Executive Summary
Summary | |
---|---|
Title | New Xulrunner packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-2124 | First vendor Publication | 2010-11-01 |
Vendor | Debian | Last vendor Modification | 2010-11-01 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several vulnerabilities have been discovered in Xulrunner, the component that provides the core functionality of Iceweasel, Debian's variant of Mozilla's browser technology. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-3765 Xulrunner allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption. CVE-2010-3174 CVE-2010-3176 Multiple unspecified vulnerabilities in the browser engine in Xulrunner allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. CVE-2010-3177 Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Xulrunner allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server. CVE-2010-3178 Xulrunner does not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document. CVE-2010-3179 Stack-based buffer overflow in the text-rendering functionality in Xulrunner allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method. CVE-2010-3180 Use-after-free vulnerability in the nsBarProp function in Xulrunner allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window. CVE-2010-3183 The LookupGetterOrSetter function in Xulrunner does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via a crafted HTML document. In addition, this security update includes corrections for regressions caused by the fixes for CVE-2010-0654 and CVE-2010-2769 in DSA-2075-1 and DSA-2106-1. For the stable distribution (lenny), these problems have been fixed in version 1.9.0.19-6. For the unstable distribution (sid) and the upcoming stable distribution (squeeze), these problems have been fixed in version 3.5.15-1 of the iceweasel package. We recommend that you upgrade your Xulrunner packages. |
Original Source
Url : http://www.debian.org/security/2010/dsa-2124 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
38 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
25 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
12 % | CWE-399 | Resource Management Errors |
12 % | CWE-264 | Permissions, Privileges, and Access Controls |
12 % | CWE-200 | Information Exposure |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11517 | |||
Oval ID: | oval:org.mitre.oval:def:11517 | ||
Title: | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 | ||
Description: | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3174 | Version: | 22 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11675 | |||
Oval ID: | oval:org.mitre.oval:def:11675 | ||
Title: | Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 | ||
Description: | Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3179 | Version: | 23 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11811 | |||
Oval ID: | oval:org.mitre.oval:def:11811 | ||
Title: | Mozilla Firefox, Thunderbird and SeaMonkey Cross-domain Data Theft Using CSS Vulnerability | ||
Description: | Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 permit cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0654 | Version: | 25 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11891 | |||
Oval ID: | oval:org.mitre.oval:def:11891 | ||
Title: | Vulnerability in the LookupGetterOrSetter function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 | ||
Description: | The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a "dangling pointer" and the JS_ValueToId function. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3183 | Version: | 24 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12108 | |||
Oval ID: | oval:org.mitre.oval:def:12108 | ||
Title: | Arbitrary code execution vulnerability in Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10 | ||
Description: | Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3765 | Version: | 19 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12120 | |||
Oval ID: | oval:org.mitre.oval:def:12120 | ||
Title: | Vulnerability in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 via crafted HTML document | ||
Description: | Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3178 | Version: | 23 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12132 | |||
Oval ID: | oval:org.mitre.oval:def:12132 | ||
Title: | Denial of service in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3176 | Version: | 23 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12158 | |||
Oval ID: | oval:org.mitre.oval:def:12158 | ||
Title: | Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 | ||
Description: | Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3180 | Version: | 23 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12192 | |||
Oval ID: | oval:org.mitre.oval:def:12192 | ||
Title: | Mozilla Multiple Products Document Selection Addition designMode Property XSS | ||
Description: | Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML via a selection that is added to a document in which the designMode property is enabled. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2769 | Version: | 23 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12202 | |||
Oval ID: | oval:org.mitre.oval:def:12202 | ||
Title: | Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9 | ||
Description: | Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3177 | Version: | 18 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12797 | |||
Oval ID: | oval:org.mitre.oval:def:12797 | ||
Title: | DSA-2124-1 xulrunner -- several | ||
Description: | Several vulnerabilities have been discovered in Xulrunner, the component that provides the core functionality of Iceweasel, Debian's variant of Mozilla's browser technology. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-3765 Xulrunner allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption. CVE-2010-3174 CVE-2010-3176 Multiple unspecified vulnerabilities in the browser engine in Xulrunner allow remote attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors. CVE-2010-3177 Multiple cross-site scripting vulnerabilities in the Gopher parser in Xulrunner allow remote attackers to inject arbitrary web script or HTML via a crafted name of a file or directory on a Gopher server. CVE-2010-3178 Xulrunner does not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document. CVE-2010-3179 Stack-based buffer overflow in the text-rendering functionality in Xulrunner allows remote attackers to execute arbitrary code or cause a denial of service via a long argument to the document.write method. CVE-2010-3180 Use-after-free vulnerability in the nsBarProp function in Xulrunner allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window. CVE-2010-3183 The LookupGetterOrSetter function in Xulrunner does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service via a crafted HTML document. In addition, this security update includes corrections for regressions caused by the fixes for CVE-2010-0654 and CVE-2010-2769 in DSA-2075-1 and DSA-2106-1. For the stable distribution, these problems have been fixed in version 1.9.0.19-6. For the unstable distribution and the upcoming stable distribution, these problems have been fixed in version 3.5.15-1 of the iceweasel package. We recommend that you upgrade your Xulrunner packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2124-1 CVE-2010-3765 CVE-2010-3174 CVE-2010-3176 CVE-2010-3177 CVE-2010-3178 CVE-2010-3179 CVE-2010-3180 CVE-2010-3183 CVE-2010-0654 CVE-2010-2769 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13075 | |||
Oval ID: | oval:org.mitre.oval:def:13075 | ||
Title: | USN-1011-2 -- thunderbird vulnerability | ||
Description: | USN-1011-1 fixed a vulnerability in Firefox. This update provides the corresponding update for Thunderbird. Original advisory details: Morten Krakvik discovered a heap-based buffer overflow in Firefox. If a user were tricked into navigating to a malicious site, an attacker could cause a denial of service or possibly execute arbitrary code as the user invoking the program. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1011-2 CVE-2010-3765 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 10.10 Ubuntu 9.10 Ubuntu 10.04 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22070 | |||
Oval ID: | oval:org.mitre.oval:def:22070 | ||
Title: | RHSA-2010:0896: thunderbird security update (Moderate) | ||
Description: | Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0896-01 CVE-2010-3175 CVE-2010-3176 CVE-2010-3178 CVE-2010-3179 CVE-2010-3180 CVE-2010-3182 CVE-2010-3183 CVE-2010-3765 | Version: | 107 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22187 | |||
Oval ID: | oval:org.mitre.oval:def:22187 | ||
Title: | ELSA-2010:0809: xulrunner security update (Critical) | ||
Description: | Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0809-01 CVE-2010-3765 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | xulrunner |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22273 | |||
Oval ID: | oval:org.mitre.oval:def:22273 | ||
Title: | RHSA-2010:0861: firefox security update (Critical) | ||
Description: | Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0861-02 CVE-2010-3175 CVE-2010-3176 CVE-2010-3177 CVE-2010-3178 CVE-2010-3179 CVE-2010-3180 CVE-2010-3182 CVE-2010-3183 CVE-2010-3765 | Version: | 120 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22356 | |||
Oval ID: | oval:org.mitre.oval:def:22356 | ||
Title: | RHSA-2010:0812: thunderbird security update (Moderate) | ||
Description: | Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0812-01 CESA-2010:0812 CVE-2010-3765 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22374 | |||
Oval ID: | oval:org.mitre.oval:def:22374 | ||
Title: | RHSA-2010:0782: firefox security update (Critical) | ||
Description: | The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a "dangling pointer" and the JS_ValueToId function. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0782-01 CESA-2010:0782 CVE-2010-3170 CVE-2010-3173 CVE-2010-3175 CVE-2010-3176 CVE-2010-3177 CVE-2010-3178 CVE-2010-3179 CVE-2010-3180 CVE-2010-3182 CVE-2010-3183 | Version: | 133 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | firefox nss xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22375 | |||
Oval ID: | oval:org.mitre.oval:def:22375 | ||
Title: | RHSA-2010:0809: xulrunner security update (Critical) | ||
Description: | Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0809-01 CESA-2010:0809 CVE-2010-3765 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | xulrunner |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22847 | |||
Oval ID: | oval:org.mitre.oval:def:22847 | ||
Title: | ELSA-2010:0812: thunderbird security update (Moderate) | ||
Description: | Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0812-01 CVE-2010-3765 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23154 | |||
Oval ID: | oval:org.mitre.oval:def:23154 | ||
Title: | ELSA-2010:0782: firefox security update (Critical) | ||
Description: | The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a "dangling pointer" and the JS_ValueToId function. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0782-01 CVE-2010-3170 CVE-2010-3173 CVE-2010-3175 CVE-2010-3176 CVE-2010-3177 CVE-2010-3178 CVE-2010-3179 CVE-2010-3180 CVE-2010-3182 CVE-2010-3183 | Version: | 45 |
Platform(s): | Oracle Linux 5 | Product(s): | firefox nss xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23391 | |||
Oval ID: | oval:org.mitre.oval:def:23391 | ||
Title: | ELSA-2010:0861: firefox security update (Critical) | ||
Description: | Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0861-02 CVE-2010-3175 CVE-2010-3176 CVE-2010-3177 CVE-2010-3178 CVE-2010-3179 CVE-2010-3180 CVE-2010-3182 CVE-2010-3183 CVE-2010-3765 | Version: | 41 |
Platform(s): | Oracle Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23599 | |||
Oval ID: | oval:org.mitre.oval:def:23599 | ||
Title: | ELSA-2010:0896: thunderbird security update (Moderate) | ||
Description: | Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0896-01 CVE-2010-3175 CVE-2010-3176 CVE-2010-3178 CVE-2010-3179 CVE-2010-3180 CVE-2010-3182 CVE-2010-3183 CVE-2010-3765 | Version: | 37 |
Platform(s): | Oracle Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28076 | |||
Oval ID: | oval:org.mitre.oval:def:28076 | ||
Title: | DEPRECATED: ELSA-2010-0809 -- xulrunner security update (critical) | ||
Description: | [1.9.2.11-4.0.1.el5_5] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one. [1.9.2.11-4.el5_5] - Add upstream patch for CVE-2010-3765 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0809 CVE-2010-3765 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | xulrunner |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Mozilla Firefox document.write and DOM insertion memory corruption | More info here |
ExploitDB Exploits
id | Description |
---|---|
2010-10-28 | Firefox Memory Corruption Proof of Concept (Simplified) |
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for firefox CESA-2010:0547 centos5 i386 File : nvt/gb_CESA-2010_0547_firefox_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2010:0681 centos5 i386 File : nvt/gb_CESA-2010_0681_firefox_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for thunderbird CESA-2010:0780 centos5 i386 File : nvt/gb_CESA-2010_0780_thunderbird_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2010:0782 centos5 i386 File : nvt/gb_CESA-2010_0782_firefox_centos5_i386.nasl |
2010-12-02 | Name : Fedora Update for firefox FEDORA-2010-16897 File : nvt/gb_fedora_2010_16897_firefox_fc14.nasl |
2010-12-02 | Name : Fedora Update for galeon FEDORA-2010-16897 File : nvt/gb_fedora_2010_16897_galeon_fc14.nasl |
2010-12-02 | Name : Fedora Update for gnome-python2-extras FEDORA-2010-16897 File : nvt/gb_fedora_2010_16897_gnome-python2-extras_fc14.nasl |
2010-12-02 | Name : Fedora Update for gnome-web-photo FEDORA-2010-16897 File : nvt/gb_fedora_2010_16897_gnome-web-photo_fc14.nasl |
2010-12-02 | Name : Fedora Update for mozvoikko FEDORA-2010-16897 File : nvt/gb_fedora_2010_16897_mozvoikko_fc14.nasl |
2010-12-02 | Name : Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-16897 File : nvt/gb_fedora_2010_16897_perl-Gtk2-MozEmbed_fc14.nasl |
2010-12-02 | Name : Fedora Update for xulrunner FEDORA-2010-16897 File : nvt/gb_fedora_2010_16897_xulrunner_fc14.nasl |
2010-11-17 | Name : Debian Security Advisory DSA 2124-1 (xulrunner) File : nvt/deb_2124_1.nasl |
2010-11-17 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox51.nasl |
2010-11-17 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox52.nasl |
2010-11-16 | Name : CentOS Update for thunderbird CESA-2010:0812 centos4 i386 File : nvt/gb_CESA-2010_0812_thunderbird_centos4_i386.nasl |
2010-11-16 | Name : Fedora Update for firefox FEDORA-2010-16885 File : nvt/gb_fedora_2010_16885_firefox_fc12.nasl |
2010-11-16 | Name : Fedora Update for galeon FEDORA-2010-16885 File : nvt/gb_fedora_2010_16885_galeon_fc12.nasl |
2010-11-16 | Name : Fedora Update for gnome-python2-extras FEDORA-2010-16885 File : nvt/gb_fedora_2010_16885_gnome-python2-extras_fc12.nasl |
2010-11-16 | Name : Fedora Update for gnome-web-photo FEDORA-2010-16885 File : nvt/gb_fedora_2010_16885_gnome-web-photo_fc12.nasl |
2010-11-16 | Name : Fedora Update for mozvoikko FEDORA-2010-16885 File : nvt/gb_fedora_2010_16885_mozvoikko_fc12.nasl |
2010-11-16 | Name : Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-16885 File : nvt/gb_fedora_2010_16885_perl-Gtk2-MozEmbed_fc12.nasl |
2010-11-16 | Name : Fedora Update for xulrunner FEDORA-2010-16885 File : nvt/gb_fedora_2010_16885_xulrunner_fc12.nasl |
2010-11-16 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2010:219 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2010_219.nasl |
2010-11-16 | Name : SuSE Update for MozillaFirefox,seamonkey,MozillaThunderbird SUSE-SA:2010:056 File : nvt/gb_suse_2010_056.nasl |
2010-11-04 | Name : CentOS Update for thunderbird CESA-2010:0780 centos4 i386 File : nvt/gb_CESA-2010_0780_thunderbird_centos4_i386.nasl |
2010-11-04 | Name : CentOS Update for seamonkey CESA-2010:0781 centos3 i386 File : nvt/gb_CESA-2010_0781_seamonkey_centos3_i386.nasl |
2010-11-04 | Name : CentOS Update for seamonkey CESA-2010:0781 centos4 i386 File : nvt/gb_CESA-2010_0781_seamonkey_centos4_i386.nasl |
2010-11-04 | Name : CentOS Update for firefox CESA-2010:0782 centos4 i386 File : nvt/gb_CESA-2010_0782_firefox_centos4_i386.nasl |
2010-11-04 | Name : CentOS Update for firefox CESA-2010:0808 centos4 i386 File : nvt/gb_CESA-2010_0808_firefox_centos4_i386.nasl |
2010-11-04 | Name : CentOS Update for seamonkey CESA-2010:0810 centos3 i386 File : nvt/gb_CESA-2010_0810_seamonkey_centos3_i386.nasl |
2010-11-04 | Name : CentOS Update for seamonkey CESA-2010:0810 centos4 i386 File : nvt/gb_CESA-2010_0810_seamonkey_centos4_i386.nasl |
2010-11-04 | Name : RedHat Update for firefox RHSA-2010:0808-01 File : nvt/gb_RHSA-2010_0808-01_firefox.nasl |
2010-11-04 | Name : RedHat Update for xulrunner RHSA-2010:0809-01 File : nvt/gb_RHSA-2010_0809-01_xulrunner.nasl |
2010-11-04 | Name : RedHat Update for seamonkey RHSA-2010:0810-01 File : nvt/gb_RHSA-2010_0810-01_seamonkey.nasl |
2010-11-04 | Name : RedHat Update for thunderbird RHSA-2010:0812-01 File : nvt/gb_RHSA-2010_0812-01_thunderbird.nasl |
2010-11-04 | Name : Fedora Update for firefox FEDORA-2010-16593 File : nvt/gb_fedora_2010_16593_firefox_fc13.nasl |
2010-11-04 | Name : Fedora Update for galeon FEDORA-2010-16593 File : nvt/gb_fedora_2010_16593_galeon_fc13.nasl |
2010-11-04 | Name : Fedora Update for gnome-python2-extras FEDORA-2010-16593 File : nvt/gb_fedora_2010_16593_gnome-python2-extras_fc13.nasl |
2010-11-04 | Name : Fedora Update for gnome-web-photo FEDORA-2010-16593 File : nvt/gb_fedora_2010_16593_gnome-web-photo_fc13.nasl |
2010-11-04 | Name : Fedora Update for mozvoikko FEDORA-2010-16593 File : nvt/gb_fedora_2010_16593_mozvoikko_fc13.nasl |
2010-11-04 | Name : Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-16593 File : nvt/gb_fedora_2010_16593_perl-Gtk2-MozEmbed_fc13.nasl |
2010-11-04 | Name : Fedora Update for xulrunner FEDORA-2010-16593 File : nvt/gb_fedora_2010_16593_xulrunner_fc13.nasl |
2010-11-04 | Name : Fedora Update for firefox FEDORA-2010-16883 File : nvt/gb_fedora_2010_16883_firefox_fc13.nasl |
2010-11-04 | Name : Fedora Update for galeon FEDORA-2010-16883 File : nvt/gb_fedora_2010_16883_galeon_fc13.nasl |
2010-11-04 | Name : Fedora Update for gnome-python2-extras FEDORA-2010-16883 File : nvt/gb_fedora_2010_16883_gnome-python2-extras_fc13.nasl |
2010-11-04 | Name : Fedora Update for gnome-web-photo FEDORA-2010-16883 File : nvt/gb_fedora_2010_16883_gnome-web-photo_fc13.nasl |
2010-11-04 | Name : Fedora Update for mozvoikko FEDORA-2010-16883 File : nvt/gb_fedora_2010_16883_mozvoikko_fc13.nasl |
2010-11-04 | Name : Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-16883 File : nvt/gb_fedora_2010_16883_perl-Gtk2-MozEmbed_fc13.nasl |
2010-11-04 | Name : Fedora Update for xulrunner FEDORA-2010-16883 File : nvt/gb_fedora_2010_16883_xulrunner_fc13.nasl |
2010-11-04 | Name : Mandriva Update for xulrunner MDVSA-2010:213 (xulrunner) File : nvt/gb_mandriva_MDVSA_2010_213.nasl |
2010-11-04 | Name : Ubuntu Update for Firefox vulnerability USN-1011-1 File : nvt/gb_ubuntu_USN_1011_1.nasl |
2010-11-04 | Name : Ubuntu Update for thunderbird vulnerability USN-1011-2 File : nvt/gb_ubuntu_USN_1011_2.nasl |
2010-11-04 | Name : Ubuntu Update for Xulrunner vulnerability USN-1011-3 File : nvt/gb_ubuntu_USN_1011_3.nasl |
2010-11-02 | Name : Mozilla Firefox Unspecified Vulnerability Oct-10 (Windows) File : nvt/gb_firefox_unspecified_vuln_oct10_win.nasl |
2010-10-28 | Name : Mozilla Products Multiple Unspecified Vulnerabilities October-10(Windows) File : nvt/gb_mozilla_prdts_mult_unspecified_vuln_win01.nasl |
2010-10-28 | Name : Mozilla Products Multiple Vulnerabilities October-10 (Windows) File : nvt/gb_mozilla_prdts_mult_vuln_win_oct10.nasl |
2010-10-28 | Name : Mozilla Products Multiple Cross-site Scripting Vulnerabilities (Windows) File : nvt/gb_mozilla_prdts_mult_xss_vuln_win.nasl |
2010-10-28 | Name : Mozilla Products Unspecified Vulnerability (Windows) File : nvt/gb_mozilla_prdts_unspecified_vuln_win.nasl |
2010-10-26 | Name : Mandriva Update for firefox MDVSA-2010:210 (firefox) File : nvt/gb_mandriva_MDVSA_2010_210.nasl |
2010-10-26 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2010:211 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2010_211.nasl |
2010-10-22 | Name : RedHat Update for thunderbird RHSA-2010:0780-01 File : nvt/gb_RHSA-2010_0780-01_thunderbird.nasl |
2010-10-22 | Name : RedHat Update for seamonkey RHSA-2010:0781-01 File : nvt/gb_RHSA-2010_0781-01_seamonkey.nasl |
2010-10-22 | Name : RedHat Update for firefox RHSA-2010:0782-01 File : nvt/gb_RHSA-2010_0782-01_firefox.nasl |
2010-10-22 | Name : Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-997-1 File : nvt/gb_ubuntu_USN_997_1.nasl |
2010-10-22 | Name : Ubuntu Update for thunderbird vulnerabilities USN-998-1 File : nvt/gb_ubuntu_USN_998_1.nasl |
2010-10-19 | Name : SuSE Update for MozillaFirefox,MozillaThunderbird,seamonkey SUSE-SA:2010:049 File : nvt/gb_suse_2010_049.nasl |
2010-10-10 | Name : Debian Security Advisory DSA 2106-1 (xulrunner) File : nvt/deb_2106_1.nasl |
2010-10-10 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox50.nasl |
2010-09-22 | Name : Ubuntu Update for Firefox and Xulrunner regression USN-975-2 File : nvt/gb_ubuntu_USN_975_2.nasl |
2010-09-22 | Name : Ubuntu Update for thunderbird regression USN-978-2 File : nvt/gb_ubuntu_USN_978_2.nasl |
2010-09-14 | Name : Mandriva Update for firefox MDVSA-2010:173 (firefox) File : nvt/gb_mandriva_MDVSA_2010_173.nasl |
2010-09-10 | Name : CentOS Update for firefox CESA-2010:0681 centos4 i386 File : nvt/gb_CESA-2010_0681_firefox_centos4_i386.nasl |
2010-09-10 | Name : RedHat Update for firefox RHSA-2010:0681-01 File : nvt/gb_RHSA-2010_0681-01_firefox.nasl |
2010-09-10 | Name : Fedora Update for firefox FEDORA-2010-14362 File : nvt/gb_fedora_2010_14362_firefox_fc12.nasl |
2010-09-10 | Name : Fedora Update for galeon FEDORA-2010-14362 File : nvt/gb_fedora_2010_14362_galeon_fc12.nasl |
2010-09-10 | Name : Fedora Update for gnome-python2-extras FEDORA-2010-14362 File : nvt/gb_fedora_2010_14362_gnome-python2-extras_fc12.nasl |
2010-09-10 | Name : Fedora Update for gnome-web-photo FEDORA-2010-14362 File : nvt/gb_fedora_2010_14362_gnome-web-photo_fc12.nasl |
2010-09-10 | Name : Fedora Update for mozvoikko FEDORA-2010-14362 File : nvt/gb_fedora_2010_14362_mozvoikko_fc12.nasl |
2010-09-10 | Name : Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-14362 File : nvt/gb_fedora_2010_14362_perl-Gtk2-MozEmbed_fc12.nasl |
2010-09-10 | Name : Fedora Update for xulrunner FEDORA-2010-14362 File : nvt/gb_fedora_2010_14362_xulrunner_fc12.nasl |
2010-09-10 | Name : Mozilla Products Multiple Vulnerabilities sep-10 (Windows) File : nvt/gb_mozilla_prdts_mult_vuln_win_sep10.nasl |
2010-09-10 | Name : Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-975-1 File : nvt/gb_ubuntu_USN_975_1.nasl |
2010-09-10 | Name : Ubuntu Update for thunderbird vulnerabilities USN-978-1 File : nvt/gb_ubuntu_USN_978_1.nasl |
2010-09-07 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2010:169 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2010_169.nasl |
2010-08-21 | Name : Debian Security Advisory DSA 2075-1 (xulrunner) File : nvt/deb_2075_1.nasl |
2010-08-21 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox49.nasl |
2010-08-06 | Name : SuSE Update for MozillaFirefox,MozillaThunderbird,seamonkey SUSE-SA:2010:032 File : nvt/gb_suse_2010_032.nasl |
2010-07-30 | Name : Ubuntu Update for Firefox and Xulrunner vulnerability USN-957-2 File : nvt/gb_ubuntu_USN_957_2.nasl |
2010-07-30 | Name : Ubuntu Update for thunderbird vulnerabilities USN-958-1 File : nvt/gb_ubuntu_USN_958_1.nasl |
2010-07-26 | Name : Mozilla Products Multiple Vulnerabilities jul-10 (Windows) File : nvt/gb_mozilla_prdts_mult_vuln_win_jul10.nasl |
2010-07-26 | Name : Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-930-4 File : nvt/gb_ubuntu_USN_930_4.nasl |
2010-07-26 | Name : Ubuntu Update USN-930-5 File : nvt/gb_ubuntu_USN_930_5.nasl |
2010-07-26 | Name : Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-957-1 File : nvt/gb_ubuntu_USN_957_1.nasl |
2010-07-23 | Name : RedHat Update for firefox RHSA-2010:0547-01 File : nvt/gb_RHSA-2010_0547-01_firefox.nasl |
2010-07-23 | Name : Fedora Update for seamonkey FEDORA-2010-11327 File : nvt/gb_fedora_2010_11327_seamonkey_fc13.nasl |
2010-07-23 | Name : Fedora Update for firefox FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_firefox_fc13.nasl |
2010-07-23 | Name : Fedora Update for galeon FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_galeon_fc13.nasl |
2010-07-23 | Name : Fedora Update for gnome-python2-extras FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_gnome-python2-extras_fc13.nasl |
2010-07-23 | Name : Fedora Update for gnome-web-photo FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_gnome-web-photo_fc13.nasl |
2010-07-23 | Name : Fedora Update for mozvoikko FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_mozvoikko_fc13.nasl |
2010-07-23 | Name : Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_perl-Gtk2-MozEmbed_fc13.nasl |
2010-07-23 | Name : Fedora Update for xulrunner FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_xulrunner_fc13.nasl |
2010-07-23 | Name : Fedora Update for sunbird FEDORA-2010-11361 File : nvt/gb_fedora_2010_11361_sunbird_fc12.nasl |
2010-07-23 | Name : Fedora Update for thunderbird FEDORA-2010-11361 File : nvt/gb_fedora_2010_11361_thunderbird_fc12.nasl |
2010-07-23 | Name : Fedora Update for seamonkey FEDORA-2010-11363 File : nvt/gb_fedora_2010_11363_seamonkey_fc12.nasl |
2010-07-23 | Name : Fedora Update for firefox FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_firefox_fc12.nasl |
2010-07-23 | Name : Fedora Update for galeon FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_galeon_fc12.nasl |
2010-07-23 | Name : Fedora Update for gnome-python2-extras FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_gnome-python2-extras_fc12.nasl |
2010-07-23 | Name : Fedora Update for gnome-web-photo FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_gnome-web-photo_fc12.nasl |
2010-07-23 | Name : Fedora Update for mozvoikko FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_mozvoikko_fc12.nasl |
2010-07-23 | Name : Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_perl-Gtk2-MozEmbed_fc12.nasl |
2010-07-23 | Name : Fedora Update for xulrunner FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_xulrunner_fc12.nasl |
2010-07-23 | Name : Fedora Update for sunbird FEDORA-2010-11379 File : nvt/gb_fedora_2010_11379_sunbird_fc13.nasl |
2010-07-23 | Name : Fedora Update for thunderbird FEDORA-2010-11379 File : nvt/gb_fedora_2010_11379_thunderbird_fc13.nasl |
2010-02-22 | Name : Firefox Multiple Vulnerabilities Feb-10 (Linux) File : nvt/secpod_firefox_mult_vuln_feb10_lin.nasl |
2010-02-22 | Name : Firefox Multiple Vulnerabilities Feb-10 (Win) File : nvt/secpod_firefox_mult_vuln_feb10_win.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
68921 | Mozilla Thunderbird DOM Insertion document.write() Unspecified Overflow Thunderbird is prone to an overflow condition. The application fails to properly sanitize input caused by interactions between DOM insertions and the document.write() function resulting in a heap overflow. With a specially crafted website, a context-dependent attacker can potentially cause arbitrary code execution. |
68905 | Mozilla Firefox DOM Insertion document.write() Unspecified Overflow Firefox is prone to an overflow condition. The application fails to properly sanitize input caused by interactions between DOM insertions and the document.write() function resulting in a heap overflow. With a specially crafted website, a context-dependent attacker can potentially cause arbitrary code execution. |
68854 | Mozilla Multiple Products LookupGetterOrSetter Function window.__lookupGetter... Mozilla Firefox, SeaMonkey and Thunderbird contains a flaw related to the 'LookupGetterOrSetter()' function in 'js3250.dll' failing to properly support 'window.__lookupGetter__' function calls which lack arguments. This may allow a remote attacker to execute arbitrary code via vectors related to a dangling pointer being passed to the 'JS_ValueToId()' function. |
68851 | Mozilla Multiple Products nsBarProp Function Use-after-free Closed Window loc... Mozilla Firefox, Thunderbird and SeaMonkey contain a use-after-free vulnerability related to the 'nsBarProp' function. This may allow a remote attacker to execute arbitrary code by accessing a closed window's locationbar property. |
68850 | Mozilla Multiple Products Text-rendering document.write Method Long Argument ... Mozilla Firefox, Thunderbird and SeaMonkey are prone to an overflow condition. The text-rendering functionality fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted long argument to the document.write method, a remote attacker can potentially execute arbitrary code. |
68849 | Mozilla Multiple Products Javascript: URL Modal Call Crafted HTML Document Sa... Mozilla Firefox, Thunderbird and SeaMonkey contain a flaw related to the failure to properly handle certain javascript: URLs modal calls which open new windows and perform cross-domain navigation. This may allow a context-dependent attacker to use a crafted HTML document to bypass the Same Origin Policy. |
68848 | Mozilla Multiple Products Gopher Parser Crafted File / Directory Name XSS Mozilla Firefox and SeaMonkey contain a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the file or directory names upon submission to the Gopher parser. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
68847 | Mozilla Multiple Products Browser Engine Multiple Unspecified Memory Corrupti... Mozilla Firefox, Thunderbird and SeaMonkey contain multiple flaws related to the browser engine that may allow a remote attacker to cause a denial of service via memory corruption. It is also possible, though not yet confirmed, that this may allow the execution of arbitrary code. |
68845 | Mozilla Multiple Products Browser Engine Unspecified Memory Corruption (2010-... Mozilla Firefox contains a flaw that may allow a remote denial of service. The issue is triggered when an unspecified error in the browser engine occurs, which may be exploited by a remote attacker to cause a denial of service via memory corruption. It is possible, though not yet confirmed, that this vulnerability may allow the execution of arbitrary code as well. |
67907 | Mozilla Multiple Products Document Selection Addition designMode Property XSS |
66596 | Mozilla Multiple Products CSS Selector Cross-Domain Information Disclosure |
62464 | Mozilla Firefox CSS Stylesheet Cross-origin Information Disclosure |
Snort® IPS/IDS
Date | Description |
---|---|
2017-09-19 | Mozilla Firefox empty lookupGetter dangling pointer attempt RuleID : 44010 - Revision : 2 - Type : BROWSER-FIREFOX |
2017-09-19 | Mozilla Firefox empty lookupGetter dangling pointer attempt RuleID : 44009 - Revision : 2 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox appendChild use-after-free attempt RuleID : 21363 - Revision : 7 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox appendChild use-after-free attempt RuleID : 19292 - Revision : 7 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox html tag attributes memory corruption RuleID : 19078 - Revision : 11 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox appendChild use-after-free attempt RuleID : 19077 - Revision : 9 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox appendChild use-after-free attempt RuleID : 19076 - Revision : 9 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox html tag attributes memory corruption RuleID : 17804 - Revision : 12 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaFirefox-100727.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaFirefox-100916.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaFirefox-101029.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaThunderbird-100721.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaThunderbird-100916.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaThunderbird-101021.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaThunderbird-101028.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_mozilla-xulrunner191-100722.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_mozilla-xulrunner191-100917.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_mozilla-xulrunner191-101028.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_seamonkey-100721.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_seamonkey-100917.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_seamonkey-101021.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_seamonkey-101028.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0546.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0547.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0680.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0681.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0682.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0780.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0781.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0782.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0808.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0809.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0810.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0812.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0545.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100720_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100907_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101019_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101019_seamonkey_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20101019_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20101027_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101027_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101027_xulrunner_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101110_firefox_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20101117_thunderbird_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2011-04-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0681.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-100722.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-100921.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-101103.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_mozilla-xulrunner191-101028.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_mozilla-xulrunner191-101118.nasl - Type : ACT_GATHER_INFO |
2010-11-24 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0780.nasl - Type : ACT_GATHER_INFO |
2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0781.nasl - Type : ACT_GATHER_INFO |
2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0782.nasl - Type : ACT_GATHER_INFO |
2010-11-24 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0808.nasl - Type : ACT_GATHER_INFO |
2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0809.nasl - Type : ACT_GATHER_INFO |
2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0810.nasl - Type : ACT_GATHER_INFO |
2010-11-24 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0812.nasl - Type : ACT_GATHER_INFO |
2010-11-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0861.nasl - Type : ACT_GATHER_INFO |
2010-11-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0896.nasl - Type : ACT_GATHER_INFO |
2010-11-05 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-7208.nasl - Type : ACT_GATHER_INFO |
2010-11-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2124.nasl - Type : ACT_GATHER_INFO |
2010-11-03 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17105.nasl - Type : ACT_GATHER_INFO |
2010-11-03 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-101028.nasl - Type : ACT_GATHER_INFO |
2010-11-03 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaThunderbird-101028.nasl - Type : ACT_GATHER_INFO |
2010-11-03 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_mozilla-xulrunner191-101028.nasl - Type : ACT_GATHER_INFO |
2010-11-03 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_seamonkey-101028.nasl - Type : ACT_GATHER_INFO |
2010-11-03 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaFirefox-101028.nasl - Type : ACT_GATHER_INFO |
2010-11-03 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaThunderbird-101028.nasl - Type : ACT_GATHER_INFO |
2010-11-03 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_mozilla-xulrunner191-101028.nasl - Type : ACT_GATHER_INFO |
2010-11-03 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_seamonkey-101028.nasl - Type : ACT_GATHER_INFO |
2010-11-02 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-219.nasl - Type : ACT_GATHER_INFO |
2010-11-01 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-305-01.nasl - Type : ACT_GATHER_INFO |
2010-11-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-16885.nasl - Type : ACT_GATHER_INFO |
2010-10-29 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-16883.nasl - Type : ACT_GATHER_INFO |
2010-10-29 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-16897.nasl - Type : ACT_GATHER_INFO |
2010-10-29 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_c223b00de27211df8e32000f20797ede.nasl - Type : ACT_GATHER_INFO |
2010-10-29 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-213.nasl - Type : ACT_GATHER_INFO |
2010-10-29 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0812.nasl - Type : ACT_GATHER_INFO |
2010-10-29 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1011-2.nasl - Type : ACT_GATHER_INFO |
2010-10-29 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1011-3.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-16593.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote Windows host contains a web browser affected by a buffer overflow ... File : mozilla_firefox_3515.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote Windows host contains a web browser affected by a buffer overflow ... File : mozilla_firefox_3612.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote Windows host contains a mail client that is affected by a buffer o... File : mozilla_thunderbird_3010.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote Windows host contains a mail client that is affected by buffer ove... File : mozilla_thunderbird_316.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0808.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0809.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0810.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote Windows host contains a web browser affected by a buffer overflow ... File : seamonkey_2010.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaThunderbird-101021.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_seamonkey-101021.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaThunderbird-101022.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_seamonkey-101021.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1011-1.nasl - Type : ACT_GATHER_INFO |
2010-10-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-210.nasl - Type : ACT_GATHER_INFO |
2010-10-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-211.nasl - Type : ACT_GATHER_INFO |
2010-10-21 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_c4f067b9dc4a11df8e32000f20797ede.nasl - Type : ACT_GATHER_INFO |
2010-10-21 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_3514.nasl - Type : ACT_GATHER_INFO |
2010-10-21 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_3611.nasl - Type : ACT_GATHER_INFO |
2010-10-21 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_309.nasl - Type : ACT_GATHER_INFO |
2010-10-21 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_315.nasl - Type : ACT_GATHER_INFO |
2010-10-21 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_209.nasl - Type : ACT_GATHER_INFO |
2010-10-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-997-1.nasl - Type : ACT_GATHER_INFO |
2010-10-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-998-1.nasl - Type : ACT_GATHER_INFO |
2010-10-20 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0780.nasl - Type : ACT_GATHER_INFO |
2010-10-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0781.nasl - Type : ACT_GATHER_INFO |
2010-10-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0782.nasl - Type : ACT_GATHER_INFO |
2010-10-12 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaThunderbird-100916.nasl - Type : ACT_GATHER_INFO |
2010-10-12 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_mozilla-xulrunner191-100917.nasl - Type : ACT_GATHER_INFO |
2010-10-12 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaThunderbird-100917.nasl - Type : ACT_GATHER_INFO |
2010-10-12 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_mozilla-xulrunner191-100917.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-7101.nasl - Type : ACT_GATHER_INFO |
2010-09-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-100916.nasl - Type : ACT_GATHER_INFO |
2010-09-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_seamonkey-100917.nasl - Type : ACT_GATHER_INFO |
2010-09-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaFirefox-100916.nasl - Type : ACT_GATHER_INFO |
2010-09-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_seamonkey-100917.nasl - Type : ACT_GATHER_INFO |
2010-09-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-975-2.nasl - Type : ACT_GATHER_INFO |
2010-09-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-978-2.nasl - Type : ACT_GATHER_INFO |
2010-09-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0680.nasl - Type : ACT_GATHER_INFO |
2010-09-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0681.nasl - Type : ACT_GATHER_INFO |
2010-09-12 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0682.nasl - Type : ACT_GATHER_INFO |
2010-09-12 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-173.nasl - Type : ACT_GATHER_INFO |
2010-09-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2106.nasl - Type : ACT_GATHER_INFO |
2010-09-09 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-14362.nasl - Type : ACT_GATHER_INFO |
2010-09-09 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_4a21ce2cbb1311df8e32000f20797ede.nasl - Type : ACT_GATHER_INFO |
2010-09-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-975-1.nasl - Type : ACT_GATHER_INFO |
2010-09-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-978-1.nasl - Type : ACT_GATHER_INFO |
2010-09-08 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_3512.nasl - Type : ACT_GATHER_INFO |
2010-09-08 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_369.nasl - Type : ACT_GATHER_INFO |
2010-09-08 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_307.nasl - Type : ACT_GATHER_INFO |
2010-09-08 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_313.nasl - Type : ACT_GATHER_INFO |
2010-09-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0680.nasl - Type : ACT_GATHER_INFO |
2010-09-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0682.nasl - Type : ACT_GATHER_INFO |
2010-09-08 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_207.nasl - Type : ACT_GATHER_INFO |
2010-09-03 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-169.nasl - Type : ACT_GATHER_INFO |
2010-08-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0546.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-100722.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaFirefox-100722.nasl - Type : ACT_GATHER_INFO |
2010-07-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2075.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0546.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0547.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaThunderbird-100721.nasl - Type : ACT_GATHER_INFO |
2010-07-27 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_seamonkey-100721.nasl - Type : ACT_GATHER_INFO |
2010-07-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-957-2.nasl - Type : ACT_GATHER_INFO |
2010-07-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-958-1.nasl - Type : ACT_GATHER_INFO |
2010-07-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-930-4.nasl - Type : ACT_GATHER_INFO |
2010-07-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-930-5.nasl - Type : ACT_GATHER_INFO |
2010-07-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-957-1.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0545.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0547.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote Fedora host is missing a security update. File : fedora_2010-11327.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-11345.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-11361.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote Fedora host is missing a security update. File : fedora_2010-11363.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-11375.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-11379.nasl - Type : ACT_GATHER_INFO |
2010-07-22 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_8c2ea875949911df8e32000f20797ede.nasl - Type : ACT_GATHER_INFO |
2010-07-22 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_3511.nasl - Type : ACT_GATHER_INFO |
2010-07-22 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_367.nasl - Type : ACT_GATHER_INFO |
2010-07-21 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_306.nasl - Type : ACT_GATHER_INFO |
2010-07-21 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_311.nasl - Type : ACT_GATHER_INFO |
2010-07-21 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_206.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:29:43 |
|
2013-05-11 00:43:53 |
|