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_gnome-python2-extras_fc10.nasl |
2009-02-13 | Name : Fedora Update for gnome-web-photo FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_gnome-web-photo_fc10.nasl |
2009-02-13 | Name : Fedora Update for google-gadgets FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_google-gadgets_fc10.nasl |
2009-02-13 | Name : Fedora Update for kazehakase FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_kazehakase_fc10.nasl |
2009-02-13 | Name : Fedora Update for mozvoikko FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_mozvoikko_fc10.nasl |
2009-02-13 | Name : Fedora Update for mugshot FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_mugshot_fc10.nasl |
2009-02-13 | Name : Fedora Update for pcmanx-gtk2 FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_pcmanx-gtk2_fc10.nasl |
2009-02-13 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_ruby-gnome2_fc10.nasl |
2009-02-13 | Name : Fedora Update for xulrunner FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_xulrunner_fc10.nasl |
2009-02-13 | Name : Fedora Update for yelp FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_yelp_fc10.nasl |
2009-02-13 | Name : Fedora Update for seamonkey FEDORA-2008-11534 File : nvt/gb_fedora_2008_11534_seamonkey_fc8.nasl |
2009-02-13 | Name : Fedora Update for Miro FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_Miro_fc8.nasl |
2009-02-13 | Name : Fedora Update for blam FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_blam_fc8.nasl |
2009-02-13 | Name : Fedora Update for cairo-dock FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_cairo-dock_fc8.nasl |
2009-02-13 | Name : Fedora Update for chmsee FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_chmsee_fc8.nasl |
2009-02-13 | Name : Fedora Update for devhelp FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_devhelp_fc8.nasl |
2009-02-13 | Name : Fedora Update for epiphany-extensions FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_epiphany-extensions_fc8.nasl |
2009-02-13 | Name : Fedora Update for epiphany FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_epiphany_fc8.nasl |
2009-02-13 | Name : Fedora Update for evolution-rss FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_evolution-rss_fc8.nasl |
2009-02-13 | Name : Fedora Update for firefox FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_firefox_fc8.nasl |
2009-02-13 | Name : Fedora Update for galeon FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_galeon_fc8.nasl |
2009-02-13 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_gnome-python2-extras_fc8.nasl |
2009-02-13 | Name : Fedora Update for gnome-web-photo FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_gnome-web-photo_fc8.nasl |
2009-02-13 | Name : Fedora Update for kazehakase FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_kazehakase_fc8.nasl |
2009-02-13 | Name : Fedora Update for liferea FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_liferea_fc8.nasl |
2009-02-13 | Name : Fedora Update for openvrml FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_openvrml_fc8.nasl |
2009-02-13 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_ruby-gnome2_fc8.nasl |
2009-02-13 | Name : Fedora Update for yelp FEDORA-2008-11551 File : nvt/gb_fedora_2008_11551_yelp_fc8.nasl |
2009-02-13 | Name : Fedora Update for seamonkey FEDORA-2008-11586 File : nvt/gb_fedora_2008_11586_seamonkey_fc9.nasl |
2009-02-13 | Name : Fedora Update for Miro FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_Miro_fc9.nasl |
2009-02-13 | Name : Fedora Update for blam FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_blam_fc9.nasl |
2009-02-13 | Name : Fedora Update for cairo-dock FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_cairo-dock_fc9.nasl |
2009-02-13 | Name : Fedora Update for chmsee FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_chmsee_fc9.nasl |
2009-02-13 | Name : Fedora Update for devhelp FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_devhelp_fc9.nasl |
2009-02-13 | Name : Fedora Update for epiphany-extensions FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_epiphany-extensions_fc9.nasl |
2009-02-13 | Name : Fedora Update for epiphany FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_epiphany_fc9.nasl |
2009-02-13 | Name : Fedora Update for evolution-rss FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_evolution-rss_fc9.nasl |
2009-02-13 | Name : Fedora Update for firefox FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_firefox_fc9.nasl |
2009-02-13 | Name : Fedora Update for galeon FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_galeon_fc9.nasl |
2009-02-13 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_gnome-python2-extras_fc9.nasl |
2009-02-13 | Name : Fedora Update for gnome-web-photo FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_gnome-web-photo_fc9.nasl |
2009-02-13 | Name : Fedora Update for google-gadgets FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_google-gadgets_fc9.nasl |
2009-02-13 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_gtkmozembedmm_fc9.nasl |
2009-02-13 | Name : Fedora Update for kazehakase FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_kazehakase_fc9.nasl |
2009-02-13 | Name : Fedora Update for mozvoikko FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_mozvoikko_fc9.nasl |
2009-02-13 | Name : Fedora Update for mugshot FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_mugshot_fc9.nasl |
2009-02-13 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_ruby-gnome2_fc9.nasl |
2009-02-13 | Name : Fedora Update for totem FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_totem_fc9.nasl |
2009-02-13 | Name : Fedora Update for xulrunner FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_xulrunner_fc9.nasl |
2009-02-13 | Name : Fedora Update for yelp FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_yelp_fc9.nasl |
2009-01-23 | Name : SuSE Update for MozillaFirefox SUSE-SA:2008:034 File : nvt/gb_suse_2008_034.nasl |
2009-01-23 | Name : SuSE Update for MozillaFirefox,MozillaThunderbird,seamonkey,mozilla SUSE-SA:... File : nvt/gb_suse_2008_050.nasl |
2009-01-23 | Name : SuSE Update for MozillaFirefox,MozillaThunderbird,seamonkey SUSE-SA:2008:055 File : nvt/gb_suse_2008_055.nasl |
2009-01-23 | Name : SuSE Update for MozillaFirefox,seamonkey SUSE-SA:2008:058 File : nvt/gb_suse_2008_058.nasl |
2009-01-20 | Name : Debian Security Advisory DSA 1704-1 (xulrunner) File : nvt/deb_1704_1.nasl |
2009-01-20 | Name : Debian Security Advisory DSA 1707-1 (iceweasel) File : nvt/deb_1707_1.nasl |
2009-01-20 | Name : Mandrake Security Advisory MDVSA-2009:012 (mozilla-thunderbird) File : nvt/mdksa_2009_012.nasl |
2009-01-20 | Name : SuSE Security Advisory SUSE-SA:2009:002 (MozillaFirefox,MozillaThunderbird,mo... File : nvt/suse_sa_2009_002.nasl |
2009-01-20 | Name : Ubuntu USN-708-1 (hplip) File : nvt/ubuntu_708_1.nasl |
2009-01-13 | Name : Debian Security Advisory DSA 1696-1 (icedove) File : nvt/deb_1696_1.nasl |
2009-01-13 | Name : Debian Security Advisory DSA 1697-1 (iceape) File : nvt/deb_1697_1.nasl |
2009-01-13 | Name : CentOS Security Advisory CESA-2009:0002 (thunderbird) File : nvt/ovcesa2009_0002.nasl |
2009-01-13 | Name : Ubuntu USN-701-1 (thunderbird) File : nvt/ubuntu_701_1.nasl |
2009-01-13 | Name : Ubuntu USN-701-2 (mozilla-thunderbird) File : nvt/ubuntu_701_2.nasl |
2009-01-07 | Name : RedHat Security Advisory RHSA-2009:0002 File : nvt/RHSA_2009_0002.nasl |
2008-12-23 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox36.nasl |
2008-12-23 | Name : Mozilla Firefox Multiple Vulnerabilities December-08 (Linux) File : nvt/gb_firefox_mult_vuln_dec08_lin.nasl |
2008-12-23 | Name : Mozilla Firefox Multiple Vulnerabilities December-08 (Win) File : nvt/gb_firefox_mult_vuln_dec08_win.nasl |
2008-12-23 | Name : Mozilla Seamonkey Multiple Vulnerabilities December-08 (Linux) File : nvt/gb_seamonkey_mult_vuln_dec08_lin.nasl |
2008-12-23 | Name : Mozilla Seamonkey Multiple Vulnerabilities December-08 (Win) File : nvt/gb_seamonkey_mult_vuln_dec08_win.nasl |
2008-12-23 | Name : Mozilla Thunderbird Multiple Vulnerabilities December-08 (Linux) File : nvt/gb_thunderbird_mult_vuln_dec08_lin.nasl |
2008-12-23 | Name : Mozilla Thunderbird Multiple Vulnerabilities December-08 (Win) File : nvt/gb_thunderbird_mult_vuln_dec08_win.nasl |
2008-12-03 | Name : Debian Security Advisory DSA 1671-1 (iceweasel) File : nvt/deb_1671_1.nasl |
2008-11-24 | Name : Debian Security Advisory DSA 1669-1 (xulrunner) File : nvt/deb_1669_1.nasl |
2008-11-21 | Name : Mozilla Firefox Multiple Vulnerabilities November-08 (Linux) File : nvt/gb_firefox_mult_vuln_nov08_lin.nasl |
2008-11-21 | Name : Mozilla Firefox Multiple Vulnerabilities November-08 (Win) File : nvt/gb_firefox_mult_vuln_nov08_win.nasl |
2008-11-21 | Name : Mozilla Seamonkey Multiple Vulnerabilities November-08 (Linux) File : nvt/gb_seamonkey_mult_vuln_nov08_lin.nasl |
2008-11-21 | Name : Mozilla Seamonkey Multiple Vulnerabilities November-08 (Win) File : nvt/gb_seamonkey_mult_vuln_nov08_win.nasl |
2008-11-21 | Name : Mozilla Thunderbird Multiple Vulnerabilities November-08 (Linux) File : nvt/gb_thunderbird_mult_vuln_nov08_lin.nasl |
2008-11-21 | Name : Mozilla Thunderbird Multiple Vulnerabilities November-08 (Win) File : nvt/gb_thunderbird_mult_vuln_nov08_win.nasl |
2008-11-19 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox35.nasl |
2008-11-01 | Name : Debian Security Advisory DSA 1649-1 (iceweasel) File : nvt/deb_1649_1.nasl |
2008-10-17 | Name : Firefox .url Shortcut File Information Disclosure Vulnerability File : nvt/gb_firefox_url_file_info_dis_vuln.nasl |
2008-10-07 | Name : Mozilla Firefox Multiple Vulnerability July-08 (Linux) File : nvt/gb_firefox_mult_vuln_july08_lin.nasl |
2008-10-07 | Name : Mozilla Seamonkey Multiple Vulnerability July-08 (Linux) File : nvt/gb_seamonkey_mult_vuln_july08_lin.nasl |
2008-10-07 | Name : Mozilla Thunderbird Multiple Vulnerability July-08 (Linux) File : nvt/gb_thunderbird_mult_vuln_july08_lin.nasl |
2008-10-06 | Name : Mozilla Firefox Multiple Vulnerability July-08 (Win) File : nvt/gb_firefox_mult_vuln_july08_win.nasl |
2008-10-06 | Name : Mozilla Seamonkey Multiple Vulnerability July-08 (Win) File : nvt/gb_seamonkey_mult_vuln_july08_win.nasl |
2008-10-06 | Name : Mozilla Thunderbird Multiple Vulnerability July-08 (Win) File : nvt/gb_thunderbird_mult_vuln_july08_win.nasl |
2008-09-24 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox34.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200805-18 (mozilla ...) File : nvt/glsa_200805_18.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200808-03 (mozilla ...) File : nvt/glsa_200808_03.nasl |
2008-08-15 | Name : Debian Security Advisory DSA 1614-1 (iceweasel) File : nvt/deb_1614_1.nasl |
2008-08-15 | Name : Debian Security Advisory DSA 1615-1 (xulrunner) File : nvt/deb_1615_1.nasl |
2008-08-15 | Name : Debian Security Advisory DSA 1621-1 (icedove) File : nvt/deb_1621_1.nasl |
2008-07-15 | Name : Debian Security Advisory DSA 1607-1 (iceweasel) File : nvt/deb_1607_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-061-01 mozilla-thunderbird File : nvt/esoft_slk_ssa_2008_061_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-191-03 seamonkey File : nvt/esoft_slk_ssa_2008_191_03.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-198-01 mozilla-firefox File : nvt/esoft_slk_ssa_2008_198_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-198-02 seamonkey File : nvt/esoft_slk_ssa_2008_198_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-210-05 mozilla-thunderbird File : nvt/esoft_slk_ssa_2008_210_05.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-269-01 mozilla-firefox File : nvt/esoft_slk_ssa_2008_269_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-269-02 seamonkey File : nvt/esoft_slk_ssa_2008_269_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-270-01 mozilla-thunderbird File : nvt/esoft_slk_ssa_2008_270_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
56782 | Mozilla Firefox feedWriter Feed Preview Multiple Function Remote Script Execu... |
51296 | Mozilla Multiple Products XPCNativeWrappers Pollution JavaScript Privilege Es... |
51295 | Mozilla Multiple Products XBL Binding Unloaded Document XSS |
51293 | Mozilla Multiple Products Whitespace / Control Character URL Handling Phishin... |
51292 | Mozilla Multiple Products window.onerror DOM API Same-origin Policy Bypass In... |
51291 | Mozilla Multiple Products XMLHttpRequest 302 Redirect Same-origin Policy Bypa... |
51288 | Mozilla Multiple Product loadBindingDocument Function XBL Binding Same-domain... |
51285 | Mozilla Multiple Products Layout Engine nsEscapeHTML2 Overflow |
51284 | Mozilla Multiple Products Layout Engine PresShell::InitialReflow XUL iframe O... |
50181 | Mozilla Multiple Products nsXMLHttpRequest::NotifyEventListeners Method Same-... |
50179 | Mozilla Multiple Products nsFrameManager File Input Element Modification Blur... |
50176 | Mozilla Multiple Products Browser Engine xpcom/io/nsEscape.cpp Unspecified Ov... |
50141 | Mozilla Multiple Products jslock.cpp OBJ_IS_NATIVE Function Non-Native Object... |
50140 | Mozilla Multiple Products Flash Module SWF File Dynamic Unloading Arbitrary R... |
50139 | Mozilla Multiple Products Canvas Element Handling Same-policy Origin Bypass |
49995 | Mozilla Multiple Products EX4 Document Handling Remote XML Injection |
49925 | Mozilla Multiple Products http-index-format MIME Type Parser Crafted Index Re... |
49073 | Mozilla Multiple Products HTML Element .url Shortcut File Arbitrary Cache Dis... |
48780 | Mozilla Multiple Products URL Parsing Implementation Crafted UTF-8 URL Arbitr... |
48779 | Mozilla Multiple Products XBM Decoder Image File Handling Arbitrary Memory Di... |
48773 | Mozilla Multiple Product nsXMLDocument::OnChannelRedirect Function Same Origi... |
48772 | Mozilla Multiple Products News Article Header Handling Overflow |
48770 | Mozilla Firefox XPConnect Component SCRIPT Element Privileged Code Execution |
48769 | Mozilla Multiple Products resource URI Traversal Access Restriction Bypass |
48768 | Mozilla Multiple Products window.moveBy Crafted onmousedown drag-and-drop Act... |
48761 | Mozilla Multiple Products on Linux URL-encoded resource URI Traversal Arbitra... |
48760 | Mozilla Multiple Products Stripped BOM Character XSS |
48759 | Mozilla Multiple Products MathML Component rowspan Attribute Handling Memory ... |
48751 | Mozilla Multiple Products nsJSNPRuntime.cpp nsNPObjWrapper::GetNewOrUsed Func... |
48750 | Mozilla Multiple Products nsEscape.cpp nsEscapeCount Function Memory Corruption |
48749 | Mozilla Multiple Products jsxml.c Namespace / Qname Characteristic Handling M... |
48748 | Mozilla Multiple Products XSLT Arbitrary Script Execution |
48747 | Mozilla Multiple Products document.loadBindingDocument() Arbitrary Script Exe... |
48746 | Mozilla Multiple Products XPCNativeWrappers Pollution Arbitrary Code Execution |
47465 | Mozilla Firefox Command-line URI Handling Pipe Character Arbitrary File Access |
46688 | Mozilla Multiple Browser XMLHttpRequest / onreadystatechange Handler XSS |
46687 | Mozilla Multiple Browser Unloaded Document script Element XSS |
46686 | Mozilla Multiple Browser nsXMLHttpRequest::OnChannelRedirect() Function Same-... |
46685 | Mozilla Multiple Browser Outer Window Event Handler XUL Element XSS |
46684 | Mozilla Multiple Browser Signed JAR JavaScript Injection |
46683 | Mozilla Multiple Product Non-priviliged XUL Documents chrome: Privilege Escal... |
46682 | Mozilla Multiple Product mozIJSSubScriptLoader.LoadScript() Arbitrary Code Ex... |
46681 | Mozilla Multiple Browser originalTarget / DOM Range Arbitrary File Upload |
46679 | Mozilla Multiple Browser Add-on .properties File Arbitrary Memory Disclosure |
46678 | Mozilla Multiple Browser Directory Listing File Name XSS |
46677 | Mozilla Multiple Product Peer-trusted Certificate Alternate Name Spoofing |
46676 | Mozilla Multiple Browser Windows URL Shortcut Handling Cross-context Execution |
46675 | Mozilla Multiple Product Engine Block Reflow Code Arbitrary Code Execution |
46674 | Mozilla Multiple Product JavaScript Engine Multiple Unspecified Memory Corrup... |
46673 | Mozilla Multiple Product Layout Engine Multiple Unspecified Memory Corruption |
46421 | Mozilla Firefox CSSValue Array Memory Corruption |
42428 | Mozilla Multiple Products E-mail Handling MIME Processing Overflow |
Snort® IPS/IDS
Date | Description |
---|---|
2017-08-29 | Mozilla Firefox BOM character cross site scripting attempt RuleID : 43749 - Revision : 2 - Type : BROWSER-FIREFOX |
2017-08-29 | Mozilla Firefox BOM character cross site scripting attempt RuleID : 43748 - Revision : 2 - Type : BROWSER-FIREFOX |
2016-10-25 | Mozilla Firefox file type memory corruption attempt RuleID : 40280 - Revision : 1 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla multiple products CSSValue array memory corruption attempt RuleID : 17630 - Revision : 8 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox file type memory corruption attempt RuleID : 17603 - Revision : 10 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox UTF-8 URL Handling Stack Buffer Overflow RuleID : 17519 - Revision : 9 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla CSS value counter overflow attempt RuleID : 16292 - Revision : 8 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0104.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0105.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0547.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0549.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0569.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0597.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0598.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0599.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0616.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0879.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0882.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0908.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0976.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0977.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0978.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-1036.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-1037.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2009-0002.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-582-2.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-645-2.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-690-3.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-701-2.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20080702_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080702_firefox_on_SL_5_2.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080702_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080716_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080716_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080716_seamonkey_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20080723_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080923_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080923_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20081001_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081112_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081112_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20081119_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081216_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081216_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20090107_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0569.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0597.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0616.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0879.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0976.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0978.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-1036.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2009-0002.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12326.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5826.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5890.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_epiphany-5889.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gecko-sdk-5813.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-080731.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-081002.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-081124.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-081218.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaThunderbird-080912.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaThunderbird-081003.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaThunderbird-081124.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaThunderbird-090108.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_mozilla-xulrunner181-081002.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_mozilla-xulrunner181-081122.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_mozilla-xulrunner181-081218.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_mozilla-xulrunner190-081002.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_mozilla-xulrunner190-081218.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_seamonkey-080912.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_seamonkey-081003.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_seamonkey-081122.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_seamonkey-081218.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-081218.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaThunderbird-090108.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_mozilla-xulrunner181-081219.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_mozilla-xulrunner190-081218.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_seamonkey-081218.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0977.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2008-11490.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-11511.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9901.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-062.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-136.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-148.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-155.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-205.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-206.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-228.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-230.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-235.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-244.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-245.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-012.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-645-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-645-3.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-647-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-667-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-668-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-690-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-690-2.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-701-1.nasl - Type : ACT_GATHER_INFO |
2009-01-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1707.nasl - Type : ACT_GATHER_INFO |
2009-01-15 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1704.nasl - Type : ACT_GATHER_INFO |
2009-01-09 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-5900.nasl - Type : ACT_GATHER_INFO |
2009-01-08 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1696.nasl - Type : ACT_GATHER_INFO |
2009-01-08 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1697.nasl - Type : ACT_GATHER_INFO |
2009-01-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2009-0002.nasl - Type : ACT_GATHER_INFO |
2009-01-07 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-5885.nasl - Type : ACT_GATHER_INFO |
2009-01-07 | Name : The remote openSUSE host is missing a security update. File : suse_mozilla-xulrunner181-5881.nasl - Type : ACT_GATHER_INFO |
2009-01-02 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20019.nasl - Type : ACT_GATHER_INFO |
2008-12-22 | Name : The remote Windows host contains a web browser that is affected by a cross do... File : mozilla_firefox_20020.nasl - Type : ACT_GATHER_INFO |
2008-12-21 | Name : The remote Fedora host is missing a security update. File : fedora_2008-11534.nasl - Type : ACT_GATHER_INFO |
2008-12-21 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-11551.nasl - Type : ACT_GATHER_INFO |
2008-12-21 | Name : The remote Fedora host is missing a security update. File : fedora_2008-11586.nasl - Type : ACT_GATHER_INFO |
2008-12-21 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-11598.nasl - Type : ACT_GATHER_INFO |
2008-12-21 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_29f5bfc5ce0411dda7210030843d3802.nasl - Type : ACT_GATHER_INFO |
2008-12-21 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5880.nasl - Type : ACT_GATHER_INFO |
2008-12-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-1037.nasl - Type : ACT_GATHER_INFO |
2008-12-17 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_20019.nasl - Type : ACT_GATHER_INFO |
2008-12-17 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_305.nasl - Type : ACT_GATHER_INFO |
2008-12-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-1036.nasl - Type : ACT_GATHER_INFO |
2008-12-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-1037.nasl - Type : ACT_GATHER_INFO |
2008-12-17 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_1114.nasl - Type : ACT_GATHER_INFO |
2008-11-26 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gecko-sdk-5811.nasl - Type : ACT_GATHER_INFO |
2008-11-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1671.nasl - Type : ACT_GATHER_INFO |
2008-11-25 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-5812.nasl - Type : ACT_GATHER_INFO |
2008-11-25 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-5825.nasl - Type : ACT_GATHER_INFO |
2008-11-25 | Name : The remote openSUSE host is missing a security update. File : suse_mozilla-xulrunner181-5820.nasl - Type : ACT_GATHER_INFO |
2008-11-25 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5815.nasl - Type : ACT_GATHER_INFO |
2008-11-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1669.nasl - Type : ACT_GATHER_INFO |
2008-11-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5786.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9807.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9859.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0976.nasl - Type : ACT_GATHER_INFO |
2008-11-20 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20018.nasl - Type : ACT_GATHER_INFO |
2008-11-16 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-9667.nasl - Type : ACT_GATHER_INFO |
2008-11-16 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-9669.nasl - Type : ACT_GATHER_INFO |
2008-11-14 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_f29fea8fb19f11dda55e00163e000016.nasl - Type : ACT_GATHER_INFO |
2008-11-13 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_20018.nasl - Type : ACT_GATHER_INFO |
2008-11-13 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_304.nasl - Type : ACT_GATHER_INFO |
2008-11-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0977.nasl - Type : ACT_GATHER_INFO |
2008-11-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0978.nasl - Type : ACT_GATHER_INFO |
2008-11-13 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_1113.nasl - Type : ACT_GATHER_INFO |
2008-10-16 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-5680.nasl - Type : ACT_GATHER_INFO |
2008-10-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1649.nasl - Type : ACT_GATHER_INFO |
2008-10-08 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gecko-sdk-5654.nasl - Type : ACT_GATHER_INFO |
2008-10-08 | Name : The remote openSUSE host is missing a security update. File : suse_mozilla-xulrunner181-5656.nasl - Type : ACT_GATHER_INFO |
2008-10-07 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5657.nasl - Type : ACT_GATHER_INFO |
2008-10-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0908.nasl - Type : ACT_GATHER_INFO |
2008-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-5655.nasl - Type : ACT_GATHER_INFO |
2008-10-02 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0908.nasl - Type : ACT_GATHER_INFO |
2008-10-01 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-5640.nasl - Type : ACT_GATHER_INFO |
2008-10-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5644.nasl - Type : ACT_GATHER_INFO |
2008-09-29 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-8399.nasl - Type : ACT_GATHER_INFO |
2008-09-29 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8401.nasl - Type : ACT_GATHER_INFO |
2008-09-29 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-8425.nasl - Type : ACT_GATHER_INFO |
2008-09-29 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8429.nasl - Type : ACT_GATHER_INFO |
2008-09-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-270-01.nasl - Type : ACT_GATHER_INFO |
2008-09-26 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-269-01.nasl - Type : ACT_GATHER_INFO |
2008-09-26 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-269-02.nasl - Type : ACT_GATHER_INFO |
2008-09-26 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20017.nasl - Type : ACT_GATHER_INFO |
2008-09-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0882.nasl - Type : ACT_GATHER_INFO |
2008-09-24 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2273879e8a2f11dda6fe0030843d3802.nasl - Type : ACT_GATHER_INFO |
2008-09-24 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_20017.nasl - Type : ACT_GATHER_INFO |
2008-09-24 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_302.nasl - Type : ACT_GATHER_INFO |
2008-09-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0879.nasl - Type : ACT_GATHER_INFO |
2008-09-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0882.nasl - Type : ACT_GATHER_INFO |
2008-09-24 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_1112.nasl - Type : ACT_GATHER_INFO |
2008-09-14 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-5599.nasl - Type : ACT_GATHER_INFO |
2008-09-14 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5600.nasl - Type : ACT_GATHER_INFO |
2008-08-08 | Name : The remote Fedora host is missing a security update. File : fedora_2008-6706.nasl - Type : ACT_GATHER_INFO |
2008-08-08 | Name : The remote Fedora host is missing a security update. File : fedora_2008-6737.nasl - Type : ACT_GATHER_INFO |
2008-08-07 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200808-03.nasl - Type : ACT_GATHER_INFO |
2008-08-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-626-2.nasl - Type : ACT_GATHER_INFO |
2008-07-29 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-210-05.nasl - Type : ACT_GATHER_INFO |
2008-07-29 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-5449.nasl - Type : ACT_GATHER_INFO |
2008-07-29 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5450.nasl - Type : ACT_GATHER_INFO |
2008-07-29 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-626-1.nasl - Type : ACT_GATHER_INFO |
2008-07-28 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1621.nasl - Type : ACT_GATHER_INFO |
2008-07-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-629-1.nasl - Type : ACT_GATHER_INFO |
2008-07-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1614.nasl - Type : ACT_GATHER_INFO |
2008-07-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1615.nasl - Type : ACT_GATHER_INFO |
2008-07-24 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20016.nasl - Type : ACT_GATHER_INFO |
2008-07-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0616.nasl - Type : ACT_GATHER_INFO |
2008-07-18 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-198-01.nasl - Type : ACT_GATHER_INFO |
2008-07-18 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-198-02.nasl - Type : ACT_GATHER_INFO |
2008-07-18 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-6491.nasl - Type : ACT_GATHER_INFO |
2008-07-18 | Name : The remote Fedora host is missing a security update. File : fedora_2008-6517.nasl - Type : ACT_GATHER_INFO |
2008-07-18 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-6518.nasl - Type : ACT_GATHER_INFO |
2008-07-18 | Name : The remote Fedora host is missing a security update. File : fedora_2008-6519.nasl - Type : ACT_GATHER_INFO |
2008-07-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-623-1.nasl - Type : ACT_GATHER_INFO |
2008-07-17 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0598.nasl - Type : ACT_GATHER_INFO |
2008-07-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0599.nasl - Type : ACT_GATHER_INFO |
2008-07-17 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_301.nasl - Type : ACT_GATHER_INFO |
2008-07-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0597.nasl - Type : ACT_GATHER_INFO |
2008-07-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0598.nasl - Type : ACT_GATHER_INFO |
2008-07-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0599.nasl - Type : ACT_GATHER_INFO |
2008-07-16 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_20016.nasl - Type : ACT_GATHER_INFO |
2008-07-16 | Name : A web browser on the remote host is affected by a code execution vulnerability. File : seamonkey_1111.nasl - Type : ACT_GATHER_INFO |
2008-07-15 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1607.nasl - Type : ACT_GATHER_INFO |
2008-07-15 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5405.nasl - Type : ACT_GATHER_INFO |
2008-07-15 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-5411.nasl - Type : ACT_GATHER_INFO |
2008-07-10 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-191-03.nasl - Type : ACT_GATHER_INFO |
2008-07-10 | Name : The remote Fedora host is missing a security update. File : fedora_2008-6193.nasl - Type : ACT_GATHER_INFO |
2008-07-10 | Name : The remote Fedora host is missing a security update. File : fedora_2008-6196.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0547.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0549.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-6127.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0547.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0549.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0569.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-619-1.nasl - Type : ACT_GATHER_INFO |
2008-07-02 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_20015.nasl - Type : ACT_GATHER_INFO |
2008-07-02 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_1110.nasl - Type : ACT_GATHER_INFO |
2008-05-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200805-18.nasl - Type : ACT_GATHER_INFO |
2008-03-04 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-061-01.nasl - Type : ACT_GATHER_INFO |
2008-03-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-582-1.nasl - Type : ACT_GATHER_INFO |
2008-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2060.nasl - Type : ACT_GATHER_INFO |
2008-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2118.nasl - Type : ACT_GATHER_INFO |
2008-02-27 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20012.nasl - Type : ACT_GATHER_INFO |
2008-02-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0104.nasl - Type : ACT_GATHER_INFO |
2008-02-11 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0105.nasl - Type : ACT_GATHER_INFO |
2008-02-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0104.nasl - Type : ACT_GATHER_INFO |
2008-02-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0105.nasl - Type : ACT_GATHER_INFO |
2008-02-08 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_118.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:28:06 |
|