10 - GLSA-201309-23

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	Mozilla Products: Multiple vulnerabilities

Informations
Name	GLSA-201309-23	First vendor Publication	2013-09-27
Vendor	Gentoo	Last vendor Modification	2013-09-27
Severity (Vendor)	High	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, some of which may allow a remote user to execute arbitrary code.

Background

Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the
'Mozilla Application Suite'.

Description

Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, and SeaMonkey. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Further, a remote attacker could conduct XSS attacks, spoof URLs, bypass address space layout randomization, conduct clickjacking attacks, obtain potentially sensitive information, bypass access restrictions, modify the local filesystem, or conduct other unspecified attacks.

Workaround

There is no known workaround at this time.

Resolution

All Mozilla Firefox users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/firefox-17.0.9"

All users of the Mozilla Firefox binary package should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/firefox-bin-17.0.9"

All Mozilla Thunderbird users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-client/thunderbird-17.0.9"

All users of the Mozilla Thunderbird binary package should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-17.0.9"

All SeaMonkey users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.21"

All users of the Mozilla SeaMonkey binary package should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/seamonkey-bin-2.21"

References

[ 1 ] CVE-2013-0744 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0744
[ 2 ] CVE-2013-0745 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0745
[ 3 ] CVE-2013-0746 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0746
[ 4 ] CVE-2013-0747 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0747
[ 5 ] CVE-2013-0748 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0748
[ 6 ] CVE-2013-0749 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0749
[ 7 ] CVE-2013-0750 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0750
[ 8 ] CVE-2013-0751 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0751
[ 9 ] CVE-2013-0752 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0752
[ 10 ] CVE-2013-0753 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0753
[ 11 ] CVE-2013-0754 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0754
[ 12 ] CVE-2013-0755 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0755
[ 13 ] CVE-2013-0756 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0756
[ 14 ] CVE-2013-0757 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0757
[ 15 ] CVE-2013-0758 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0758
[ 16 ] CVE-2013-0759 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0759
[ 17 ] CVE-2013-0760 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0760
[ 18 ] CVE-2013-0761 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0761
[ 19 ] CVE-2013-0762 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0762
[ 20 ] CVE-2013-0763 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0763
[ 21 ] CVE-2013-0764 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0764
[ 22 ] CVE-2013-0765 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0765
[ 23 ] CVE-2013-0766 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0766
[ 24 ] CVE-2013-0767 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0767
[ 25 ] CVE-2013-0768 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0768
[ 26 ] CVE-2013-0769 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0769
[ 27 ] CVE-2013-0770 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0770
[ 28 ] CVE-2013-0771 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0771
[ 29 ] CVE-2013-0772 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0772
[ 30 ] CVE-2013-0773 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0773
[ 31 ] CVE-2013-0774 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0774
[ 32 ] CVE-2013-0775 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0775
[ 33 ] CVE-2013-0776 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0776
[ 34 ] CVE-2013-0777 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0777
[ 35 ] CVE-2013-0778 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0778
[ 36 ] CVE-2013-0779 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0779
[ 37 ] CVE-2013-0780 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0780
[ 38 ] CVE-2013-0781 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0781
[ 39 ] CVE-2013-0782 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0782
[ 40 ] CVE-2013-0783 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0783
[ 41 ] CVE-2013-0784 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0784
[ 42 ] CVE-2013-0787 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0787
[ 43 ] CVE-2013-0788 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0788
[ 44 ] CVE-2013-0789 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0789
[ 45 ] CVE-2013-0791 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0791
[ 46 ] CVE-2013-0792 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0792
[ 47 ] CVE-2013-0793 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0793
[ 48 ] CVE-2013-0794 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0794
[ 49 ] CVE-2013-0795 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0795
[ 50 ] CVE-2013-0796 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0796
[ 51 ] CVE-2013-0797 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0797
[ 52 ] CVE-2013-0799 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0799
[ 53 ] CVE-2013-0800 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0800
[ 54 ] CVE-2013-0801 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0801
[ 55 ] CVE-2013-1670 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1670
[ 56 ] CVE-2013-1671 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1671
[ 57 ] CVE-2013-1674 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1674
[ 58 ] CVE-2013-1675 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1675
[ 59 ] CVE-2013-1676 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1676
[ 60 ] CVE-2013-1677 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1677
[ 61 ] CVE-2013-1678 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1678
[ 62 ] CVE-2013-1679 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1679
[ 63 ] CVE-2013-1680 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1680
[ 64 ] CVE-2013-1681 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1681
[ 65 ] CVE-2013-1682 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1682
[ 66 ] CVE-2013-1684 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1684
[ 67 ] CVE-2013-1687 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1687
[ 68 ] CVE-2013-1690 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1690
[ 69 ] CVE-2013-1692 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1692
[ 70 ] CVE-2013-1693 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1693
[ 71 ] CVE-2013-1694 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1694
[ 72 ] CVE-2013-1697 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1697
[ 73 ] CVE-2013-1701 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1701
[ 74 ] CVE-2013-1702 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1702
[ 75 ] CVE-2013-1704 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1704
[ 76 ] CVE-2013-1705 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1705
[ 77 ] CVE-2013-1707 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1707
[ 78 ] CVE-2013-1708 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1708
[ 79 ] CVE-2013-1709 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1709
[ 80 ] CVE-2013-1710 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1710
[ 81 ] CVE-2013-1711 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1711
[ 82 ] CVE-2013-1712 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1712
[ 83 ] CVE-2013-1713 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1713
[ 84 ] CVE-2013-1714 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1714
[ 85 ] CVE-2013-1717 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1717
[ 86 ] CVE-2013-1718 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1718
[ 87 ] CVE-2013-1719 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1719
[ 88 ] CVE-2013-1720 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1720
[ 89 ] CVE-2013-1722 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1722
[ 90 ] CVE-2013-1723 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1723
[ 91 ] CVE-2013-1724 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1724
[ 92 ] CVE-2013-1725 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1725
[ 93 ] CVE-2013-1726 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1726
[ 94 ] CVE-2013-1728 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1728
[ 95 ] CVE-2013-1730 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1730
[ 96 ] CVE-2013-1732 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1732
[ 97 ] CVE-2013-1735 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1735
[ 98 ] CVE-2013-1736 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1736
[ 99 ] CVE-2013-1737 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1737
[ 100 ] CVE-2013-1738 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1738

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201309-23.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201309-23.xml

CWE : Common Weakness Enumeration

%	Id	Name
25 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
16 %	CWE-416	Use After Free
15 %	CWE-264	Permissions, Privileges, and Access Controls
12 %	CWE-399	Resource Management Errors
8 %	CWE-20	Improper Input Validation
5 %	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)
4 %	CWE-787	Out-of-bounds Write (CWE/SANS Top 25)
4 %	CWE-125	Out-of-bounds Read
2 %	CWE-200	Information Exposure
2 %	CWE-94	Failure to Control Generation of Code ('Code Injection')
1 %	CWE-326	Inadequate Encryption Strength
1 %	CWE-295	Certificate Issues
1 %	CWE-287	Improper Authentication
1 %	CWE-190	Integer Overflow or Wraparound (CWE/SANS Top 25)
1 %	CWE-120	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:16171

Oval ID:	oval:org.mitre.oval:def:16171
Title:	The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
Description:	The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0767	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.1 and greater than or equal to 17.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.1 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16182

Oval ID:	oval:org.mitre.oval:def:16182
Title:	DEPRECATED: The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (free of unallocated memory) via unspecified vectors.
Description:	The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (free of unallocated memory) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0796	Version:	5
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Mozilla Firefox Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox mainline Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0.1 AND Mozilla Firefox Mainline version is less than or equal to 19.0.2 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.5 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.5 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16189

Oval ID:	oval:org.mitre.oval:def:16189
Title:	Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Description:	Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0766	Version:	21
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.1 and greater than or equal to 17.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.1 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16199

Oval ID:	oval:org.mitre.oval:def:16199
Title:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0769	Version:	21
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.1 and greater than or equal to 17.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.1 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16219

Oval ID:	oval:org.mitre.oval:def:16219
Title:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0783	Version:	21
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable SeaMonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.16 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.2 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 18.0.2 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.3 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.3 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16288

Oval ID:	oval:org.mitre.oval:def:16288
Title:	Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Description:	Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0762	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.1 and greater than or equal to 17.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.1 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16383

Oval ID:	oval:org.mitre.oval:def:16383
Title:	Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document that uses Cascading Style Sheets (CSS) -moz-column-* properties.
Description:	Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document that uses Cascading Style Sheets (CSS) -moz-column-* properties.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0780	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable SeaMonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.16 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.2 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 18.0.2 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.3 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.3 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16570

Oval ID:	oval:org.mitre.oval:def:16570
Title:	Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection.
Description:	Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0746	Version:	21
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.2 and greater than or equal to 17.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.2 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16577

Oval ID:	oval:org.mitre.oval:def:16577
Title:	The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via unspecified vectors.
Description:	The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1678	Version:	16
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.5 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 21.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.6 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.6 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16604

Oval ID:	oval:org.mitre.oval:def:16604
Title:	Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site
Description:	Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1684	Version:	15
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than 17.0.7 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 22.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.7 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.7 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16616

Oval ID:	oval:org.mitre.oval:def:16616
Title:	Mozilla SeaMonkey before 2.15 do not restrict a touch event to a single IFRAME element, which allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting (XSS) attacks via a crafted HTML document.
Description:	Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do not restrict a touch event to a single IFRAME element, which allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting (XSS) attacks via a crafted HTML document.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0751	Version:	13
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla SeaMonkey
Definition Synopsis:
Determine if the version of Mozilla Seamonkey is less than 2.15 AND Mozilla Seamonkey is installed

Definition Id: oval:org.mitre.oval:def:16619

Oval ID:	oval:org.mitre.oval:def:16619
Title:	The ClusterIterator::NextCluster function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
Description:	The ClusterIterator::NextCluster function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0778	Version:	23
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey
Definition Synopsis:
Check for vulnerable SeaMonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.16 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.2 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 18.0.2

Definition Id: oval:org.mitre.oval:def:16629

Oval ID:	oval:org.mitre.oval:def:16629
Title:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0788	Version:	18
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.17 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.4 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0.1 AND Mozilla Firefox Mainline version is less than or equal to 19.0.2 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.5 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.5 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16666

Oval ID:	oval:org.mitre.oval:def:16666
Title:	Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site.
Description:	Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0776	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable SeaMonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.16 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.2 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 18.0.2 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.3 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.3 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16694

Oval ID:	oval:org.mitre.oval:def:16694
Title:	Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content.
Description:	Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0752	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.2 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.2 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16715

Oval ID:	oval:org.mitre.oval:def:16715
Title:	The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not ensure thread safety for SSL sessions, which allows remote attackers to execute arbitrary code via crafted data, as demonstrated by e-mail message data.
Description:	The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not ensure thread safety for SSL sessions, which allows remote attackers to execute arbitrary code via crafted data, as demonstrated by e-mail message data.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0764	Version:	23
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.2 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.2 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16737

Oval ID:	oval:org.mitre.oval:def:16737
Title:	Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.
Description:	Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0787	Version:	18
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable SeaMonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.16.1 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.3 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is less than or equal to 19.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.4 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.4 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16747

Oval ID:	oval:org.mitre.oval:def:16747
Title:	The nsCodingStateMachine::NextState function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
Description:	The nsCodingStateMachine::NextState function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0779	Version:	23
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey
Definition Synopsis:
Check for vulnerable SeaMonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.16 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.2 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 18.0.2

Definition Id: oval:org.mitre.oval:def:16797

Oval ID:	oval:org.mitre.oval:def:16797
Title:	Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors.
Description:	Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0774	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable SeaMonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.16 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.2 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 18.0.2 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.3 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.3 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16800

Oval ID:	oval:org.mitre.oval:def:16800
Title:	USN-1891-1 -- Thunderbird vulnerabilities
Description:	Several security issues were fixed in Thunderbird.
Family:	unix	Class:	patch
Reference(s):	usn-1891-1 CVE-2013-1682 CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 CVE-2013-1687 CVE-2013-1690 CVE-2013-1692 CVE-2013-1693 CVE-2013-1694 CVE-2013-1697	Version:	8
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	thunderbird
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND Installed architecture is all AND thunderbird DPKG is earlier than 17.0.7+build1-0ubuntu0.12.10.1 OR Release section Ubuntu 13.04 is installed AND Installed architecture is all AND thunderbird DPKG is earlier than 17.0.7+build1-0ubuntu0.13.04.1 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND thunderbird DPKG is earlier than 17.0.7+build1-0ubuntu0.12.04.1

Definition Id: oval:org.mitre.oval:def:16812

Oval ID:	oval:org.mitre.oval:def:16812
Title:	Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the triggering of garbage collection after memory allocation for listener objects.
Description:	Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the triggering of garbage collection after memory allocation for listener objects.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0754	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.2 and greater than or equal to 17.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.2 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16813

Oval ID:	oval:org.mitre.oval:def:16813
Title:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0770	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1

Definition Id: oval:org.mitre.oval:def:16827

Oval ID:	oval:org.mitre.oval:def:16827
Title:	Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to spoof the address bar via vectors involving authentication information in the userinfo field of a URL, in conjunction with a 204 (aka No Content) HTTP status code.
Description:	Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to spoof the address bar via vectors involving authentication information in the userinfo field of a URL, in conjunction with a 204 (aka No Content) HTTP status code.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0759	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.2 and greater than or equal to 17.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.2 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16832

Oval ID:	oval:org.mitre.oval:def:16832
Title:	Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Description:	Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0761	Version:	23
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.1 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.1 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16842

Oval ID:	oval:org.mitre.oval:def:16842
Title:	The System Only Wrapper (SOW) implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote attackers to bypass the Same Origin Policy or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.
Description:	The System Only Wrapper (SOW) implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote attackers to bypass the Same Origin Policy or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0795	Version:	18
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.17 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.4 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0.1 AND Mozilla Firefox Mainline version is less than or equal to 19.0.2 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.5 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.5 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16861

Oval ID:	oval:org.mitre.oval:def:16861
Title:	The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modifications to a prototype, which allows remote attackers to obtain sensitive information from chrome objects or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.
Description:	The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modifications to a prototype, which allows remote attackers to obtain sensitive information from chrome objects or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0773	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable SeaMonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.16 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.2 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 18.0.2 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.3 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.3 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16866

Oval ID:	oval:org.mitre.oval:def:16866
Title:	The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly enforce the Same Origin Policy, which allows remote attackers to conduct clickjacking attacks via crafted JavaScript code that listens for a mutation event.
Description:	The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly enforce the Same Origin Policy, which allows remote attackers to conduct clickjacking attacks via crafted JavaScript code that listens for a mutation event.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0747	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.2 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.2 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16906

Oval ID:	oval:org.mitre.oval:def:16906
Title:	Heap-based buffer overflow in the nsSaveAsCharseterbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via unspecified vectors.
Description:	Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0782	Version:	23
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable SeaMonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.16 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.2 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 18.0.2 OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.3 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16909

Oval ID:	oval:org.mitre.oval:def:16909
Title:	Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Description:	Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0800	Version:	18
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.17 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.4 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0.1 AND Mozilla Firefox Mainline version is less than or equal to 19.0.2 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.5 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.5 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16928

Oval ID:	oval:org.mitre.oval:def:16928
Title:	Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing.
Description:	Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0793	Version:	18
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.17 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.4 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0.1 AND Mozilla Firefox Mainline version is less than or equal to 19.0.2 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.5 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.5 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16934

Oval ID:	oval:org.mitre.oval:def:16934
Title:	Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Description:	Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0781	Version:	23
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey
Definition Synopsis:
Check for vulnerable SeaMonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.16 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.2 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 18.0.2

Definition Id: oval:org.mitre.oval:def:16939

Oval ID:	oval:org.mitre.oval:def:16939
Title:	The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document.
Description:	The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0757	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.2 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.2 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16950

Oval ID:	oval:org.mitre.oval:def:16950
Title:	Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via crafted web script.
Description:	Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via crafted web script.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0775	Version:	23
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable SeaMonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.16 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.2 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 18.0.2 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.3 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.3 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16952

Oval ID:	oval:org.mitre.oval:def:16952
Title:	Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors related to the domDoc pointer.
Description:	Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors related to the domDoc pointer.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0755	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.2 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.2 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16953

Oval ID:	oval:org.mitre.oval:def:16953
Title:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0749	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.1 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.1 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16956

Oval ID:	oval:org.mitre.oval:def:16956
Title:	The SelectionIterator::GetNextSegment function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
Description:	The SelectionIterator::GetNextSegment function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1676	Version:	17
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.5 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 21.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.6 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.6 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16957

Oval ID:	oval:org.mitre.oval:def:16957
Title:	Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted string concatenation, leading to improper memory allocation and a heap-based buffer overflow.
Description:	Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted string concatenation, leading to improper memory allocation and a heap-based buffer overflow.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0750	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.2 and greater than or equal to 17.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.2 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16976

Oval ID:	oval:org.mitre.oval:def:16976
Title:	Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent sensitive information from process memory via a crafted web site.
Description:	Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1675	Version:	17
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.5 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 21.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.6 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.6 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16977

Oval ID:	oval:org.mitre.oval:def:16977
Title:	Use-after-free vulnerability in the nsDisplayBoxShadowOuter::Paint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Description:	Use-after-free vulnerability in the nsDisplayBoxShadowOuter::Paint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0777	Version:	23
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey
Definition Synopsis:
Check for vulnerable SeaMonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.16 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.2 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 18.0.2

Definition Id: oval:org.mitre.oval:def:16979

Oval ID:	oval:org.mitre.oval:def:16979
Title:	The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
Description:	The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1677	Version:	17
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.5 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 21.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.6 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.6 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16988

Oval ID:	oval:org.mitre.oval:def:16988
Title:	Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Description:	Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1681	Version:	17
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.5 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 21.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.6 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.6 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16990

Oval ID:	oval:org.mitre.oval:def:16990
Title:	Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via an HTML document that specifies invalid width and height values.
Description:	Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via an HTML document that specifies invalid width and height values.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0768	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.2 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.2 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:16996

Oval ID:	oval:org.mitre.oval:def:16996
Title:	Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location
Description:	Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1690	Version:	15
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than 17.0.7 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 22.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.7 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.7 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17007

Oval ID:	oval:org.mitre.oval:def:17007
Title:	Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups.
Description:	Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0744	Version:	23
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.2 and greater than or equal to 17.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.2 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17019

Oval ID:	oval:org.mitre.oval:def:17019
Title:	Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.
Description:	Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0771	Version:	23
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.1 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.1 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17021

Oval ID:	oval:org.mitre.oval:def:17021
Title:	Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a grayscale PNG image.
Description:	Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a grayscale PNG image.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0792	Version:	13
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla SeaMonkey
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.17 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0.1 AND Mozilla Firefox Mainline version is less than or equal to 19.0.2

Definition Id: oval:org.mitre.oval:def:17031

Oval ID:	oval:org.mitre.oval:def:17031
Title:	Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Description:	Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1680	Version:	17
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.5 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 21.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.6 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.6 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17046

Oval ID:	oval:org.mitre.oval:def:17046
Title:	The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 does not prevent acquisition of chrome privileges during calls to content level constructors, which allows remote attackers to bypass certain read-only restrictions and conduct cross-site scripting (XSS) attacks via a crafted web site.
Description:	The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 does not prevent acquisition of chrome privileges during calls to content level constructors, which allows remote attackers to bypass certain read-only restrictions and conduct cross-site scripting (XSS) attacks via a crafted web site.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1670	Version:	16
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.5 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 21.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.6 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.6 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17053

Oval ID:	oval:org.mitre.oval:def:17053
Title:	Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content.
Description:	Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0753	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.2 and greater than or equal to 17.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.2 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17061

Oval ID:	oval:org.mitre.oval:def:17061
Title:	The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows remote attackers to execute arbitrary code via a crafted HTML document referencing JavaScript objects.
Description:	The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows remote attackers to execute arbitrary code via a crafted HTML document referencing JavaScript objects.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0745	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.2 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.2 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17062

Oval ID:	oval:org.mitre.oval:def:17062
Title:	Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0801	Version:	23
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.17 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.5 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 21.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.5 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.5 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17065

Oval ID:	oval:org.mitre.oval:def:17065
Title:	Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent origin spoofing of tab-modal dialogs, which allows remote attackers to conduct phishing attacks via a crafted web site.
Description:	Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent origin spoofing of tab-modal dialogs, which allows remote attackers to conduct phishing attacks via a crafted web site.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0794	Version:	13
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla SeaMonkey
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.17 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0.1 AND Mozilla Firefox Mainline version is less than or equal to 19.0.2

Definition Id: oval:org.mitre.oval:def:17075

Oval ID:	oval:org.mitre.oval:def:17075
Title:	The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to read pixel values, and possibly bypass the Same Origin Policy and read text from a different domain, by observing timing differences in execution of filter code
Description:	The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to read pixel values, and possibly bypass the Same Origin Policy and read text from a different domain, by observing timing differences in execution of filter code.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1693	Version:	15
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than 17.0.7 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 22.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.7 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.7 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17079

Oval ID:	oval:org.mitre.oval:def:17079
Title:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0 and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsContentUtils
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0 and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsContentUtils::HoldJSObjects function and the nsAutoPtr class, and other vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0789	Version:	14
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla SeaMonkey
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.17 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0.1 AND Mozilla Firefox Mainline version is less than or equal to 19.0.2

Definition Id: oval:org.mitre.oval:def:17085

Oval ID:	oval:org.mitre.oval:def:17085
Title:	Use-after-free vulnerability in the mozilla::plugins::child::_geturlnotify function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Description:	Use-after-free vulnerability in the mozilla::plugins::child::_geturlnotify function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1679	Version:	17
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.5 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 21.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.6 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.6 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17086

Oval ID:	oval:org.mitre.oval:def:17086
Title:	Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.
Description:	Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0760	Version:	23
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1

Definition Id: oval:org.mitre.oval:def:17087

Oval ID:	oval:org.mitre.oval:def:17087
Title:	Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging improper interaction between plugin objects and SVG elements.
Description:	Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging improper interaction between plugin objects and SVG elements.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0758	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.2 and greater than or equal to 17.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.2 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17093

Oval ID:	oval:org.mitre.oval:def:17093
Title:	USN-1822-1 -- Firefox vulnerabilities
Description:	Firefox could be made to crash or run programs as your login if it opened a malicious website.
Family:	unix	Class:	patch
Reference(s):	usn-1822-1 CVE-2013-0801 CVE-2013-1669 CVE-2013-1670 CVE-2013-1671 CVE-2013-1674 CVE-2013-1675 CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681	Version:	7
Platform(s):	Ubuntu 13.04 Ubuntu 12.04 Ubuntu 12.10	Product(s):	firefox
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND Installed architecture is all AND firefox DPKG is earlier than 21.0+build2-0ubuntu0.12.10.2 OR Release section Ubuntu 12.04 is installed AND Installed architecture is all AND firefox DPKG is earlier than 21.0+build2-0ubuntu0.12.04.3 OR Release section Ubuntu 13.04 is installed AND Installed architecture is all AND firefox DPKG is earlier than 21.0+build2-0ubuntu0.13.04.2

Definition Id: oval:org.mitre.oval:def:17096

Oval ID:	oval:org.mitre.oval:def:17096
Title:	Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web site
Description:	Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web site.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1692	Version:	15
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than 17.0.7 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 22.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.7 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.7 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17097

Oval ID:	oval:org.mitre.oval:def:17097
Title:	Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
Description:	Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0765	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey
Definition Synopsis:
Check for vulnerable SeaMonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.16 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.2 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 18.0.2

Definition Id: oval:org.mitre.oval:def:17100

Oval ID:	oval:org.mitre.oval:def:17100
Title:	Mozilla Firefox before 21.0 does not properly implement the INPUT element, which allows remote attackers to obtain the full pathname via a crafted web site.
Description:	Mozilla Firefox before 21.0 does not properly implement the INPUT element, which allows remote attackers to obtain the full pathname via a crafted web site.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1671	Version:	8
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Mozilla Firefox
Definition Synopsis:
Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 21.0

Definition Id: oval:org.mitre.oval:def:17101

Oval ID:	oval:org.mitre.oval:def:17101
Title:	Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted web page referencing JavaScript Proxy objects that are not properly handled during garbage collection.
Description:	Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted web page referencing JavaScript Proxy objects that are not properly handled during garbage collection.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0756	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.2 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.2 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17107

Oval ID:	oval:org.mitre.oval:def:17107
Title:	Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to Mesa drivers and a resized WebGL canvas.
Description:	Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to Mesa drivers and a resized WebGL canvas.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0763	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.1 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.1 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17109

Oval ID:	oval:org.mitre.oval:def:17109
Title:	The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes it easier for remote attackers to bypass the ASLR protection mechanism by calling the toString function of an XBL object.
Description:	The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes it easier for remote attackers to bypass the ASLR protection mechanism by calling the toString function of an XBL object.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0748	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.15 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 17.0.1 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.2 and greater than or equal to 17.x OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 10.0.12 and greater than or equal to 10.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.2 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17117

Oval ID:	oval:org.mitre.oval:def:17117
Title:	The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly restrict XBL user-defined functions, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges, or conduct cross-site scripting (XSS) attacks, via a crafted web site
Description:	The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly restrict XBL user-defined functions, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges, or conduct cross-site scripting (XSS) attacks, via a crafted web site.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1687	Version:	15
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than 17.0.7 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 22.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.7 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.7 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17119

Oval ID:	oval:org.mitre.oval:def:17119
Title:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0784	Version:	22
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey
Definition Synopsis:
Check for vulnerable SeaMonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.16 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.2 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 18.0.2

Definition Id: oval:org.mitre.oval:def:17146

Oval ID:	oval:org.mitre.oval:def:17146
Title:	Untrusted search path vulnerability in the Mozilla Updater in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allows local users to gain privileges via a Trojan horse DLL file in an unspecified directory.
Description:	Untrusted search path vulnerability in the Mozilla Updater in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allows local users to gain privileges via a Trojan horse DLL file in an unspecified directory.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0797	Version:	18
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.17 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.4 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0.1 AND Mozilla Firefox Mainline version is less than or equal to 19.0.2 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.5 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.5 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17147

Oval ID:	oval:org.mitre.oval:def:17147
Title:	Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code via vectors involving an onresize event during the playing of a video.
Description:	Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code via vectors involving an onresize event during the playing of a video.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1674	Version:	16
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.5 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 21.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.6 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.6 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17150

Oval ID:	oval:org.mitre.oval:def:17150
Title:	The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate.
Description:	The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0791	Version:	18
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.17 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.4 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0.1 AND Mozilla Firefox Mainline version is less than or equal to 19.0.2 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.5 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.5 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17155

Oval ID:	oval:org.mitre.oval:def:17155
Title:	Buffer overflow in the Mozilla Maintenance Service in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, and Thunderbird ESR 17.x before 17.0.5 on Windows allows local users to gain privileges via crafted arguments.
Description:	Buffer overflow in the Mozilla Maintenance Service in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, and Thunderbird ESR 17.x before 17.0.5 on Windows allows local users to gain privileges via crafted arguments.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0799	Version:	16
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.4 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than or equal to 19.0.2 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.5 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.5 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17159

Oval ID:	oval:org.mitre.oval:def:17159
Title:	The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafted GIF image.
Description:	The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafted GIF image.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0772	Version:	23
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey
Definition Synopsis:
Check for vulnerable SeaMonkey Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than 2.16 AND Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 17.0.2 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 0.1 AND Mozilla Firefox Mainline version is less than or equal to 18.0.2

Definition Id: oval:org.mitre.oval:def:17243

Oval ID:	oval:org.mitre.oval:def:17243
Title:	The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method
Description:	The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1697	Version:	15
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than 17.0.7 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 22.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.7 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.7 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17392

Oval ID:	oval:org.mitre.oval:def:17392
Title:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1682	Version:	15
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than 17.0.7 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 22.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.7 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.7 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17405

Oval ID:	oval:org.mitre.oval:def:17405
Title:	The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by leveraging unintended clearing of the wrapper cache's preserved-wrapper flag
Description:	The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by leveraging unintended clearing of the wrapper cache's preserved-wrapper flag.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1694	Version:	15
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than 17.0.7 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 17.0 AND Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 22.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.7 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.7 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:17825

Oval ID:	oval:org.mitre.oval:def:17825
Title:	DSA-2699-1 iceweasel - several
Description:	Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, missing input sanitising vulnerabilities, use-after-free vulnerabilities, buffer overflows and other programming errors may lead to the execution of arbitrary code, privilege escalation, information leaks or cross-site-scripting.
Family:	unix	Class:	patch
Reference(s):	DSA-2699-1 CVE-2013-0773 CVE-2013-0775 CVE-2013-0776 CVE-2013-0780 CVE-2013-0782 CVE-2013-0783 CVE-2013-0787 CVE-2013-0788 CVE-2013-0793 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800 CVE-2013-0801 CVE-2013-1670 CVE-2013-1674 CVE-2013-1675 CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681	Version:	8
Platform(s):	Debian GNU/Linux 7 Debian GNU/kFreeBSD 7	Product(s):	iceweasel
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND iceweasel DPKG is earlier than 17.0.6esr-1~deb7u1

Definition Id: oval:org.mitre.oval:def:17832

Oval ID:	oval:org.mitre.oval:def:17832
Title:	USN-1729-2 -- firefox regression
Description:	Due to a regression, Firefox might crash or freeze under normal use.
Family:	unix	Class:	patch
Reference(s):	USN-1729-2 CVE-2013-0783 CVE-2013-0784 CVE-2013-0772 CVE-2013-0765 CVE-2013-0773 CVE-2013-0774 CVE-2013-0775 CVE-2013-0776 CVE-2013-0777 CVE-2013-0778 CVE-2013-0779 CVE-2013-0780 CVE-2013-0781 CVE-2013-0782	Version:	7
Platform(s):	Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10	Product(s):	firefox
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND firefox DPKG is earlier than 19.0+build1-0ubuntu0.12.10.2 AND Release section Ubuntu 12.04 is installed AND firefox DPKG is earlier than 19.0+build1-0ubuntu0.12.04.2 AND Release section Ubuntu 11.10 is installed AND firefox DPKG is earlier than 19.0+build1-0ubuntu0.11.10.2

Definition Id: oval:org.mitre.oval:def:17889

Oval ID:	oval:org.mitre.oval:def:17889
Title:	USN-1786-1 -- firefox vulnerabilities
Description:	Firefox could be made to crash or run programs as your login if it opened a malicious website.
Family:	unix	Class:	patch
Reference(s):	USN-1786-1 CVE-2013-0788 CVE-2013-0789 CVE-2013-0791 CVE-2013-0792 CVE-2013-0793 CVE-2013-0794 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800	Version:	7
Platform(s):	Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04	Product(s):	firefox
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND firefox DPKG is earlier than 20.0+build1-0ubuntu0.12.10.3 AND Release section Ubuntu 12.04 is installed AND firefox DPKG is earlier than 20.0+build1-0ubuntu0.12.04.3 AND Release section Ubuntu 11.10 is installed AND firefox DPKG is earlier than 20.0+build1-0ubuntu0.11.10.3 AND Release section Ubuntu 10.04 is installed AND firefox DPKG is earlier than 20.0+build1-0ubuntu0.10.04.3

Definition Id: oval:org.mitre.oval:def:18002

Oval ID:	oval:org.mitre.oval:def:18002
Title:	Same-origin bypass with web workers and XMLHttpRequest
Description:	The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1714	Version:	20
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is less than 23.0 AND Mozilla Firefox Mainline version is greater than or equal to 19.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.20 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird version less than 17.0.8 AND Mozilla Thunderbird is greater than or equal to 17.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.8 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.8 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:18014

Oval ID:	oval:org.mitre.oval:def:18014
Title:	Further Privilege escalation through Mozilla Updater
Description:	Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 on Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 allow local users to gain privileges via a Trojan horse DLL in (1) the update directory or (2) the current working directory.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1712	Version:	20
Platform(s):	Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is less than 23.0 AND Mozilla Firefox Mainline version is greater than or equal to 19.0 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird version less than 17.0.8 AND Mozilla Thunderbird is greater than or equal to 17.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.8 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.8 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:18048

Oval ID:	oval:org.mitre.oval:def:18048
Title:	USN-1924-2 -- ubufox, unity-firefox-extension update
Description:	This update provides compatible packages for Firefox 23.
Family:	unix	Class:	patch
Reference(s):	USN-1924-2 CVE-2013-1701 CVE-2013-1702 CVE-2013-1704 CVE-2013-1705 CVE-2013-1708 CVE-2013-1709 CVE-2013-1710 CVE-2013-1711 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717	Version:	7
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	ubufox unity-firefox-extension
Definition Synopsis:
Release section Ubuntu 13.04 is installed AND xul-ext-ubufox DPKG is earlier than 2.7-0ubuntu0.13.04.1 AND Release section Ubuntu 12.10 is installed Packages match section xul-ext-ubufox DPKG is earlier than 2.7-0ubuntu0.12.10.1 AND xul-ext-unity DPKG is earlier than 2.4.7-0ubuntu0.2 AND Release section Ubuntu 12.04 is installed AND xul-ext-ubufox DPKG is earlier than 2.7-0ubuntu0.12.04.1

Definition Id: oval:org.mitre.oval:def:18057

Oval ID:	oval:org.mitre.oval:def:18057
Title:	USN-1758-1 -- firefox vulnerability
Description:	Firefox could be made to crash or run programs as your login if it opened a malicious website.
Family:	unix	Class:	patch
Reference(s):	USN-1758-1 CVE-2013-0787	Version:	7
Platform(s):	Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04	Product(s):	firefox
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND firefox DPKG is earlier than 19.0.2+build1-0ubuntu0.12.10.1 AND Release section Ubuntu 12.04 is installed AND firefox DPKG is earlier than 19.0.2+build1-0ubuntu0.12.04.1 AND Release section Ubuntu 11.10 is installed AND firefox DPKG is earlier than 19.0.2+build1-0ubuntu0.11.10.1 AND Release section Ubuntu 10.04 is installed AND firefox DPKG is earlier than 19.0.2+build1-0ubuntu0.10.04.1

Definition Id: oval:org.mitre.oval:def:18122

Oval ID:	oval:org.mitre.oval:def:18122
Title:	DSA-2746-1 icedove - several
Description:	Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors, missing permission checks and other implementation errors may lead to the execution of arbitrary code or cross-site scripting.
Family:	unix	Class:	patch
Reference(s):	DSA-2746-1 CVE-2013-1701 CVE-2013-1709 CVE-2013-1710 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717	Version:	8
Platform(s):	Debian GNU/Linux 7 Debian GNU/kFreeBSD 7	Product(s):	icedove
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND icedove DPKG is earlier than 17.0.8-1~deb7u1

Definition Id: oval:org.mitre.oval:def:18184

Oval ID:	oval:org.mitre.oval:def:18184
Title:	USN-1791-1 -- thunderbird vulnerabilities
Description:	Several security issues were fixed in Thunderbird.
Family:	unix	Class:	patch
Reference(s):	USN-1791-1 CVE-2013-0788 CVE-2013-0791 CVE-2013-0793 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800	Version:	7
Platform(s):	Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04	Product(s):	thunderbird
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND thunderbird DPKG is earlier than 17.0.5+build1-0ubuntu0.12.10.1 AND Release section Ubuntu 12.04 is installed AND thunderbird DPKG is earlier than 17.0.5+build1-0ubuntu0.12.04.1 AND Release section Ubuntu 11.10 is installed AND thunderbird DPKG is earlier than 17.0.5+build1-0ubuntu0.11.10.1 AND Release section Ubuntu 10.04 is installed AND thunderbird DPKG is earlier than 17.0.5+build1-0ubuntu0.10.04.1

Definition Id: oval:org.mitre.oval:def:18233

Oval ID:	oval:org.mitre.oval:def:18233
Title:	USN-1758-2 -- thunderbird vulnerability
Description:	Thunderbird could be made to crash or run programs as your login.
Family:	unix	Class:	patch
Reference(s):	USN-1758-2 CVE-2013-0787	Version:	7
Platform(s):	Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04	Product(s):	thunderbird
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND thunderbird DPKG is earlier than 17.0.4+build1-0ubuntu0.12.10.1 AND Release section Ubuntu 12.04 is installed AND thunderbird DPKG is earlier than 17.0.4+build1-0ubuntu0.12.04.1 AND Release section Ubuntu 11.10 is installed AND thunderbird DPKG is earlier than 17.0.4+build1-0ubuntu0.11.10.1 AND Release section Ubuntu 10.04 is installed AND thunderbird DPKG is earlier than 17.0.4+build1-0ubuntu0.10.04.1

Definition Id: oval:org.mitre.oval:def:18278

Oval ID:	oval:org.mitre.oval:def:18278
Title:	USN-1786-2 -- unity-firefox-extension update
Description:	This update provides a compatible version of Unity Firefox Extension for Firefox 20.
Family:	unix	Class:	patch
Reference(s):	USN-1786-2 CVE-2013-0788 CVE-2013-0789 CVE-2013-0791 CVE-2013-0792 CVE-2013-0793 CVE-2013-0794 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800	Version:	7
Platform(s):	Ubuntu 12.10	Product(s):	unity-firefox-extension
Definition Synopsis:
Ubuntu 12.10 is installed AND xul-ext-unity DPKG is earlier than 2.4.4-0ubuntu0.2

Definition Id: oval:org.mitre.oval:def:18282

Oval ID:	oval:org.mitre.oval:def:18282
Title:	USN-1823-1 -- thunderbird vulnerabilities
Description:	Several security issues were fixed in Thunderbird.
Family:	unix	Class:	patch
Reference(s):	USN-1823-1 CVE-2013-0801 CVE-2013-1669 CVE-2013-1670 CVE-2013-1674 CVE-2013-1675 CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681	Version:	7
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	thunderbird
Definition Synopsis:
Release section Ubuntu 13.04 is installed AND thunderbird DPKG is earlier than 17.0.6+build1-0ubuntu0.13.04.1 AND Release section Ubuntu 12.10 is installed AND thunderbird DPKG is earlier than 17.0.6+build1-0ubuntu0.12.10.1 AND Release section Ubuntu 12.04 is installed AND thunderbird DPKG is earlier than 17.0.6+build1-0ubuntu0.12.04.1

Definition Id: oval:org.mitre.oval:def:18301

Oval ID:	oval:org.mitre.oval:def:18301
Title:	USN-1729-1 -- firefox vulnerabilities
Description:	Firefox could be made to crash or run programs as your login if it opened a malicious website.
Family:	unix	Class:	patch
Reference(s):	USN-1729-1 CVE-2013-0783 CVE-2013-0784 CVE-2013-0772 CVE-2013-0765 CVE-2013-0773 CVE-2013-0774 CVE-2013-0775 CVE-2013-0776 CVE-2013-0777 CVE-2013-0778 CVE-2013-0779 CVE-2013-0780 CVE-2013-0781 CVE-2013-0782	Version:	7
Platform(s):	Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04	Product(s):	firefox
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND firefox DPKG is earlier than 19.0+build1-0ubuntu0.12.10.1 AND Release section Ubuntu 12.04 is installed AND firefox DPKG is earlier than 19.0+build1-0ubuntu0.12.04.1 AND Release section Ubuntu 11.10 is installed AND firefox DPKG is earlier than 19.0+build1-0ubuntu0.11.10.1 AND Release section Ubuntu 10.04 is installed AND firefox DPKG is earlier than 19.0+build1-0ubuntu0.10.04.1

Definition Id: oval:org.mitre.oval:def:18309

Oval ID:	oval:org.mitre.oval:def:18309
Title:	USN-1748-1 -- thunderbird vulnerabilities
Description:	Several security issues were fixed in Thunderbird.
Family:	unix	Class:	patch
Reference(s):	USN-1748-1 CVE-2013-0773 CVE-2013-0774 CVE-2013-0775 CVE-2013-0776 CVE-2013-0777 CVE-2013-0778 CVE-2013-0779 CVE-2013-0780 CVE-2013-0781 CVE-2013-0782 CVE-2013-0783 CVE-2013-0784	Version:	7
Platform(s):	Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04	Product(s):	thunderbird
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND thunderbird DPKG is earlier than 17.0.3+build1-0ubuntu0.12.10.1 AND Release section Ubuntu 12.04 is installed AND thunderbird DPKG is earlier than 17.0.3+build1-0ubuntu0.12.04.1 AND Release section Ubuntu 11.10 is installed AND thunderbird DPKG is earlier than 17.0.3+build1-0ubuntu0.11.10.1 AND Release section Ubuntu 10.04 is installed AND thunderbird DPKG is earlier than 17.0.3+build1-0ubuntu0.10.04.1

Definition Id: oval:org.mitre.oval:def:18367

Oval ID:	oval:org.mitre.oval:def:18367
Title:	Local Java applets may read contents of local file system
Description:	Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1717	Version:	20
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is less than 23.0 AND Mozilla Firefox Mainline version is greater than or equal to 19.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.20 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird version less than 17.0.8 AND Mozilla Thunderbird is greater than or equal to 17.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.8 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.8 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:18374

Oval ID:	oval:org.mitre.oval:def:18374
Title:	USN-1925-1 -- thunderbird vulnerabilities
Description:	Several security issues were fixed in Thunderbird.
Family:	unix	Class:	patch
Reference(s):	USN-1925-1 CVE-2013-1701 CVE-2013-1709 CVE-2013-1710 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717	Version:	7
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	thunderbird
Definition Synopsis:
Release section Ubuntu 13.04 is installed AND thunderbird DPKG is earlier than 17.0.8+build1-0ubuntu0.13.04.1 AND Release section Ubuntu 12.10 is installed AND thunderbird DPKG is earlier than 17.0.8+build1-0ubuntu0.12.10.1 AND Release section Ubuntu 12.04 is installed AND thunderbird DPKG is earlier than 17.0.8+build1-0ubuntu0.12.04.1

Definition Id: oval:org.mitre.oval:def:18410

Oval ID:	oval:org.mitre.oval:def:18410
Title:	USN-1924-1 -- firefox vulnerabilities
Description:	Firefox could be made to crash or run programs as your login if it opened a malicious website.
Family:	unix	Class:	patch
Reference(s):	USN-1924-1 CVE-2013-1701 CVE-2013-1702 CVE-2013-1704 CVE-2013-1705 CVE-2013-1708 CVE-2013-1709 CVE-2013-1710 CVE-2013-1711 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717	Version:	7
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	firefox
Definition Synopsis:
Release section Ubuntu 13.04 is installed AND firefox DPKG is earlier than 23.0+build2-0ubuntu0.13.04.1 AND Release section Ubuntu 12.10 is installed AND firefox DPKG is earlier than 23.0+build2-0ubuntu0.12.10.1 AND Release section Ubuntu 12.04 is installed AND firefox DPKG is earlier than 23.0+build2-0ubuntu0.12.04.1

Definition Id: oval:org.mitre.oval:def:18443

Oval ID:	oval:org.mitre.oval:def:18443
Title:	Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via vectors related to image-document scrolling.
Description:	Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via vectors related to image-document scrolling.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1735	Version:	22
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 24.0 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird is greater than or equal to 17.0 AND Mozilla Thunderbird version is less than 24.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.21 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.9 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.9 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:18514

Oval ID:	oval:org.mitre.oval:def:18514
Title:	Miscellaneous memory safety hazards
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1701	Version:	20
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is less than 23.0 AND Mozilla Firefox Mainline version is greater than or equal to 19.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.20 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird version less than 17.0.8 AND Mozilla Thunderbird is greater than or equal to 17.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.8 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.8 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:18520

Oval ID:	oval:org.mitre.oval:def:18520
Title:	Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via crafted use of lists and floats within a multi-column layout.
Description:	Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via crafted use of lists and floats within a multi-column layout.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1732	Version:	22
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 24.0 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird is greater than or equal to 17.0 AND Mozilla Thunderbird version is less than 24.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.21 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.9 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.9 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:18531

Oval ID:	oval:org.mitre.oval:def:18531
Title:	Document URI misrepresentation and masquerading
Description:	Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FRAME elements and history, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving spoofing a relative location in a previously visited document.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1709	Version:	20
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is less than 23.0 AND Mozilla Firefox Mainline version is greater than or equal to 19.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.20 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird version less than 17.0.8 AND Mozilla Thunderbird is greater than or equal to 17.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.8 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.8 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:18617

Oval ID:	oval:org.mitre.oval:def:18617
Title:	The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer over-read) by triggering use of this stack in its empty state.
Description:	The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer over-read) by triggering use of this stack in its empty state.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1720	Version:	22
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 24.0 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird is greater than or equal to 17.0 AND Mozilla Thunderbird version is less than 24.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.21

Definition Id: oval:org.mitre.oval:def:18766

Oval ID:	oval:org.mitre.oval:def:18766
Title:	Use-after-free vulnerability in the JS_GetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and frame-chain restoration.
Description:	Use-after-free vulnerability in the JS_GetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and frame-chain restoration.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1738	Version:	21
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 24.0 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird is greater than or equal to 17.0 AND Mozilla Thunderbird version is less than 24.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.21

Definition Id: oval:org.mitre.oval:def:18773

Oval ID:	oval:org.mitre.oval:def:18773
Title:	CRMF requests allow for code execution and XSS attacks
Description:	The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code or conduct cross-site scripting (XSS) attacks via vectors related to Certificate Request Message Format (CRMF) request generation.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1710	Version:	19
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is less than 23.0 AND Mozilla Firefox Mainline version is greater than or equal to 19.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.20 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird version less than 17.0.8 AND Mozilla Thunderbird is greater than or equal to 17.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.8 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.8 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:18789

Oval ID:	oval:org.mitre.oval:def:18789
Title:	Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the thisobject during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.
Description:	Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1737	Version:	22
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 24.0 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird is greater than or equal to 17.0 AND Mozilla Thunderbird version is less than 24.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.21 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.9 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.9 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:18803

Oval ID:	oval:org.mitre.oval:def:18803
Title:	Crash during WAV audio file decoding
Description:	Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (application crash) via a crafted WAV file that is not properly handled by the nsCString::CharAt function.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1708	Version:	13
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7	Product(s):	Mozilla Firefox Mozilla Seamonkey
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is less than 23.0 AND Mozilla Firefox Mainline version is greater than or equal to 19.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.20

Definition Id: oval:org.mitre.oval:def:18821

Oval ID:	oval:org.mitre.oval:def:18821
Title:	Mozilla Updater in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 does not ensure exclusive access to a MAR file, which allows local users to gain privileges by creating a Trojan horse file after MAR signature verification but before MAR use.
Description:	Mozilla Updater in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 does not ensure exclusive access to a MAR file, which allows local users to gain privileges by creating a Trojan horse file after MAR signature verification but before MAR use.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1726	Version:	21
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 24.0 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird is greater than or equal to 17.0 AND Mozilla Thunderbird version is less than 24.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.21 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.9 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.9 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:18830

Oval ID:	oval:org.mitre.oval:def:18830
Title:	Bypass of XrayWrappers using XBL Scopes
Description:	The XrayWrapper implementation in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 does not properly address the possibility of an XBL scope bypass resulting from non-native arguments in XBL function calls, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging access to an unprivileged object.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1711	Version:	13
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7	Product(s):	Mozilla Firefox Mozilla Seamonkey
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is less than 23.0 AND Mozilla Firefox Mainline version is greater than or equal to 19.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.20

Definition Id: oval:org.mitre.oval:def:18856

Oval ID:	oval:org.mitre.oval:def:18856
Title:	The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to improperly establishing parent-child relationships of range-request nodes.
Description:	The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to improperly establishing parent-child relationships of range-request nodes.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1736	Version:	21
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 24.0 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird is greater than or equal to 17.0 AND Mozilla Thunderbird version is less than 24.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.21 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.9 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.9 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:18871

Oval ID:	oval:org.mitre.oval:def:18871
Title:	Buffer overflow in Mozilla Maintenance Service and Mozilla Updater
Description:	Stack-based buffer overflow in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 allows local users to gain privileges via a long pathname on the command line to the Mozilla Maintenance Service.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1707	Version:	19
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is less than 23.0 AND Mozilla Firefox Mainline version is greater than or equal to 19.0 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird version less than 17.0.8 AND Mozilla Thunderbird is greater than or equal to 17.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.8 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.8 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:18876

Oval ID:	oval:org.mitre.oval:def:18876
Title:	Miscellaneous memory safety hazards
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1702	Version:	13
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7	Product(s):	Mozilla Firefox Mozilla Seamonkey
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is less than 23.0 AND Mozilla Firefox Mainline version is greater than or equal to 19.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.20

Definition Id: oval:org.mitre.oval:def:18884

Oval ID:	oval:org.mitre.oval:def:18884
Title:	Wrong principal used for validating URI for some Javascript components
Description:	Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks or install arbitrary add-ons via a crafted web site.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1713	Version:	19
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is less than 23.0 AND Mozilla Firefox Mainline version is greater than or equal to 19.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.20 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird version less than 17.0.8 AND Mozilla Thunderbird is greater than or equal to 17.0 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.8 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.8 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:18902

Oval ID:	oval:org.mitre.oval:def:18902
Title:	The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors.
Description:	The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1728	Version:	21
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 24.0 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird is greater than or equal to 17.0 AND Mozilla Thunderbird version is less than 24.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.21

Definition Id: oval:org.mitre.oval:def:18935

Oval ID:	oval:org.mitre.oval:def:18935
Title:	Buffer underflow when generating CRMF requests
Description:	Heap-based buffer underflow in the cryptojs_interpret_key_gen_type function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Certificate Request Message Format (CRMF) request.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1705	Version:	13
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7	Product(s):	Mozilla Firefox Mozilla Seamonkey
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is less than 23.0 AND Mozilla Firefox Mainline version is greater than or equal to 19.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.20

Definition Id: oval:org.mitre.oval:def:18939

Oval ID:	oval:org.mitre.oval:def:18939
Title:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1718	Version:	21
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 24.0 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird is greater than or equal to 17.0 AND Mozilla Thunderbird version is less than 24.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.21 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.9 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.9 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:18945

Oval ID:	oval:org.mitre.oval:def:18945
Title:	Use after free mutating DOM during SetBody
Description:	Use-after-free vulnerability in the nsINode::GetParentNode function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a DOM modification at the time of a SetBody mutation event.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1704	Version:	13
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7	Product(s):	Mozilla Firefox Mozilla Seamonkey
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is less than 23.0 AND Mozilla Firefox Mainline version is greater than or equal to 19.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.20

Definition Id: oval:org.mitre.oval:def:18974

Oval ID:	oval:org.mitre.oval:def:18974
Title:	DSA-2735-1 iceweasel - several
Description:	Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: multiple memory safety errors, missing permission checks and other implementation errors may lead to the execution of arbitrary code, cross-site scripting, privilege escalation, bypass of the same-origin policy or the installation of malicious addons.
Family:	unix	Class:	patch
Reference(s):	DSA-2735-1 CVE-2013-1701 CVE-2013-1709 CVE-2013-1710 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717	Version:	8
Platform(s):	Debian GNU/Linux 7 Debian GNU/kFreeBSD 7	Product(s):	iceweasel
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND iceweasel DPKG is earlier than 17.0.8esr-1~deb7u1

Definition Id: oval:org.mitre.oval:def:18982

Oval ID:	oval:org.mitre.oval:def:18982
Title:	Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a destroyed SELECT element.
Description:	Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a destroyed SELECT element.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1724	Version:	21
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 24.0 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird is greater than or equal to 17.0 AND Mozilla Thunderbird version is less than 24.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.21

Definition Id: oval:org.mitre.oval:def:19011

Oval ID:	oval:org.mitre.oval:def:19011
Title:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1719	Version:	21
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 24.0 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird is greater than or equal to 17.0 AND Mozilla Thunderbird version is less than 24.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.21

Definition Id: oval:org.mitre.oval:def:19022

Oval ID:	oval:org.mitre.oval:def:19022
Title:	Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of service (JavaScript compartment mismatch, or assertion failure and application exit) via a crafted web site.
Description:	Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of service (JavaScript compartment mismatch, or assertion failure and application exit) via a crafted web site.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1730	Version:	21
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 24.0 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird is greater than or equal to 17.0 AND Mozilla Thunderbird version is less than 24.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.21 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.9 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.9 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:19025

Oval ID:	oval:org.mitre.oval:def:19025
Title:	Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by leveraging incorrect scope handling.
Description:	Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by leveraging incorrect scope handling.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1725	Version:	21
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 24.0 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird is greater than or equal to 17.0 AND Mozilla Thunderbird version is less than 24.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.21 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.9 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.9 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:19028

Oval ID:	oval:org.mitre.oval:def:19028
Title:	The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 processes key messages after destruction by a dispatched event listener, which allows remote attackers to cause a denial of service (application crash) by leveraging incorrect event usage after widget-memory reallocation.
Description:	The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 processes key messages after destruction by a dispatched event listener, which allows remote attackers to cause a denial of service (application crash) by leveraging incorrect event usage after widget-memory reallocation.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1723	Version:	21
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 24.0 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird is greater than or equal to 17.0 AND Mozilla Thunderbird version is less than 24.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.21

Definition Id: oval:org.mitre.oval:def:19031

Oval ID:	oval:org.mitre.oval:def:19031
Title:	Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving stylesheet cloning.
Description:	Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving stylesheet cloning.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1722	Version:	21
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR Mozilla Thunderbird ESR
Definition Synopsis:
Check for vulnerable Firefox Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 24.0 OR Check for vulnerable Thunderbird Mozilla Thunderbird Mainline release is installed AND Mozilla Thunderbird is greater than or equal to 17.0 AND Mozilla Thunderbird version is less than 24.0 OR Check for vulnerable Seamonkey Mozilla Seamonkey is installed AND Mozilla Seamonkey version less than 2.21 OR Check for vulnerable Mozilla Firefox ESR Mozilla Firefox ESR is installed AND Mozilla Firefox ESR version is less than 17.0.9 and greater than or equal to 17.x OR Check for vulnerable Mozilla Thunderbird ESR Mozilla Thunderbird ESR is installed AND Mozilla Thunderbird ESR version is less than 17.0.9 and greater than or equal to 17.x

Definition Id: oval:org.mitre.oval:def:19331

Oval ID:	oval:org.mitre.oval:def:19331
Title:	USN-1952-1 -- thunderbird vulnerabilities
Description:	Several security issues were fixed in Thunderbird.
Family:	unix	Class:	patch
Reference(s):	USN-1952-1 CVE-2013-1718 CVE-2013-1720 CVE-2013-1721 CVE-2013-1722 CVE-2013-1724 CVE-2013-1725 CVE-2013-1728 CVE-2013-1730 CVE-2013-1732 CVE-2013-1735 CVE-2013-1736 CVE-2013-1737 CVE-2013-1738	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	thunderbird
Definition Synopsis:
Release section Ubuntu 13.04 is installed AND thunderbird DPKG is earlier than 1:24.0+build1-0ubuntu0.13.04.1 AND Release section Ubuntu 12.10 is installed AND thunderbird DPKG is earlier than 1:24.0+build1-0ubuntu0.12.10.1 AND Release section Ubuntu 12.04 is installed AND thunderbird DPKG is earlier than 1:24.0+build1-0ubuntu0.12.04.1

Definition Id: oval:org.mitre.oval:def:19389

Oval ID:	oval:org.mitre.oval:def:19389
Title:	USN-1951-1 -- firefox vulnerabilities
Description:	Firefox could be made to crash or run programs as your login if it opened a malicious website.
Family:	unix	Class:	patch
Reference(s):	USN-1951-1 CVE-2013-1718 CVE-2013-1719 CVE-2013-1720 CVE-2013-1721 CVE-2013-1722 CVE-2013-1724 CVE-2013-1725 CVE-2013-1728 CVE-2013-1730 CVE-2013-1732 CVE-2013-1735 CVE-2013-1736 CVE-2013-1737 CVE-2013-1738	Version:	5
Platform(s):	Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04	Product(s):	firefox
Definition Synopsis:
Release section Ubuntu 13.04 is installed AND firefox DPKG is earlier than 0:24.0+build1-0ubuntu0.13.04.1 AND Release section Ubuntu 12.10 is installed AND firefox DPKG is earlier than 0:24.0+build1-0ubuntu0.12.10.1 AND Release section Ubuntu 12.04 is installed AND firefox DPKG is earlier than 0:24.0+build1-0ubuntu0.12.04.1

Definition Id: oval:org.mitre.oval:def:19877

Oval ID:	oval:org.mitre.oval:def:19877
Title:	DSA-2762-1 icedove - several
Description:	Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code.
Family:	unix	Class:	patch
Reference(s):	DSA-2762-1 CVE-2013-1718 CVE-2013-1722 CVE-2013-1725 CVE-2013-1730 CVE-2013-1732 CVE-2013-1735 CVE-2013-1736 CVE-2013-1737	Version:	5
Platform(s):	Debian GNU/Linux 7 Debian GNU/kFreeBSD 7	Product(s):	icedove
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND icedove DPKG is earlier than 0:17.0.9-1~deb7u1

Definition Id: oval:org.mitre.oval:def:19905

Oval ID:	oval:org.mitre.oval:def:19905
Title:	DSA-2759-1 iceweasel - several
Description:	Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows may lead to the execution of arbitrary code.
Family:	unix	Class:	patch
Reference(s):	DSA-2759-1 CVE-2013-1718 CVE-2013-1722 CVE-2013-1725 CVE-2013-1730 CVE-2013-1732 CVE-2013-1735 CVE-2013-1736 CVE-2013-1737	Version:	5
Platform(s):	Debian GNU/Linux 7 Debian GNU/kFreeBSD 7	Product(s):	iceweasel
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND iceweasel DPKG is earlier than 0:17.0.9esr-1~deb7u1

Definition Id: oval:org.mitre.oval:def:19998

Oval ID:	oval:org.mitre.oval:def:19998
Title:	DSA-2720-1 icedove - several
Description:	Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors, use-after-free vulnerabilities, missing permission checks, incorrect memory handling and other implementation errors may lead to the execution of arbitrary code, privilege escalation, information disclosure or cross-site request forgery.
Family:	unix	Class:	patch
Reference(s):	DSA-2720-1 CVE-2013-0795 CVE-2013-0801 CVE-2013-1670 CVE-2013-1674 CVE-2013-1675 CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681 CVE-2013-1682 CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 CVE-2013-1687 CVE-2013-1690 CVE-2013-1692 CVE-2013-1693 CVE-2013-1694 CVE-2013-1697	Version:	5
Platform(s):	Debian GNU/Linux 7 Debian GNU/kFreeBSD 7	Product(s):	icedove
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND icedove DPKG is earlier than 0:17.0.7-1~deb7u1

Definition Id: oval:org.mitre.oval:def:20086

Oval ID:	oval:org.mitre.oval:def:20086
Title:	DSA-2716-1 iceweasel - several
Description:	Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-free vulnerabilities, missing permission checks, incorrect memory handling and other implementation errors may lead to the execution of arbitrary code, privilege escalation, information disclosure or cross-site request forgery.
Family:	unix	Class:	patch
Reference(s):	DSA-2716-1 CVE-2013-1682 CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 CVE-2013-1687 CVE-2013-1690 CVE-2013-1692 CVE-2013-1693 CVE-2013-1694 CVE-2013-1697	Version:	5
Platform(s):	Debian GNU/Linux 7 Debian GNU/kFreeBSD 7	Product(s):	iceweasel
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND iceweasel DPKG is earlier than 0:17.0.7esr-1~deb7u1

Definition Id: oval:org.mitre.oval:def:20230

Oval ID:	oval:org.mitre.oval:def:20230
Title:	RHSA-2013:0145: thunderbird security update (Critical)
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0145-01 CESA-2013:0145 CVE-2013-0744 CVE-2013-0746 CVE-2013-0748 CVE-2013-0750 CVE-2013-0753 CVE-2013-0754 CVE-2013-0758 CVE-2013-0759 CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 CVE-2013-0769	Version:	171
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	thunderbird
Definition Synopsis:
Redhat 6 section thunderbird is earlier than 0:10.0.12-3.el6_3 AND The operating system installed on the system is Red Hat Enterprise Linux 6 OR Centos 6 section thunderbird is earlier than 0:10.0.12-3.el6.centos AND CentOS Linux 6.x OR Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND thunderbird is earlier than 0:10.0.12-3.el5_9 OR Centos 5 section CentOS Linux 5.x AND thunderbird is earlier than 0:10.0.12-3.el5.centos

Definition Id: oval:org.mitre.oval:def:20604

Oval ID:	oval:org.mitre.oval:def:20604
Title:	RHSA-2013:1140: firefox security update (Critical)
Description:	Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1140-01 CESA-2013:1140 CVE-2013-1701 CVE-2013-1709 CVE-2013-1710 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717	Version:	87
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
Redhat 6 section The operating system installed on the system is Red Hat Enterprise Linux 6 AND Packages section firefox is earlier than 0:17.0.8-1.el6_4 AND xulrunner is earlier than 0:17.0.8-3.el6_4 AND xulrunner-devel is earlier than 0:17.0.8-3.el6_4 OR Centos 6 section CentOS Linux 6.x AND Packages section firefox is earlier than 0:17.0.8-1.el6.centos AND xulrunner is earlier than 0:17.0.8-3.el6.centos AND xulrunner-devel is earlier than 0:17.0.8-3.el6.centos OR Redhat 5 and Centos 5 section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Packages section xulrunner is earlier than 0:17.0.8-3.el5_9 AND xulrunner-devel is earlier than 0:17.0.8-3.el5_9 OR Centos 5 section CentOS Linux 5.x AND firefox is earlier than 0:17.0.8-1.el5.centos OR Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND firefox is earlier than 0:17.0.8-1.el5_9

Definition Id: oval:org.mitre.oval:def:20691

Oval ID:	oval:org.mitre.oval:def:20691
Title:	RHSA-2013:0981: firefox security update (Critical)
Description:	The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0981-00 CESA-2013:0981 CVE-2013-1682 CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 CVE-2013-1687 CVE-2013-1690 CVE-2013-1692 CVE-2013-1693 CVE-2013-1694 CVE-2013-1697	Version:	143
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
Redhat 6 section The operating system installed on the system is Red Hat Enterprise Linux 6 AND Packages section xulrunner-devel is earlier than 0:17.0.7-1.el6_4 AND xulrunner is earlier than 0:17.0.7-1.el6_4 AND firefox is earlier than 0:17.0.7-1.el6_4 OR Centos 6 section CentOS Linux 6.x AND Packages section xulrunner-devel is earlier than 0:17.0.7-1.el6.centos AND xulrunner is earlier than 0:17.0.7-1.el6.centos AND firefox is earlier than 0:17.0.7-1.el6.centos OR Redhat 5 and Centos 5 section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Packages section xulrunner-devel is earlier than 0:17.0.7-1.el5_9 AND xulrunner is earlier than 0:17.0.7-1.el5_9 OR Centos 5 section CentOS Linux 5.x AND firefox is earlier than 0:17.0.7-1.el5.centos OR Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND firefox is earlier than 0:17.0.7-1.el5_9

Definition Id: oval:org.mitre.oval:def:20767

Oval ID:	oval:org.mitre.oval:def:20767
Title:	RHSA-2013:1268: firefox security update (Critical)
Description:	Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1268-00 CESA-2013:1268 CVE-2013-1718 CVE-2013-1722 CVE-2013-1725 CVE-2013-1730 CVE-2013-1732 CVE-2013-1735 CVE-2013-1736 CVE-2013-1737	Version:	115
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
Redhat 6 section The operating system installed on the system is Red Hat Enterprise Linux 6 AND Packages section xulrunner is earlier than 0:17.0.9-1.el6_4 AND xulrunner-devel is earlier than 0:17.0.9-1.el6_4 AND firefox is earlier than 0:17.0.9-1.el6_4 OR Centos 6 section CentOS Linux 6.x AND Packages section xulrunner is earlier than 0:17.0.9-1.el6.centos AND xulrunner-devel is earlier than 0:17.0.9-1.el6.centos AND firefox is earlier than 0:17.0.9-1.el6.centos OR Redhat 5 and Centos 5 section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Packages section xulrunner is earlier than 0:17.0.9-1.el5_9 AND xulrunner-devel is earlier than 0:17.0.9-1.el5_9 OR Centos 5 section CentOS Linux 5.x AND firefox is earlier than 0:17.0.9-1.el5.centos OR Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND firefox is earlier than 0:17.0.9-1.el5_9

Definition Id: oval:org.mitre.oval:def:20827

Oval ID:	oval:org.mitre.oval:def:20827
Title:	RHSA-2013:0982: thunderbird security update (Important)
Description:	The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0982-00 CESA-2013:0982 CVE-2013-1682 CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 CVE-2013-1687 CVE-2013-1690 CVE-2013-1692 CVE-2013-1693 CVE-2013-1694 CVE-2013-1697	Version:	143
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6	Product(s):	thunderbird
Definition Synopsis:
Redhat 6 section thunderbird is earlier than 0:17.0.7-1.el6_4 AND The operating system installed on the system is Red Hat Enterprise Linux 6 OR Centos 6 section thunderbird is earlier than 0:17.0.7-1.el6.centos AND CentOS Linux 6.x OR Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND thunderbird is earlier than 0:17.0.7-1.el5_9 OR Centos 5 section CentOS Linux 5.x AND thunderbird is earlier than 0:17.0.7-1.el5.centos

Definition Id: oval:org.mitre.oval:def:20855

Oval ID:	oval:org.mitre.oval:def:20855
Title:	RHSA-2013:0144: firefox security update (Critical)
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0144-01 CESA-2013:0144 CVE-2013-0744 CVE-2013-0746 CVE-2013-0748 CVE-2013-0750 CVE-2013-0753 CVE-2013-0754 CVE-2013-0758 CVE-2013-0759 CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 CVE-2013-0769	Version:	171
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
Redhat 6 section The operating system installed on the system is Red Hat Enterprise Linux 6 AND Packages section xulrunner-devel is earlier than 0:10.0.12-1.el6_3 AND xulrunner is earlier than 0:10.0.12-1.el6_3 AND firefox is earlier than 0:10.0.12-1.el6_3 OR Centos 6 section CentOS Linux 6.x AND Packages section xulrunner-devel is earlier than 0:10.0.12-1.el6.centos AND xulrunner is earlier than 0:10.0.12-1.el6.centos AND firefox is earlier than 0:10.0.12-1.el6.centos OR Redhat 5 and Centos 5 section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Packages section xulrunner-devel is earlier than 0:10.0.12-1.el5_9 AND xulrunner is earlier than 0:10.0.12-1.el5_9 OR Centos 5 section CentOS Linux 5.x AND firefox is earlier than 0:10.0.12-1.el5.centos OR Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND firefox is earlier than 0:10.0.12-1.el5_9

Definition Id: oval:org.mitre.oval:def:20907

Oval ID:	oval:org.mitre.oval:def:20907
Title:	RHSA-2013:1269: thunderbird security update (Important)
Description:	Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1269-00 CESA-2013:1269 CVE-2013-1718 CVE-2013-1722 CVE-2013-1725 CVE-2013-1730 CVE-2013-1732 CVE-2013-1735 CVE-2013-1736 CVE-2013-1737	Version:	115
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	thunderbird
Definition Synopsis:
Redhat 6 section thunderbird is earlier than 0:17.0.9-1.el6_4 AND The operating system installed on the system is Red Hat Enterprise Linux 6 OR Centos 6 section thunderbird is earlier than 0:17.0.9-1.el6.centos AND CentOS Linux 6.x OR Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND thunderbird is earlier than 0:17.0.9-1.el5_9 OR Centos 5 section CentOS Linux 5.x AND thunderbird is earlier than 0:17.0.9-1.el5.centos

Definition Id: oval:org.mitre.oval:def:20933

Oval ID:	oval:org.mitre.oval:def:20933
Title:	RHSA-2013:0627: thunderbird security update (Important)
Description:	Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0627-01 CESA-2013:0627 CVE-2013-0787	Version:	4
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	thunderbird
Definition Synopsis:
Redhat 6 section thunderbird is earlier than 0:17.0.3-2.el6_4 AND The operating system installed on the system is Red Hat Enterprise Linux 6 OR Centos 6 section thunderbird is earlier than 0:17.0.3-2.el6.centos AND CentOS Linux 6.x OR Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND thunderbird is earlier than 0:17.0.3-2.el5_9 OR Centos 5 section CentOS Linux 5.x AND thunderbird is earlier than 0:17.0.3-2.el5.centos

Definition Id: oval:org.mitre.oval:def:21004

Oval ID:	oval:org.mitre.oval:def:21004
Title:	RHSA-2013:0614: xulrunner security update (Critical)
Description:	Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0614-01 CESA-2013:0614 CVE-2013-0787	Version:	4
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	xulrunner
Definition Synopsis:
Redhat 6 section The operating system installed on the system is Red Hat Enterprise Linux 6 AND Packages section xulrunner-devel is earlier than 0:17.0.3-2.el6_4 AND xulrunner is earlier than 0:17.0.3-2.el6_4 OR Centos 6 section CentOS Linux 6.x AND Packages section xulrunner-devel is earlier than 0:17.0.3-2.el6.centos AND xulrunner is earlier than 0:17.0.3-2.el6.centos AND Operation system section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section xulrunner-devel is earlier than 0:17.0.3-2.el5_9 AND xulrunner is earlier than 0:17.0.3-2.el5_9

Definition Id: oval:org.mitre.oval:def:21008

Oval ID:	oval:org.mitre.oval:def:21008
Title:	RHSA-2013:1142: thunderbird security update (Important)
Description:	Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-1701) A flaw was found in the way Thunderbird generated Certificate Request Message Format (CRMF) requests. An attacker could use this flaw to perform cross-site scripting (XSS) attacks or execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-1710) A flaw was found in the way Thunderbird handled the interaction between frames and browser history. An attacker could use this flaw to trick Thunderbird into treating malicious content as if it came from the browser history, allowing for XSS attacks. (CVE-2013-1709) It was found that the same-origin policy could be bypassed due to the way Uniform Resource Identifiers (URI) were checked in JavaScript. An attacker could use this flaw to perform XSS attacks, or install malicious add-ons from third-party pages. (CVE-2013-1713) It was found that web workers could bypass the same-origin policy. An attacker could use this flaw to perform XSS attacks. (CVE-2013-1714) It was found that, in certain circumstances, Thunderbird incorrectly handled Java applets. If a user launched an untrusted Java applet via Thunderbird, the applet could use this flaw to obtain read-only access to files on the user's local system. (CVE-2013-1717) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Jeff Gilbert, Henrik Skupin, moz_bug_r_a4, Cody Crews, Federico Lanusse, and Georgi Guninski as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 17.0.8 ESR, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1142-01 CESA-2013:1142 CVE-2013-1701	Version:	5
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6	Product(s):	thunderbird
Definition Synopsis:
Redhat 6 section thunderbird is earlier than 0:17.0.8-5.el6_4 AND The operating system installed on the system is Red Hat Enterprise Linux 6 OR Centos 6 section thunderbird is earlier than 0:17.0.8-5.el6.centos AND The operating system installed on the system is CentOS Linux 6.x OR Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND thunderbird is earlier than 0:17.0.8-5.el5_9 OR Centos 5 section The operating system installed on the system is CentOS Linux 5.x AND thunderbird is earlier than 0:17.0.8-5.el5.centos

Definition Id: oval:org.mitre.oval:def:21038

Oval ID:	oval:org.mitre.oval:def:21038
Title:	RHSA-2013:0821: thunderbird security update (Important)
Description:	Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0821-01 CESA-2013:0821 CVE-2013-0801 CVE-2013-1670 CVE-2013-1674 CVE-2013-1675 CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681	Version:	143
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	thunderbird
Definition Synopsis:
Redhat 6 section thunderbird is earlier than 0:17.0.6-2.el6_4 AND The operating system installed on the system is Red Hat Enterprise Linux 6 OR Centos 6 section thunderbird is earlier than 0:17.0.6-2.el6.centos AND CentOS Linux 6.x OR Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND thunderbird is earlier than 0:17.0.6-1.el5_9 OR Centos 5 section CentOS Linux 5.x AND thunderbird is earlier than 0:17.0.6-1.el5.centos

Definition Id: oval:org.mitre.oval:def:21124

Oval ID:	oval:org.mitre.oval:def:21124
Title:	RHSA-2013:0271: firefox security update (Critical)
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0271-02 CESA-2013:0271 CVE-2013-0775 CVE-2013-0776 CVE-2013-0780 CVE-2013-0782 CVE-2013-0783	Version:	73
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	devhelp firefox xulrunner yelp libproxy
Definition Synopsis:
Redhat 6 and Centos 6 section Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x AND Packages section yelp is earlier than 0:2.28.1-17.el6_3 AND libproxy-bin is earlier than 0:0.3.0-4.el6_3 AND libproxy-mozjs is earlier than 0:0.3.0-4.el6_3 AND libproxy-devel is earlier than 0:0.3.0-4.el6_3 AND libproxy-webkit is earlier than 0:0.3.0-4.el6_3 AND libproxy is earlier than 0:0.3.0-4.el6_3 AND libproxy-gnome is earlier than 0:0.3.0-4.el6_3 AND libproxy-python is earlier than 0:0.3.0-4.el6_3 AND libproxy-kde is earlier than 0:0.3.0-4.el6_3 OR Centos 6 section CentOS Linux 6.x AND Packages section xulrunner-devel is earlier than 0:17.0.3-1.el6.centos AND xulrunner is earlier than 0:17.0.3-1.el6.centos AND firefox is earlier than 0:17.0.3-1.el6.centos OR Redhat 6 section The operating system installed on the system is Red Hat Enterprise Linux 6 AND Packages section xulrunner-devel is earlier than 0:17.0.3-1.el6_3 AND xulrunner is earlier than 0:17.0.3-1.el6_3 AND firefox is earlier than 0:17.0.3-1.el6_3 OR Redhat 5 and Centos 5 section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Packages section yelp is earlier than 0:2.16.0-30.el5_9 AND devhelp-devel is earlier than 0:0.12-23.el5_9 AND devhelp is earlier than 0:0.12-23.el5_9 AND xulrunner-devel is earlier than 0:17.0.3-1.el5_9 AND xulrunner is earlier than 0:17.0.3-1.el5_9 OR Centos 5 section CentOS Linux 5.x AND firefox is earlier than 0:17.0.3-1.el5.centos OR Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND firefox is earlier than 0:17.0.3-1.el5_9

Definition Id: oval:org.mitre.oval:def:21139

Oval ID:	oval:org.mitre.oval:def:21139
Title:	RHSA-2013:0820: firefox security update (Critical)
Description:	Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0820-01 CESA-2013:0820 CVE-2013-0801 CVE-2013-1670 CVE-2013-1674 CVE-2013-1675 CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681	Version:	143
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
Redhat 6 section The operating system installed on the system is Red Hat Enterprise Linux 6 AND Packages section firefox is earlier than 0:17.0.6-1.el6_4 AND xulrunner-devel is earlier than 0:17.0.6-2.el6_4 AND xulrunner is earlier than 0:17.0.6-2.el6_4 OR Centos 6 section CentOS Linux 6.x AND Packages section firefox is earlier than 0:17.0.6-1.el6.centos AND xulrunner-devel is earlier than 0:17.0.6-2.el6.centos AND xulrunner is earlier than 0:17.0.6-2.el6.centos OR Redhat 5 and Centos 5 section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Packages section xulrunner-devel is earlier than 0:17.0.6-1.el5_9 AND xulrunner is earlier than 0:17.0.6-1.el5_9 OR Centos 5 section CentOS Linux 5.x AND firefox is earlier than 0:17.0.6-1.el5.centos OR Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND firefox is earlier than 0:17.0.6-1.el5_9

Definition Id: oval:org.mitre.oval:def:21148

Oval ID:	oval:org.mitre.oval:def:21148
Title:	RHSA-2013:0272: thunderbird security update (Critical)
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0272-01 CESA-2013:0272 CVE-2013-0775 CVE-2013-0776 CVE-2013-0780 CVE-2013-0782 CVE-2013-0783	Version:	73
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	thunderbird
Definition Synopsis:
Redhat 6 section thunderbird is earlier than 0:17.0.3-1.el6_3 AND The operating system installed on the system is Red Hat Enterprise Linux 6 OR Centos 6 section thunderbird is earlier than 0:17.0.3-1.el6.centos AND CentOS Linux 6.x OR Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND thunderbird is earlier than 0:17.0.3-1.el5_9 OR Centos 5 section CentOS Linux 5.x AND thunderbird is earlier than 0:17.0.3-1.el5.centos

Definition Id: oval:org.mitre.oval:def:21149

Oval ID:	oval:org.mitre.oval:def:21149
Title:	RHSA-2013:0696: firefox security update (Critical)
Description:	Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0696-01 CESA-2013:0696 CVE-2013-0788 CVE-2013-0793 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800	Version:	73
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
Redhat 6 section The operating system installed on the system is Red Hat Enterprise Linux 6 AND Packages section xulrunner-devel is earlier than 0:17.0.5-1.el6_4 AND xulrunner is earlier than 0:17.0.5-1.el6_4 AND firefox is earlier than 0:17.0.5-1.el6_4 OR Centos 6 section CentOS Linux 6.x AND Packages section xulrunner-devel is earlier than 0:17.0.5-1.el6.centos AND xulrunner is earlier than 0:17.0.5-1.el6.centos AND firefox is earlier than 0:17.0.5-1.el6.centos OR Redhat 5 and Centos 5 section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Packages section xulrunner-devel is earlier than 0:17.0.5-1.el5_9 AND xulrunner is earlier than 0:17.0.5-1.el5_9 OR Centos 5 section CentOS Linux 5.x AND firefox is earlier than 0:17.0.5-1.el5.centos OR Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND firefox is earlier than 0:17.0.5-1.el5_9

Definition Id: oval:org.mitre.oval:def:21181

Oval ID:	oval:org.mitre.oval:def:21181
Title:	RHSA-2013:0697: thunderbird security update (Important)
Description:	Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0697-01 CESA-2013:0697 CVE-2013-0788 CVE-2013-0793 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800	Version:	73
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	thunderbird
Definition Synopsis:
Redhat 6 section thunderbird is earlier than 0:17.0.5-1.el6_4 AND The operating system installed on the system is Red Hat Enterprise Linux 6 OR Centos 6 section thunderbird is earlier than 0:17.0.5-1.el6.centos AND CentOS Linux 6.x OR Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND thunderbird is earlier than 0:17.0.5-1.el5_9 OR Centos 5 section CentOS Linux 5.x AND thunderbird is earlier than 0:17.0.5-1.el5.centos

Definition Id: oval:org.mitre.oval:def:22674

Oval ID:	oval:org.mitre.oval:def:22674
Title:	DEPRECATED: ELSA-2013:0614: xulrunner security update (Critical)
Description:	Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0614-01 CVE-2013-0787	Version:	7
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	xulrunner
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test xulrunner-devel is earlier than 0:17.0.3-2.el6_4 AND xulrunner is earlier than 0:17.0.3-2.el6_4 OR rpm test Oracle Linux 5.x AND rpm test xulrunner-devel is earlier than 0:17.0.3-2.el5_9 AND xulrunner is earlier than 0:17.0.3-2.el5_9

Definition Id: oval:org.mitre.oval:def:22698

Oval ID:	oval:org.mitre.oval:def:22698
Title:	DEPRECATED: ELSA-2013:0145: thunderbird security update (Critical)
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0145-01 CVE-2013-0744 CVE-2013-0746 CVE-2013-0748 CVE-2013-0750 CVE-2013-0753 CVE-2013-0754 CVE-2013-0758 CVE-2013-0759 CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 CVE-2013-0769	Version:	54
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
rpm test thunderbird is earlier than 0:10.0.12-3.el6_3 AND Oracle Linux 6.x OR rpm test Oracle Linux 5.x AND thunderbird is earlier than 0:10.0.12-3.el5_9

Definition Id: oval:org.mitre.oval:def:22867

Oval ID:	oval:org.mitre.oval:def:22867
Title:	DEPRECATED: ELSA-2013:0696: firefox security update (Critical)
Description:	Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0696-01 CVE-2013-0788 CVE-2013-0793 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800	Version:	26
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test xulrunner-devel is earlier than 0:17.0.5-1.el6_4 AND xulrunner is earlier than 0:17.0.5-1.el6_4 AND firefox is earlier than 0:17.0.5-1.el6_4 AND firefox is earlier than 0:17.0.5-1.el6_4 OR rpm test Oracle Linux 5.x AND rpm test xulrunner-devel is earlier than 0:17.0.5-1.el5_9 AND xulrunner is earlier than 0:17.0.5-1.el5_9 AND firefox is earlier than 0:17.0.5-1.el5_9 AND firefox is earlier than 0:17.0.5-1.el5_9

Definition Id: oval:org.mitre.oval:def:22889

Oval ID:	oval:org.mitre.oval:def:22889
Title:	DEPRECATED: ELSA-2013:0821: thunderbird security update (Important)
Description:	Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0821-01 CVE-2013-0801 CVE-2013-1670 CVE-2013-1674 CVE-2013-1675 CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681	Version:	46
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
rpm test thunderbird is earlier than 0:17.0.6-2.el6_4 AND Oracle Linux 6.x OR rpm test Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.6-1.el5_9

Definition Id: oval:org.mitre.oval:def:22897

Oval ID:	oval:org.mitre.oval:def:22897
Title:	DEPRECATED: ELSA-2013:1142: thunderbird security update (Important)
Description:	Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1142-02 CVE-2013-1701 CVE-2013-1709 CVE-2013-1710 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717	Version:	30
Platform(s):	Oracle Linux 6 Oracle Linux 5	Product(s):	thunderbird
Definition Synopsis:
rpm test thunderbird is earlier than 0:17.0.8-5.el6_4 AND Oracle Linux 6.x OR rpm test Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.8-5.el5_9

Definition Id: oval:org.mitre.oval:def:22906

Oval ID:	oval:org.mitre.oval:def:22906
Title:	DEPRECATED: ELSA-2013:1140: firefox security update (Critical)
Description:	Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1140-01 CVE-2013-1701 CVE-2013-1709 CVE-2013-1710 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717	Version:	30
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test firefox is earlier than 0:17.0.8-1.el6_4 AND xulrunner is earlier than 0:17.0.8-3.el6_4 AND xulrunner-devel is earlier than 0:17.0.8-3.el6_4 OR rpm test Oracle Linux 5.x AND rpm test firefox is earlier than 0:17.0.8-1.el5_9 AND xulrunner is earlier than 0:17.0.8-3.el5_9 AND xulrunner-devel is earlier than 0:17.0.8-3.el5_9

Definition Id: oval:org.mitre.oval:def:22936

Oval ID:	oval:org.mitre.oval:def:22936
Title:	DEPRECATED: ELSA-2013:0144: firefox security update (Critical)
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0144-01 CVE-2013-0744 CVE-2013-0746 CVE-2013-0748 CVE-2013-0750 CVE-2013-0753 CVE-2013-0754 CVE-2013-0758 CVE-2013-0759 CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 CVE-2013-0769	Version:	54
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test xulrunner-devel is earlier than 0:10.0.12-1.el6_3 AND xulrunner is earlier than 0:10.0.12-1.el6_3 AND firefox is earlier than 0:10.0.12-1.el6_3 OR rpm test Oracle Linux 5.x AND rpm test xulrunner-devel is earlier than 0:10.0.12-1.el5_9 AND xulrunner is earlier than 0:10.0.12-1.el5_9 AND firefox is earlier than 0:10.0.12-1.el5_9

Definition Id: oval:org.mitre.oval:def:22971

Oval ID:	oval:org.mitre.oval:def:22971
Title:	DEPRECATED: ELSA-2013:0820: firefox security update (Critical)
Description:	Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0820-01 CVE-2013-0801 CVE-2013-1670 CVE-2013-1674 CVE-2013-1675 CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681	Version:	46
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test firefox is earlier than 0:17.0.6-1.el6_4 AND xulrunner-devel is earlier than 0:17.0.6-2.el6_4 AND xulrunner is earlier than 0:17.0.6-2.el6_4 OR rpm test Oracle Linux 5.x AND rpm test xulrunner-devel is earlier than 0:17.0.6-1.el5_9 AND xulrunner is earlier than 0:17.0.6-1.el5_9 AND firefox is earlier than 0:17.0.6-1.el5_9

Definition Id: oval:org.mitre.oval:def:23124

Oval ID:	oval:org.mitre.oval:def:23124
Title:	DEPRECATED: ELSA-2013:0271: firefox security update (Critical)
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0271-02 CVE-2013-0775 CVE-2013-0776 CVE-2013-0780 CVE-2013-0782 CVE-2013-0783	Version:	26
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	devhelp firefox xulrunner yelp libproxy
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test yelp is earlier than 0:2.28.1-17.el6_3 AND libproxy-bin is earlier than 0:0.3.0-4.el6_3 AND libproxy-mozjs is earlier than 0:0.3.0-4.el6_3 AND libproxy-devel is earlier than 0:0.3.0-4.el6_3 AND libproxy-webkit is earlier than 0:0.3.0-4.el6_3 AND libproxy is earlier than 0:0.3.0-4.el6_3 AND libproxy-gnome is earlier than 0:0.3.0-4.el6_3 AND libproxy-python is earlier than 0:0.3.0-4.el6_3 AND libproxy-kde is earlier than 0:0.3.0-4.el6_3 AND xulrunner-devel is earlier than 0:17.0.3-1.el6_3 AND xulrunner is earlier than 0:17.0.3-1.el6_3 AND firefox is earlier than 0:17.0.3-1.el6_3 AND firefox is earlier than 0:17.0.3-1.el6_3 OR rpm test Oracle Linux 5.x AND rpm test yelp is earlier than 0:2.16.0-30.el5_9 AND devhelp-devel is earlier than 0:0.12-23.el5_9 AND devhelp is earlier than 0:0.12-23.el5_9 AND xulrunner-devel is earlier than 0:17.0.3-1.el5_9 AND xulrunner is earlier than 0:17.0.3-1.el5_9 AND firefox is earlier than 0:17.0.3-1.el5_9

Definition Id: oval:org.mitre.oval:def:23129

Oval ID:	oval:org.mitre.oval:def:23129
Title:	ELSA-2013:0614: xulrunner security update (Critical)
Description:	Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0614-01 CVE-2013-0787	Version:	6
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	xulrunner
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test xulrunner-devel is earlier than 0:17.0.3-2.el6_4 AND xulrunner is earlier than 0:17.0.3-2.el6_4 OR rpm test Oracle Linux 5.x AND rpm test xulrunner-devel is earlier than 0:17.0.3-2.el5_9 AND xulrunner is earlier than 0:17.0.3-2.el5_9

Definition Id: oval:org.mitre.oval:def:23136

Oval ID:	oval:org.mitre.oval:def:23136
Title:	DEPRECATED: ELSA-2013:0982: thunderbird security update (Important)
Description:	The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0982-00 CVE-2013-1682 CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 CVE-2013-1687 CVE-2013-1690 CVE-2013-1692 CVE-2013-1693 CVE-2013-1694 CVE-2013-1697	Version:	46
Platform(s):	Oracle Linux 6 Oracle Linux 5	Product(s):	thunderbird
Definition Synopsis:
rpm test thunderbird is earlier than 0:17.0.7-1.el6_4 AND Oracle Linux 6.x OR rpm test Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.7-1.el5_9

Definition Id: oval:org.mitre.oval:def:23153

Oval ID:	oval:org.mitre.oval:def:23153
Title:	DEPRECATED: ELSA-2013:0272: thunderbird security update (Critical)
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0272-01 CVE-2013-0775 CVE-2013-0776 CVE-2013-0780 CVE-2013-0782 CVE-2013-0783	Version:	26
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
rpm test thunderbird is earlier than 0:17.0.3-1.el6_3 AND Oracle Linux 6.x OR rpm test Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.3-1.el5_9

Definition Id: oval:org.mitre.oval:def:23187

Oval ID:	oval:org.mitre.oval:def:23187
Title:	DEPRECATED: ELSA-2013:0697: thunderbird security update (Important)
Description:	Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0697-01 CVE-2013-0788 CVE-2013-0793 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800	Version:	26
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
rpm test thunderbird is earlier than 0:17.0.5-1.el6_4 AND Oracle Linux 6.x OR rpm test Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.5-1.el5_9

Definition Id: oval:org.mitre.oval:def:23194

Oval ID:	oval:org.mitre.oval:def:23194
Title:	DEPRECATED: ELSA-2013:1269: thunderbird security update (Important)
Description:	Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1269-00 CVE-2013-1718 CVE-2013-1722 CVE-2013-1725 CVE-2013-1730 CVE-2013-1732 CVE-2013-1735 CVE-2013-1736 CVE-2013-1737	Version:	38
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
rpm test thunderbird is earlier than 0:17.0.9-1.el6_4 AND Oracle Linux 6.x OR rpm test Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.9-1.el5_9

Definition Id: oval:org.mitre.oval:def:23364

Oval ID:	oval:org.mitre.oval:def:23364
Title:	DEPRECATED: ELSA-2013:0627: thunderbird security update (Important)
Description:	Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0627-01 CVE-2013-0787	Version:	7
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
rpm test thunderbird is earlier than 0:17.0.3-2.el6_4 AND Oracle Linux 6.x OR rpm test Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.3-2.el5_9

Definition Id: oval:org.mitre.oval:def:23392

Oval ID:	oval:org.mitre.oval:def:23392
Title:	DEPRECATED: ELSA-2013:0981: firefox security update (Critical)
Description:	The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0981-00 CVE-2013-1682 CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 CVE-2013-1687 CVE-2013-1690 CVE-2013-1692 CVE-2013-1693 CVE-2013-1694 CVE-2013-1697	Version:	46
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test xulrunner-devel is earlier than 0:17.0.7-1.el6_4 AND xulrunner is earlier than 0:17.0.7-1.el6_4 AND firefox is earlier than 0:17.0.7-1.el6_4 OR rpm test Oracle Linux 5.x AND rpm test xulrunner-devel is earlier than 0:17.0.7-1.el5_9 AND xulrunner is earlier than 0:17.0.7-1.el5_9 AND firefox is earlier than 0:17.0.7-1.el5_9

Definition Id: oval:org.mitre.oval:def:23462

Oval ID:	oval:org.mitre.oval:def:23462
Title:	ELSA-2013:0271: firefox security update (Critical)
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0271-02 CVE-2013-0775 CVE-2013-0776 CVE-2013-0780 CVE-2013-0782 CVE-2013-0783	Version:	25
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	devhelp firefox xulrunner yelp libproxy
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test yelp is earlier than 0:2.28.1-17.el6_3 AND libproxy-bin is earlier than 0:0.3.0-4.el6_3 AND libproxy-mozjs is earlier than 0:0.3.0-4.el6_3 AND libproxy-devel is earlier than 0:0.3.0-4.el6_3 AND libproxy-webkit is earlier than 0:0.3.0-4.el6_3 AND libproxy is earlier than 0:0.3.0-4.el6_3 AND libproxy-gnome is earlier than 0:0.3.0-4.el6_3 AND libproxy-python is earlier than 0:0.3.0-4.el6_3 AND libproxy-kde is earlier than 0:0.3.0-4.el6_3 AND xulrunner-devel is earlier than 0:17.0.3-1.el6_3 AND xulrunner is earlier than 0:17.0.3-1.el6_3 AND firefox is earlier than 0:17.0.3-1.el6_3 AND firefox is earlier than 0:17.0.3-1.el6_3 OR rpm test Oracle Linux 5.x AND rpm test yelp is earlier than 0:2.16.0-30.el5_9 AND devhelp-devel is earlier than 0:0.12-23.el5_9 AND devhelp is earlier than 0:0.12-23.el5_9 AND xulrunner-devel is earlier than 0:17.0.3-1.el5_9 AND xulrunner is earlier than 0:17.0.3-1.el5_9 AND firefox is earlier than 0:17.0.3-1.el5_9

Definition Id: oval:org.mitre.oval:def:23481

Oval ID:	oval:org.mitre.oval:def:23481
Title:	ELSA-2013:0982: thunderbird security update (Important)
Description:	The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0982-00 CVE-2013-1682 CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 CVE-2013-1687 CVE-2013-1690 CVE-2013-1692 CVE-2013-1693 CVE-2013-1694 CVE-2013-1697	Version:	45
Platform(s):	Oracle Linux 6 Oracle Linux 5	Product(s):	thunderbird
Definition Synopsis:
rpm test thunderbird is earlier than 0:17.0.7-1.el6_4 AND Oracle Linux 6.x OR rpm test Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.7-1.el5_9

Definition Id: oval:org.mitre.oval:def:23564

Oval ID:	oval:org.mitre.oval:def:23564
Title:	DEPRECATED: ELSA-2013:1268: firefox security update (Critical)
Description:	Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1268-00 CVE-2013-1718 CVE-2013-1722 CVE-2013-1725 CVE-2013-1730 CVE-2013-1732 CVE-2013-1735 CVE-2013-1736 CVE-2013-1737	Version:	38
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test xulrunner is earlier than 0:17.0.9-1.el6_4 AND xulrunner-devel is earlier than 0:17.0.9-1.el6_4 AND firefox is earlier than 0:17.0.9-1.el6_4 OR rpm test Oracle Linux 5.x AND rpm test xulrunner is earlier than 0:17.0.9-1.el5_9 AND xulrunner-devel is earlier than 0:17.0.9-1.el5_9 AND firefox is earlier than 0:17.0.9-1.el5_9

Definition Id: oval:org.mitre.oval:def:23597

Oval ID:	oval:org.mitre.oval:def:23597
Title:	ELSA-2013:0627: thunderbird security update (Important)
Description:	Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0627-01 CVE-2013-0787	Version:	6
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
rpm test thunderbird is earlier than 0:17.0.3-2.el6_4 AND Oracle Linux 6.x OR rpm test Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.3-2.el5_9

Definition Id: oval:org.mitre.oval:def:23767

Oval ID:	oval:org.mitre.oval:def:23767
Title:	ELSA-2013:1269: thunderbird security update (Important)
Description:	Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1269-00 CVE-2013-1718 CVE-2013-1722 CVE-2013-1725 CVE-2013-1730 CVE-2013-1732 CVE-2013-1735 CVE-2013-1736 CVE-2013-1737	Version:	37
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
rpm test thunderbird is earlier than 0:17.0.9-1.el6_4 AND Oracle Linux 6.x OR rpm test Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.9-1.el5_9

Definition Id: oval:org.mitre.oval:def:23822

Oval ID:	oval:org.mitre.oval:def:23822
Title:	ELSA-2013:0981: firefox security update (Critical)
Description:	The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0981-00 CVE-2013-1682 CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 CVE-2013-1687 CVE-2013-1690 CVE-2013-1692 CVE-2013-1693 CVE-2013-1694 CVE-2013-1697	Version:	45
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test xulrunner-devel is earlier than 0:17.0.7-1.el6_4 AND xulrunner is earlier than 0:17.0.7-1.el6_4 AND firefox is earlier than 0:17.0.7-1.el6_4 OR rpm test Oracle Linux 5.x AND rpm test xulrunner-devel is earlier than 0:17.0.7-1.el5_9 AND xulrunner is earlier than 0:17.0.7-1.el5_9 AND firefox is earlier than 0:17.0.7-1.el5_9

Definition Id: oval:org.mitre.oval:def:23847

Oval ID:	oval:org.mitre.oval:def:23847
Title:	ELSA-2013:0145: thunderbird security update (Critical)
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0145-01 CVE-2013-0744 CVE-2013-0746 CVE-2013-0748 CVE-2013-0750 CVE-2013-0753 CVE-2013-0754 CVE-2013-0758 CVE-2013-0759 CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 CVE-2013-0769	Version:	53
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
rpm test thunderbird is earlier than 0:10.0.12-3.el6_3 AND Oracle Linux 6.x OR rpm test Oracle Linux 5.x AND thunderbird is earlier than 0:10.0.12-3.el5_9

Definition Id: oval:org.mitre.oval:def:23874

Oval ID:	oval:org.mitre.oval:def:23874
Title:	ELSA-2013:0144: firefox security update (Critical)
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0144-01 CVE-2013-0744 CVE-2013-0746 CVE-2013-0748 CVE-2013-0750 CVE-2013-0753 CVE-2013-0754 CVE-2013-0758 CVE-2013-0759 CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 CVE-2013-0769	Version:	53
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test xulrunner-devel is earlier than 0:10.0.12-1.el6_3 AND xulrunner is earlier than 0:10.0.12-1.el6_3 AND firefox is earlier than 0:10.0.12-1.el6_3 OR rpm test Oracle Linux 5.x AND rpm test xulrunner-devel is earlier than 0:10.0.12-1.el5_9 AND xulrunner is earlier than 0:10.0.12-1.el5_9 AND firefox is earlier than 0:10.0.12-1.el5_9

Definition Id: oval:org.mitre.oval:def:23946

Oval ID:	oval:org.mitre.oval:def:23946
Title:	ELSA-2013:0821: thunderbird security update (Important)
Description:	Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0821-01 CVE-2013-0801 CVE-2013-1670 CVE-2013-1674 CVE-2013-1675 CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681	Version:	45
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
rpm test thunderbird is earlier than 0:17.0.6-2.el6_4 AND Oracle Linux 6.x OR rpm test Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.6-1.el5_9

Definition Id: oval:org.mitre.oval:def:23948

Oval ID:	oval:org.mitre.oval:def:23948
Title:	ELSA-2013:0697: thunderbird security update (Important)
Description:	Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0697-01 CVE-2013-0788 CVE-2013-0793 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800	Version:	25
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
rpm test thunderbird is earlier than 0:17.0.5-1.el6_4 AND Oracle Linux 6.x OR rpm test Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.5-1.el5_9

Definition Id: oval:org.mitre.oval:def:23978

Oval ID:	oval:org.mitre.oval:def:23978
Title:	ELSA-2013:0696: firefox security update (Critical)
Description:	Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0696-01 CVE-2013-0788 CVE-2013-0793 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800	Version:	25
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test xulrunner-devel is earlier than 0:17.0.5-1.el6_4 AND xulrunner is earlier than 0:17.0.5-1.el6_4 AND firefox is earlier than 0:17.0.5-1.el6_4 AND firefox is earlier than 0:17.0.5-1.el6_4 OR rpm test Oracle Linux 5.x AND rpm test xulrunner-devel is earlier than 0:17.0.5-1.el5_9 AND xulrunner is earlier than 0:17.0.5-1.el5_9 AND firefox is earlier than 0:17.0.5-1.el5_9 AND firefox is earlier than 0:17.0.5-1.el5_9

Definition Id: oval:org.mitre.oval:def:24014

Oval ID:	oval:org.mitre.oval:def:24014
Title:	ELSA-2013:0820: firefox security update (Critical)
Description:	Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0820-01 CVE-2013-0801 CVE-2013-1670 CVE-2013-1674 CVE-2013-1675 CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681	Version:	45
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test firefox is earlier than 0:17.0.6-1.el6_4 AND xulrunner-devel is earlier than 0:17.0.6-2.el6_4 AND xulrunner is earlier than 0:17.0.6-2.el6_4 OR rpm test Oracle Linux 5.x AND rpm test xulrunner-devel is earlier than 0:17.0.6-1.el5_9 AND xulrunner is earlier than 0:17.0.6-1.el5_9 AND firefox is earlier than 0:17.0.6-1.el5_9

Definition Id: oval:org.mitre.oval:def:24061

Oval ID:	oval:org.mitre.oval:def:24061
Title:	ELSA-2013:0272: thunderbird security update (Critical)
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0272-01 CVE-2013-0775 CVE-2013-0776 CVE-2013-0780 CVE-2013-0782 CVE-2013-0783	Version:	25
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
rpm test thunderbird is earlier than 0:17.0.3-1.el6_3 AND Oracle Linux 6.x OR rpm test Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.3-1.el5_9

Definition Id: oval:org.mitre.oval:def:24083

Oval ID:	oval:org.mitre.oval:def:24083
Title:	ELSA-2013:1140: firefox security update (Critical)
Description:	Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1140-01 CVE-2013-1701 CVE-2013-1709 CVE-2013-1710 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717	Version:	29
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test firefox is earlier than 0:17.0.8-1.el6_4 AND xulrunner is earlier than 0:17.0.8-3.el6_4 AND xulrunner-devel is earlier than 0:17.0.8-3.el6_4 OR rpm test Oracle Linux 5.x AND rpm test firefox is earlier than 0:17.0.8-1.el5_9 AND xulrunner is earlier than 0:17.0.8-3.el5_9 AND xulrunner-devel is earlier than 0:17.0.8-3.el5_9

Definition Id: oval:org.mitre.oval:def:24091

Oval ID:	oval:org.mitre.oval:def:24091
Title:	ELSA-2013:1142: thunderbird security update (Important)
Description:	Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1142-02 CVE-2013-1701 CVE-2013-1709 CVE-2013-1710 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717	Version:	29
Platform(s):	Oracle Linux 6 Oracle Linux 5	Product(s):	thunderbird
Definition Synopsis:
rpm test thunderbird is earlier than 0:17.0.8-5.el6_4 AND Oracle Linux 6.x OR rpm test Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.8-5.el5_9

Definition Id: oval:org.mitre.oval:def:24179

Oval ID:	oval:org.mitre.oval:def:24179
Title:	ELSA-2013:1268: firefox security update (Critical)
Description:	Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1268-00 CVE-2013-1718 CVE-2013-1722 CVE-2013-1725 CVE-2013-1730 CVE-2013-1732 CVE-2013-1735 CVE-2013-1736 CVE-2013-1737	Version:	37
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
rpm test Oracle Linux 6.x AND rpm test xulrunner is earlier than 0:17.0.9-1.el6_4 AND xulrunner-devel is earlier than 0:17.0.9-1.el6_4 AND firefox is earlier than 0:17.0.9-1.el6_4 OR rpm test Oracle Linux 5.x AND rpm test xulrunner is earlier than 0:17.0.9-1.el5_9 AND xulrunner-devel is earlier than 0:17.0.9-1.el5_9 AND firefox is earlier than 0:17.0.9-1.el5_9

Definition Id: oval:org.mitre.oval:def:24995

Oval ID:	oval:org.mitre.oval:def:24995
Title:	SUSE-SU-2013:1382-1 -- Security update for Mozilla Firefox
Description:	Update to Firefox 17.0.8esr (bnc#833389) to address: * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 (bmo#855331, bmo#844088, bmo#858060, bmo#870200, bmo#874974, bmo#861530, bmo#854157, bmo#893684, bmo#878703, bmo#862185, bmo#879139, bmo#888107, bmo#880734) Miscellaneous memory safety hazards (rv:23.0 / rv:17.0.8) * MFSA 2013-66/CVE-2013-1706/CVE-2013-1707 (bmo#888314, bmo#888361) Buffer overflow in Mozilla Maintenance Service and Mozilla Updater * MFSA 2013-68/CVE-2013-1709 (bmo#848253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-71/CVE-2013-1712 (bmo#859072) Further Privilege escalation through Mozilla Updater * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541) Local Java applets may read contents of local file system
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1382-1 CVE-2013-1701 CVE-2013-1702 CVE-2013-1706 CVE-2013-1707 CVE-2013-1709 CVE-2013-1710 CVE-2013-1712 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717	Version:	3
Platform(s):	SUSE Linux Enterprise Server 10	Product(s):	Mozilla Firefox
Definition Synopsis:
SUSE Linux Enterprise Server 10 is installed Packages match section MozillaFirefox RPM is earlier than 0:17.0.8esr-0.5.1 AND MozillaFirefox-translations RPM is earlier than 0:17.0.8esr-0.5.1

Definition Id: oval:org.mitre.oval:def:25026

Oval ID:	oval:org.mitre.oval:def:25026
Title:	SUSE-SU-2013:1153-1 -- Security update for Mozilla Firefox
Description:	Mozilla Firefox has been updated to the 17.0.7 ESR version, which fixes bugs and security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1153-1 CVE-2013-1682 CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 CVE-2013-1687 CVE-2013-1690 CVE-2013-1692 CVE-2013-1693 CVE-2013-1697	Version:	5
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Desktop 11 SUSE Linux Enterprise Desktop 10	Product(s):	Mozilla Firefox
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section MozillaFirefox RPM is earlier than 0:17.0.7esr-0.3.1 AND MozillaFirefox-branding-SLED RPM is earlier than 0:7-0.6.9.31 AND MozillaFirefox-translations RPM is earlier than 0:17.0.7esr-0.3.1 AND SUSE Linux Enterprise Server 10 and SUSE Linux Enterprise Desktop 10 release section Operation system section SUSE Linux Enterprise Server 10 is installed AND SUSE Linux Enterprise Desktop 10 is installed Packages match section MozillaFirefox RPM is earlier than 0:17.0.7esr-0.6.1 AND MozillaFirefox-branding-SLED RPM is earlier than 0:7-0.10.28 AND MozillaFirefox-translations RPM is earlier than 0:17.0.7esr-0.6.1

Definition Id: oval:org.mitre.oval:def:25088

Oval ID:	oval:org.mitre.oval:def:25088
Title:	SUSE-SU-2013:1497-1 -- Security update for Mozilla Firefox
Description:	This update to Firefox 17.0.9esr (bnc#840485) addresses: * MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object o (CVE-2013-1737) * MFSA 2013-90 Memory corruption involving scrolling o use-after-free in mozilla::layout::ScrollbarActivity (CVE-2013-1735) o Memory corruption in nsGfxScrollFrameInner::IsLTR() (CVE-2013-1736) * MFSA 2013-89 Buffer overflow with multi-column, lists, and floats o buffer overflow at nsFloatManager::GetFlowArea() with multicol, list, floats (CVE-2013-1732) * MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes o compartment mismatch in nsXBLBinding::DoInitJSClass (CVE-2013-1730) * MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification o MAR signature bypass in Updater could lead to downgrade (CVE-2013-1726) * MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption o ABORT: bad scope for new JSObjects: ReparentWrapper / document.open (CVE-2013-1725) * MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning o Heap-use-after-free in nsAnimationManager::BuildAnimations (CVE-2013-1722) * MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9) o Memory safety bugs fixed in Firefox 17.0.9 and Firefox 24.0 (CVE-2013-1718) * MFSA 2013-65 Buffer underflow when generating CRMF requests o ASAN heap-buffer-overflow (read 1) in cryptojs_interpret_key_gen_type (CVE-2013-1705)
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1497-1 CVE-2013-1737 CVE-2013-1735 CVE-2013-1736 CVE-2013-1732 CVE-2013-1730 CVE-2013-1726 CVE-2013-1725 CVE-2013-1722 CVE-2013-1718 CVE-2013-1705	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	Mozilla Firefox
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section MozillaFirefox RPM is earlier than 0:17.0.9esr-0.7.1 AND MozillaFirefox-translations RPM is earlier than 0:17.0.9esr-0.7.1 AND MozillaFirefox RPM is earlier than 0:17.0.9esr-0.3.1 AND MozillaFirefox-translations RPM is earlier than 0:17.0.9esr-0.3.1

Definition Id: oval:org.mitre.oval:def:25306

Oval ID:	oval:org.mitre.oval:def:25306
Title:	SUSE-SU-2013:0410-1 -- Security update for Mozilla Firefox
Description:	MozillaFirefox has been updated to the 17.0.3ESR release. Important: due to compatibility issues, the Beagle plug-in for MozillaFirefox is temporarily disabled by this update.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0410-1 CVE-2013-0780 CVE-2013-0782 CVE-2013-0776 CVE-2013-0775 CVE-2013-0774 CVE-2013-0773 CVE-2013-0765 CVE-2013-0772 CVE-2013-0783	Version:	5
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	Mozilla Firefox
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section MozillaFirefox RPM is earlier than 0:17.0.3esr-0.4.4.1 AND MozillaFirefox-branding-SLED RPM is earlier than 0:7-0.6.9.5 AND MozillaFirefox-translations RPM is earlier than 0:17.0.3esr-0.4.4.1 AND libfreebl3 RPM is earlier than 0:3.14.2-0.4.3.2 AND mozilla-nspr RPM is earlier than 0:4.9.5-0.3.2 AND mozilla-nss RPM is earlier than 0:3.14.2-0.4.3.2 AND mozilla-nss-tools RPM is earlier than 0:3.14.2-0.4.3.2 AND libfreebl3-32bit RPM is earlier than 0:3.14.2-0.4.3.2 AND mozilla-nspr-32bit RPM is earlier than 0:4.9.5-0.3.2 AND mozilla-nss-32bit RPM is earlier than 0:3.14.2-0.4.3.2 AND SUSE Linux Enterprise Desktop 11 release section SUSE Linux Enterprise Desktop 11.x is installed Packages match section beagle RPM is earlier than 0:0.3.8-56.51.1 AND beagle-evolution RPM is earlier than 0:0.3.8-56.51.1 AND beagle-firefox RPM is earlier than 0:0.3.8-56.51.1 AND beagle-gui RPM is earlier than 0:0.3.8-56.51.1 AND beagle-lang RPM is earlier than 0:0.3.8-56.51.1 AND mhtml-firefox RPM is earlier than 0:0.5-1.47.51.5

Definition Id: oval:org.mitre.oval:def:25488

Oval ID:	oval:org.mitre.oval:def:25488
Title:	SUSE-SU-2013:0850-1 -- Security update for Mozilla Firefox
Description:	Mozilla Firefox has been updated to the17.0.6ESR security version upgrade as a LTSS roll up release.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0850-1 CVE-2013-0788 CVE-2013-0800 CVE-2013-0799 CVE-2013-0797 CVE-2013-0796 CVE-2013-0795 CVE-2013-0794 CVE-2013-0793 CVE-2013-0792 CVE-2013-0791	Version:	5
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	Mozilla Firefox
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section MozillaFirefox RPM is earlier than 0:17.0.6esr-0.4.1 AND MozillaFirefox-branding-SLED RPM is earlier than 0:7-0.6.9.20 AND MozillaFirefox-translations RPM is earlier than 0:17.0.6esr-0.4.1 AND libfreebl3 RPM is earlier than 0:3.14.3-0.4.3.1 AND mozilla-nspr RPM is earlier than 0:4.9.6-0.3.1 AND mozilla-nss RPM is earlier than 0:3.14.3-0.4.3.1 AND mozilla-nss-tools RPM is earlier than 0:3.14.3-0.4.3.1 AND libfreebl3-32bit RPM is earlier than 0:3.14.3-0.4.3.1 AND mozilla-nspr-32bit RPM is earlier than 0:4.9.6-0.3.1 AND mozilla-nss-32bit RPM is earlier than 0:3.14.3-0.4.3.1

Definition Id: oval:org.mitre.oval:def:25591

Oval ID:	oval:org.mitre.oval:def:25591
Title:	SUSE-SU-2013:1325-2 -- Security update for Mozilla Firefox
Description:	This update to Firefox 17.0.8esr (bnc#833389) addresses the following issues: * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 (bmo#855331, bmo#844088, bmo#858060, bmo#870200, bmo#874974, bmo#861530, bmo#854157, bmo#893684, bmo#878703, bmo#862185, bmo#879139, bmo#888107, bmo#880734) Miscellaneous memory safety hazards (rv:23.0 / rv:17.0.8) * MFSA 2013-66/CVE-2013-1706/CVE-2013-1707 (bmo#888314, bmo#888361) Buffer overflow in Mozilla Maintenance Service and Mozilla Updater * MFSA 2013-68/CVE-2013-1709 (bmo#848253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-71/CVE-2013-1712 (bmo#859072) Further Privilege escalation through Mozilla Updater * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541) Local Java applets may read contents of local file system
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1325-2 CVE-2013-1701 CVE-2013-1702 CVE-2013-1706 CVE-2013-1707 CVE-2013-1709 CVE-2013-1710 CVE-2013-1712 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717	Version:	5
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10	Product(s):	Mozilla Firefox
Definition Synopsis:
SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section MozillaFirefox RPM is earlier than 0:17.0.8esr-0.4.2.1 AND MozillaFirefox-translations RPM is earlier than 0:17.0.8esr-0.4.2.1 AND SUSE Linux Enterprise Server 10 release section SUSE Linux Enterprise Server 10 is installed Packages match section mozilla-nspr RPM is earlier than 0:4.9.6-0.5.7 AND mozilla-nspr-devel RPM is earlier than 0:4.9.6-0.5.7 AND mozilla-nss RPM is earlier than 0:3.14.3-0.5.7 AND mozilla-nss-devel RPM is earlier than 0:3.14.3-0.5.7 AND mozilla-nss-tools RPM is earlier than 0:3.14.3-0.5.7 AND mozilla-nspr-32bit RPM is earlier than 0:4.9.6-0.5.7 AND mozilla-nss-32bit RPM is earlier than 0:3.14.3-0.5.7 AND MozillaFirefox RPM is earlier than 0:17.0.8esr-0.5.3 AND MozillaFirefox-branding-SLED RPM is earlier than 0:7-0.10.34 AND MozillaFirefox-translations RPM is earlier than 0:17.0.8esr-0.5.3

Definition Id: oval:org.mitre.oval:def:25607

Oval ID:	oval:org.mitre.oval:def:25607
Title:	SUSE-SU-2013:0843-1 -- Security update for Mozilla Firefox
Description:	Mozilla Firefox has been updated to the 17.0.6ESR security release.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0843-1 CVE-2013-0788 CVE-2013-0800 CVE-2013-0799 CVE-2013-0797 CVE-2013-0796 CVE-2013-0795 CVE-2013-0794 CVE-2013-0793 CVE-2013-0792 CVE-2013-0791	Version:	3
Platform(s):	SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Desktop 10	Product(s):	Mozilla Firefox
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 10 is installed AND SUSE Linux Enterprise Desktop 10 is installed Packages match section MozillaFirefox RPM is earlier than 0:17.0.6esr-0.8.1 AND MozillaFirefox-translations RPM is earlier than 0:17.0.6esr-0.8.1

Definition Id: oval:org.mitre.oval:def:25646

Oval ID:	oval:org.mitre.oval:def:25646
Title:	SUSE-SU-2013:1325-1 -- Security update for Mozilla Firefox
Description:	This update to Firefox 17.0.8esr (bnc#833389) addresses: * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 (bmo#855331, bmo#844088, bmo#858060, bmo#870200, bmo#874974, bmo#861530, bmo#854157, bmo#893684, bmo#878703, bmo#862185, bmo#879139, bmo#888107, bmo#880734) Miscellaneous memory safety hazards have been fixed (rv:23.0 / rv:17.0.8): * MFSA 2013-66/CVE-2013-1706/CVE-2013-1707 (bmo#888314, bmo#888361) Buffer overflow in Mozilla Maintenance Service and Mozilla Updater * MFSA 2013-68/CVE-2013-1709 (bmo#848253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-71/CVE-2013-1712 (bmo#859072) Further Privilege escalation through Mozilla Updater * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541) Local Java applets may read contents of local file system
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1325-1 CVE-2013-1701 CVE-2013-1702 CVE-2013-1706 CVE-2013-1707 CVE-2013-1709 CVE-2013-1710 CVE-2013-1712 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	Mozilla Firefox
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section MozillaFirefox RPM is earlier than 0:17.0.8esr-0.7.2 AND MozillaFirefox-translations RPM is earlier than 0:17.0.8esr-0.7.2 AND MozillaFirefox RPM is earlier than 0:17.0.8esr-0.4.2.1 AND MozillaFirefox-translations RPM is earlier than 0:17.0.8esr-0.4.2.1

Definition Id: oval:org.mitre.oval:def:25842

Oval ID:	oval:org.mitre.oval:def:25842
Title:	SUSE-SU-2013:0842-1 -- Security update for Mozilla Firefox
Description:	Mozilla Firefox has been updated to the17.0.6ESR security release.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0842-1 CVE-2013-0788 CVE-2013-0800 CVE-2013-0799 CVE-2013-0797 CVE-2013-0796 CVE-2013-0795 CVE-2013-0794 CVE-2013-0793 CVE-2013-0792 CVE-2013-0791	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	Mozilla Firefox
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section MozillaFirefox RPM is earlier than 0:17.0.6esr-0.4.1 AND MozillaFirefox-translations RPM is earlier than 0:17.0.6esr-0.4.1

Definition Id: oval:org.mitre.oval:def:26035

Oval ID:	oval:org.mitre.oval:def:26035
Title:	SUSE-SU-2013:0645-1 -- Security update for Mozilla Firefox
Description:	MozillaFirefox has been updated to the 17.0.5ESR release fixing bugs and security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0645-1 CVE-2013-0788 CVE-2013-0789 CVE-2013-0790 CVE-2013-0800 CVE-2013-0799 CVE-2013-0798 CVE-2013-0797 CVE-2013-0796 CVE-2013-0795 CVE-2013-0794 CVE-2013-0792 CVE-2013-0791	Version:	5
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Desktop 11 SUSE Linux Enterprise Desktop 10	Product(s):	Mozilla Firefox
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section MozillaFirefox RPM is earlier than 0:17.0.5esr-0.4.1 AND MozillaFirefox-branding-SLED RPM is earlier than 0:7-0.6.9.17 AND MozillaFirefox-translations RPM is earlier than 0:17.0.5esr-0.4.1 AND libfreebl3 RPM is earlier than 0:3.14.3-0.4.3.1 AND mozilla-nspr RPM is earlier than 0:4.9.6-0.3.1 AND mozilla-nss RPM is earlier than 0:3.14.3-0.4.3.1 AND mozilla-nss-tools RPM is earlier than 0:3.14.3-0.4.3.1 AND libfreebl3-32bit RPM is earlier than 0:3.14.3-0.4.3.1 AND mozilla-nspr-32bit RPM is earlier than 0:4.9.6-0.3.1 AND mozilla-nss-32bit RPM is earlier than 0:3.14.3-0.4.3.1 AND SUSE Linux Enterprise Server 10 and SUSE Linux Enterprise Desktop 10 release section Operation system section SUSE Linux Enterprise Server 10 is installed AND SUSE Linux Enterprise Desktop 10 is installed Packages match section mozilla-nspr RPM is earlier than 0:4.9.6-0.5.1 AND mozilla-nspr-devel RPM is earlier than 0:4.9.6-0.5.1 AND mozilla-nss RPM is earlier than 0:3.14.3-0.5.1 AND mozilla-nss-devel RPM is earlier than 0:3.14.3-0.5.1 AND mozilla-nss-tools RPM is earlier than 0:3.14.3-0.5.1 AND MozillaFirefox RPM is earlier than 0:17.0.5esr-0.8.1 AND MozillaFirefox-branding-SLED RPM is earlier than 0:7-0.10.11 AND MozillaFirefox-translations RPM is earlier than 0:17.0.5esr-0.8.1 AND mozilla-nspr-32bit RPM is earlier than 0:4.9.6-0.5.1 AND mozilla-nss-32bit RPM is earlier than 0:3.14.3-0.5.1

Definition Id: oval:org.mitre.oval:def:26149

Oval ID:	oval:org.mitre.oval:def:26149
Title:	SUSE-SU-2013:0470-1 -- Security update for Mozilla Firefox
Description:	MozillaFirefox has been updated to the 17.0.4ESR release which fixes one important security issue: * MFSA 2013-29 / CVE-2013-0787: VUPEN Security, via TippingPoint's Zero Day Initiative, reported a use-after-free within the HTML editor when content script is run by the document.execCommand() function while internal editor operations are occurring. This could allow for arbitrary code execution. Security Issue reference: * CVE-2013-0787 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0787 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0470-1 CVE-2013-0787	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	Mozilla Firefox
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section MozillaFirefox RPM is earlier than 0:17.0.4esr-0.5.1 AND MozillaFirefox-translations RPM is earlier than 0:17.0.4esr-0.5.1

Definition Id: oval:org.mitre.oval:def:26212

Oval ID:	oval:org.mitre.oval:def:26212
Title:	SUSE-SU-2013:0471-1 -- Security update for Mozilla Firefox
Description:	MozillaFirefox has been updated to the 17.0.4ESR release. Besides the major version update from the 10ESR stable release line to the 17ESR stable release line, this update brings critical security and bugfixes.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0471-1 CVE-2013-0787 CVE-2013-0780 CVE-2013-0782 CVE-2013-0776 CVE-2013-0775 CVE-2013-0774 CVE-2013-0773 CVE-2013-0765 CVE-2013-0772 CVE-2013-0783	Version:	5
Platform(s):	SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Desktop 10	Product(s):	Mozilla Firefox
Definition Synopsis:
SUSE Linux Enterprise Server 10 and SUSE Linux Enterprise Desktop 10 release section Operation system section SUSE Linux Enterprise Server 10 is installed AND SUSE Linux Enterprise Desktop 10 is installed Packages match section mozilla-nspr RPM is earlier than 0:4.9.4-0.6.3 AND mozilla-nspr-devel RPM is earlier than 0:4.9.4-0.6.3 AND mozilla-nss RPM is earlier than 0:3.14.1-0.6.3 AND mozilla-nss-devel RPM is earlier than 0:3.14.1-0.6.3 AND mozilla-nss-tools RPM is earlier than 0:3.14.1-0.6.3 AND MozillaFirefox RPM is earlier than 0:17.0.4esr-0.7.1 AND MozillaFirefox-branding-SLED RPM is earlier than 0:7-0.10.4 AND MozillaFirefox-translations RPM is earlier than 0:17.0.4esr-0.7.1 AND mozilla-nspr-32bit RPM is earlier than 0:4.9.4-0.6.3 AND mozilla-nss-32bit RPM is earlier than 0:3.14.1-0.6.3 AND SUSE Linux Enterprise Desktop 10 release section SUSE Linux Enterprise Desktop 10 is installed AND mhtml-firefox RPM is earlier than 0:0.5-1.13.4

Definition Id: oval:org.mitre.oval:def:26541

Oval ID:	oval:org.mitre.oval:def:26541
Title:	DEPRECATED: ELSA-2013-1142 -- thunderbird security update (important)
Description:	[17.0.8-5.0.1.el6_4] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [17.0.8-5] - Update to 17.0.8 ESR - Added strict aliasing patch (mozbz#821502)
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-1142 CVE-2013-1701 CVE-2013-1709 CVE-2013-1710 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.8-5.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x AND thunderbird is earlier than 0:17.0.8-5.0.1.el6_4

Definition Id: oval:org.mitre.oval:def:26687

Oval ID:	oval:org.mitre.oval:def:26687
Title:	DEPRECATED: ELSA-2013-0614 -- xulrunner security update (critical)
Description:	[17.0.3-2.0.1.el6_4] - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNER_VERSION from SOURCE21 [17.0.3-2] - Added fix for #848644
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0614 CVE-2013-0787	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	xulrunner
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section xulrunner is earlier than 0:17.0.3-2.0.1.el5_9 AND xulrunner-devel is earlier than 0:17.0.3-2.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section xulrunner is earlier than 0:17.0.3-2.0.1.el6_4 AND xulrunner-devel is earlier than 0:17.0.3-2.0.1.el6_4

Definition Id: oval:org.mitre.oval:def:26956

Oval ID:	oval:org.mitre.oval:def:26956
Title:	DEPRECATED: ELSA-2013-0820 -- firefox security update (critical)
Description:	firefox [17.0.6-1.0.1.el6_4] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [17.0.6-1] - Update to 17.0.6 ESR [17.0.5-2] - Updated XulRunner check xulrunner [17.0.6-2.0.1.el6_4] - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNER_VERSION from SOURCE21 [17.0.6-2] - Update to 17.0.6 ESR [17.0.5-2] - Updated nss and nspr versions
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0820 CVE-2013-0801 CVE-2013-1670 CVE-2013-1674 CVE-2013-1675 CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section firefox is earlier than 0:17.0.6-1.0.1.el5_9 AND xulrunner is earlier than 0:17.0.6-1.0.1.el5_9 AND xulrunner-devel is earlier than 0:17.0.6-1.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section firefox is earlier than 0:17.0.6-1.0.1.el6_4 AND xulrunner is earlier than 0:17.0.6-2.0.1.el6_4 AND xulrunner-devel is earlier than 0:17.0.6-2.0.1.el6_4

Definition Id: oval:org.mitre.oval:def:27026

Oval ID:	oval:org.mitre.oval:def:27026
Title:	DEPRECATED: ELSA-2013-0696 -- firefox security update (critical)
Description:	firefox [17.0.5-1.0.1] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [17.0.5-1] - Update to 17.0.5 ESR xulrunner [17.0.5-1.0.1.el6_4] - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNER_VERSION from SOURCE21 [17.0.5-1] - Update to 17.0.5 ESR [17.0.3-3] - Added fix for rhbz#916180 - Wrong library directory reference in /usr/bin/xulrunner
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0696 CVE-2013-0796 CVE-2013-0800 CVE-2013-0795 CVE-2013-0788 CVE-2013-0793	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section firefox is earlier than 0:17.0.5-1.0.1.el5_9 AND xulrunner is earlier than 0:17.0.5-1.0.1.el5_9 AND xulrunner-devel is earlier than 0:17.0.5-1.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section firefox is earlier than 0:17.0.5-1.0.1.el6_4 AND xulrunner is earlier than 0:17.0.5-1.0.1.el6_4 AND xulrunner-devel is earlier than 0:17.0.5-1.0.1.el6_4

Definition Id: oval:org.mitre.oval:def:27256

Oval ID:	oval:org.mitre.oval:def:27256
Title:	DEPRECATED: ELSA-2013-1140 -- firefox security update (critical)
Description:	firefox [17.0.8-1.0.1.el6_4] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [17.0.8-1] - Update to 17.0.8 ESR xulrunner [17.0.8-3.0.1.el6_4] - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNER_VERSION from SOURCE21 [17.0.8-3] - Update to 17.0.8 ESR Build 2 [17.0.8-2] - Added fix for rhbz#990921 - firefox does not build with required nss/nspr [17.0.8-1] - Update to 17.0.8 ESR
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-1140 CVE-2013-1701 CVE-2013-1709 CVE-2013-1710 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section firefox is earlier than 0:17.0.8-1.0.1.el5_9 AND xulrunner is earlier than 0:17.0.8-3.0.1.el5_9 AND xulrunner-devel is earlier than 0:17.0.8-3.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section firefox is earlier than 0:17.0.8-1.0.1.el6_4 AND xulrunner is earlier than 0:17.0.8-3.0.1.el6_4 AND xulrunner-devel is earlier than 0:17.0.8-3.0.1.el6_4

Definition Id: oval:org.mitre.oval:def:27364

Oval ID:	oval:org.mitre.oval:def:27364
Title:	DEPRECATED: ELSA-2013-0697 -- thunderbird security update (important)
Description:	[17.0.5-1.0.1.el6_4] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [17.0.5-1] - Update to 17.0.5 ESR
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0697 CVE-2013-0800 CVE-2013-0796 CVE-2013-0788 CVE-2013-0795 CVE-2013-0793	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.5-1.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x AND thunderbird is earlier than 0:17.0.5-1.0.1.el6_4

Definition Id: oval:org.mitre.oval:def:27396

Oval ID:	oval:org.mitre.oval:def:27396
Title:	DEPRECATED: ELSA-2013-1269 -- thunderbird security update (important)
Description:	[17.0.9-1.0.1.el6_4] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [17.0.9-1] - Update to 17.0.9 ESR
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-1269 CVE-2013-1718 CVE-2013-1722 CVE-2013-1725 CVE-2013-1730 CVE-2013-1732 CVE-2013-1735 CVE-2013-1736 CVE-2013-1737	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.9-1.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x AND thunderbird is earlier than 0:17.0.9-1.0.1.el6_4

Definition Id: oval:org.mitre.oval:def:27401

Oval ID:	oval:org.mitre.oval:def:27401
Title:	DEPRECATED: ELSA-2013-1268 -- firefox security update (critical)
Description:	firefox [17.0.9-1.0.1.el6_4] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [17.0.9-1] - Update to 17.0.9 ESR [17.0.8-4] - Added fix for mozbz#601442 - Support the extensions.getAddons.showPane pref again in the Add-ons Manager UI, a part of rhbz#818636 fix. [17.0.8-3] - Fixed rhbz#818636 - Firefox allows install of addons, disregarding xpinstall.enabled flag set as false. [17.0.8-2] - Updated manual page xulrunner [17.0.9-1.0.1.el6_4] - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNER_VERSION from SOURCE21 [17.0.9-1] - Update to 17.0.9 ESR [17.0.8-5] - Fixed mozbz#633001 - Cannot open ipv6 address with self-signed certificate [17.0.8-4] - Fixed rhbz#818636 - Firefox allows install of addons, disregarding xpinstall.enabled flag set as false.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-1268 CVE-2013-1718 CVE-2013-1722 CVE-2013-1725 CVE-2013-1730 CVE-2013-1732 CVE-2013-1735 CVE-2013-1736 CVE-2013-1737	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section firefox is earlier than 0:17.0.9-1.0.1.el5_9 AND xulrunner is earlier than 0:17.0.9-1.0.1.el5_9 AND xulrunner-devel is earlier than 0:17.0.9-1.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section firefox is earlier than 0:17.0.9-1.0.1.el6_4 AND xulrunner is earlier than 0:17.0.9-1.0.1.el6_4 AND xulrunner-devel is earlier than 0:17.0.9-1.0.1.el6_4

Definition Id: oval:org.mitre.oval:def:27450

Oval ID:	oval:org.mitre.oval:def:27450
Title:	DEPRECATED: ELSA-2013-0144 -- firefox security update (critical)
Description:	firefox [10.0.12-1.0.1.el6_3] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [10.0.12-1] - Update to 10.0.12 ESR xulrunner [10.0.12-1.0.1.el6_3] - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [10.0.12-1] - Update to 10.0.12 ESR
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0144 CVE-2013-0744 CVE-2013-0746 CVE-2013-0748 CVE-2013-0750 CVE-2013-0753 CVE-2013-0754 CVE-2013-0758 CVE-2013-0759 CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 CVE-2013-0769	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section firefox is earlier than 0:10.0.12-1.0.1.el5_9 AND xulrunner is earlier than 0:10.0.12-1.0.1.el5_9 AND xulrunner-devel is earlier than 0:10.0.12-1.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section firefox is earlier than 0:10.0.12-1.0.1.el6_3 AND xulrunner is earlier than 0:10.0.12-1.0.1.el6_3 AND xulrunner-devel is earlier than 0:10.0.12-1.0.1.el6_3

Definition Id: oval:org.mitre.oval:def:27481

Oval ID:	oval:org.mitre.oval:def:27481
Title:	DEPRECATED: ELSA-2013-0821 -- thunderbird security update (important)
Description:	[17.0.6-2.0.1.el6_4] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [17.0.6-2] - Update to 17.0.6 ESR
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0821 CVE-2013-0801 CVE-2013-1670 CVE-2013-1674 CVE-2013-1675 CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.6-1.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x AND thunderbird is earlier than 0:17.0.6-2.0.1.el6_4

Definition Id: oval:org.mitre.oval:def:27532

Oval ID:	oval:org.mitre.oval:def:27532
Title:	DEPRECATED: ELSA-2013-0271 -- firefox security update (critical)
Description:	firefox [17.0.3-1.0.1] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [17.0.3-1] - Update to 17.0.3 ESR [17.0.2-4] - Added NM preferences [17.0.2-3] - Update to 17.0.2 ESR libproxy [0.3.0-4] - Rebuild against newer gecko xulrunner [17.0.3-1.0.2] - Increase release number and rebuild. [17.0.3-1.0.1] - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNER_VERSION from SOURCE21 [17.0.3-1] - Update to 17.0.3 ESR [17.0.2-5] - Fixed NetworkManager preferences - Added fix for NM regression (mozbz#791626) [17.0.2-2] - Added fix for rhbz#816234 - NFS fix [17.0.2-1] - Update to 17.0.2 ESR [17.0.1-3] - Update to 17.0.1 ESR [17.0-1] - Update to 17.0 ESR [17.0-0.6.b5] - Update to 17 Beta 5 - Updated fix for rhbz#872752 - embeded crash [17.0-0.5.b4] - Added fix for rhbz#872752 - embeded crash [17.0-0.4.b4] - Update to 17 Beta 4 [17.0-0.3.b3] - Update to 17 Beta 3 - Updated ppc(64) patch (mozbz#746112)
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0271 CVE-2013-0780 CVE-2013-0783 CVE-2013-0776 CVE-2013-0782 CVE-2013-0775	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	devhelp firefox xulrunner yelp libproxy
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section devhelp is earlier than 0:0.12-23.el5_9 AND firefox is earlier than 0:17.0.3-1.0.1.el5_9 AND xulrunner is earlier than 0:17.0.3-1.0.1.el5_9 AND yelp is earlier than 0:2.16.0-30.el5_9 AND devhelp-devel is earlier than 0:0.12-23.el5_9 AND xulrunner-devel is earlier than 0:17.0.3-1.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section firefox is earlier than 0:17.0.3-1.0.1.el6_3 AND libproxy is earlier than 0:0.3.0-4.el6_3 AND xulrunner is earlier than 0:17.0.3-1.0.2.el6_3 AND yelp is earlier than 0:2.28.1-17.el6_3 AND libproxy-bin is earlier than 0:0.3.0-4.el6_3 AND libproxy-devel is earlier than 0:0.3.0-4.el6_3 AND libproxy-gnome is earlier than 0:0.3.0-4.el6_3 AND libproxy-kde is earlier than 0:0.3.0-4.el6_3 AND libproxy-mozjs is earlier than 0:0.3.0-4.el6_3 AND libproxy-python is earlier than 0:0.3.0-4.el6_3 AND libproxy-webkit is earlier than 0:0.3.0-4.el6_3 AND xulrunner-devel is earlier than 0:17.0.3-1.0.2.el6_3

Definition Id: oval:org.mitre.oval:def:27536

Oval ID:	oval:org.mitre.oval:def:27536
Title:	DEPRECATED: ELSA-2013-0982 -- thunderbird security update (important)
Description:	[17.0.7-1.0.1.el6_4] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [17.0.7-1] - Update to 17.0.7 ESR
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0982 CVE-2013-1682 CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 CVE-2013-1687 CVE-2013-1690 CVE-2013-1692 CVE-2013-1693 CVE-2013-1694 CVE-2013-1697	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.7-1.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x AND thunderbird is earlier than 0:17.0.7-1.0.1.el6_4

Definition Id: oval:org.mitre.oval:def:27562

Oval ID:	oval:org.mitre.oval:def:27562
Title:	DEPRECATED: ELSA-2013-0272 -- thunderbird security update (critical)
Description:	[17.0.3-1.0.1.el6_3] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [17.0.3-1] - Update to 17.0.3 ESR [17.0.2-2] - Update to 17.0.2 ESR [17.0-2] - Update to 17.0 ESR [17.0b2-0.1] - Update to 17.0b2 [17.0b1-0.1] - Rebase to 17 beta 1
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0272 CVE-2013-0775 CVE-2013-0776 CVE-2013-0780 CVE-2013-0782 CVE-2013-0783	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.3-1.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x AND thunderbird is earlier than 0:17.0.3-1.0.1.el6_3

Definition Id: oval:org.mitre.oval:def:27607

Oval ID:	oval:org.mitre.oval:def:27607
Title:	DEPRECATED: ELSA-2013-0145 -- thunderbird security update (critical)
Description:	[10.0.12-3.0.1.el6_3] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [10.0.12-3] - Update to 10.0.12 ESR
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0145 CVE-2013-0744 CVE-2013-0746 CVE-2013-0748 CVE-2013-0750 CVE-2013-0753 CVE-2013-0754 CVE-2013-0758 CVE-2013-0759 CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 CVE-2013-0769	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x AND thunderbird is earlier than 0:10.0.12-3.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x AND thunderbird is earlier than 0:10.0.12-3.0.1.el6_3

Definition Id: oval:org.mitre.oval:def:27613

Oval ID:	oval:org.mitre.oval:def:27613
Title:	DEPRECATED: ELSA-2013-0981 -- firefox security update (critical)
Description:	firefox [17.0.7-1.0.1.el6_4] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [17.0.7-1] - Update to 17.0.7 ESR xulrunner [17.0.7-1.0.1.el6_4] - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNER_VERSION from SOURCE21 [17.0.7-1] - Update to 17.0.7 ESR [17.0.6-5] - Added workaround for rhbz#973721 - fixing problem with installation of some addons [17.0.6-4] - Added a workaround for rhbz#961687 - Prelink throws message 'Cannot safely convert .rel.dyn' section from REL to RELA' [17.0.6-3] - Added patch for aliasing issues (mozbz#821502)
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0981 CVE-2013-1682 CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 CVE-2013-1687 CVE-2013-1690 CVE-2013-1692 CVE-2013-1693 CVE-2013-1694 CVE-2013-1697	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	firefox xulrunner
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section firefox is earlier than 0:17.0.7-1.0.1.el5_9 AND xulrunner is earlier than 0:17.0.7-1.0.1.el5_9 AND xulrunner-devel is earlier than 0:17.0.7-1.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section firefox is earlier than 0:17.0.7-1.0.1.el6_4 AND xulrunner is earlier than 0:17.0.7-1.0.1.el6_4 AND xulrunner-devel is earlier than 0:17.0.7-1.0.1.el6_4

Definition Id: oval:org.mitre.oval:def:27638

Oval ID:	oval:org.mitre.oval:def:27638
Title:	DEPRECATED: ELSA-2013-0627 -- thunderbird security update (important)
Description:	[17.0.3-2.0.1.el6_4] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [17.0.3-2] - Added fix for #848644
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0627 CVE-2013-0787	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	thunderbird
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x AND thunderbird is earlier than 0:17.0.3-2.0.1.el5_9 AND Oracle Linux 6 release section Oracle Linux 6.x AND thunderbird is earlier than 0:17.0.3-2.0.1.el6_4

CPE : Common Platform Enumeration

Type	Description	Count
Application	Mozilla Firefox cpe:2.3:a:mozilla:firefox:23.0.1:::::::* cpe:2.3:a:mozilla:firefox:23.0:::::::* cpe:2.3:a:mozilla:firefox:22.0:::::-:: cpe:2.3:a:mozilla:firefox:21.0:::::-:: cpe:2.3:a:mozilla:firefox:20.0.1:::::::* cpe:2.3:a:mozilla:firefox:20.0:::::::* cpe:2.3:a:mozilla:firefox:20.0:alpha1:::::: cpe:2.3:a:mozilla:firefox:19.0.2:::::::* cpe:2.3:a:mozilla:firefox:19.0.1:::::::* cpe:2.3:a:mozilla:firefox:19.0:::::-:: cpe:2.3:a:mozilla:firefox:18.0.2:::::::* cpe:2.3:a:mozilla:firefox:18.0.1:::::::* cpe:2.3:a:mozilla:firefox:18.0:::::-:: cpe:2.3:a:mozilla:firefox:17.0.9:::::::* cpe:2.3:a:mozilla:firefox:17.0.8:::::::* cpe:2.3:a:mozilla:firefox:17.0.7:::::::* cpe:2.3:a:mozilla:firefox:17.0.6:::::::* cpe:2.3:a:mozilla:firefox:17.0.5:::::::* cpe:2.3:a:mozilla:firefox:17.0.4:::::::* cpe:2.3:a:mozilla:firefox:17.0.3:::::::* cpe:2.3:a:mozilla:firefox:17.0.2:::::::* cpe:2.3:a:mozilla:firefox:17.0.11:::::::* cpe:2.3:a:mozilla:firefox:17.0.10:::::::* cpe:2.3:a:mozilla:firefox:17.0.1:::::::* cpe:2.3:a:mozilla:firefox:17.0:::::-:: cpe:2.3:a:mozilla:firefox:16.0.2:::::::* cpe:2.3:a:mozilla:firefox:16.0.1:::::::* cpe:2.3:a:mozilla:firefox:16.0:::::-:: cpe:2.3:a:mozilla:firefox:15.0.1:::::::* cpe:2.3:a:mozilla:firefox:15.0:::::-:: cpe:2.3:a:mozilla:firefox:14.0.1:::::::* cpe:2.3:a:mozilla:firefox:14.0:::::-:: cpe:2.3:a:mozilla:firefox:13.0.1:::::::* cpe:2.3:a:mozilla:firefox:13.0:::::::* cpe:2.3:a:mozilla:firefox:12.0:-:::::: cpe:2.3:a:mozilla:firefox:12.0:beta6:::::: cpe:2.3:a:mozilla:firefox:11.0:::::::* cpe:2.3:a:mozilla:firefox:10.0.9:::::::* cpe:2.3:a:mozilla:firefox:10.0.8:::::::* cpe:2.3:a:mozilla:firefox:10.0.7:::::::* cpe:2.3:a:mozilla:firefox:10.0.6:::::::* cpe:2.3:a:mozilla:firefox:10.0.5:::::::* cpe:2.3:a:mozilla:firefox:10.0.4:::::::* cpe:2.3:a:mozilla:firefox:10.0.3:::::::* cpe:2.3:a:mozilla:firefox:10.0.2:::::::* cpe:2.3:a:mozilla:firefox:10.0.12:::::::* cpe:2.3:a:mozilla:firefox:10.0.11:::::::* cpe:2.3:a:mozilla:firefox:10.0.10:::::::* cpe:2.3:a:mozilla:firefox:10.0.1:::::::* cpe:2.3:a:mozilla:firefox:10.0:::::::* cpe:2.3:a:mozilla:firefox:9.0.1:::::::* cpe:2.3:a:mozilla:firefox:9.0:::::::* cpe:2.3:a:mozilla:firefox:8.0.1:::::::* cpe:2.3:a:mozilla:firefox:8.0:::::::* cpe:2.3:a:mozilla:firefox:7.0.1:::::::* cpe:2.3:a:mozilla:firefox:7.0:::::::* cpe:2.3:a:mozilla:firefox:6.0.2:::::::* cpe:2.3:a:mozilla:firefox:6.0.1:::::::* cpe:2.3:a:mozilla:firefox:6.0:::::::* cpe:2.3:a:mozilla:firefox:5.0.1:::::::* cpe:2.3:a:mozilla:firefox:5.0:::::::* cpe:2.3:a:mozilla:firefox:4.0.1:::::::* cpe:2.3:a:mozilla:firefox:4.0:beta1:::::: cpe:2.3:a:mozilla:firefox:4.0:beta6:::::: cpe:2.3:a:mozilla:firefox:4.0:beta3:::::: cpe:2.3:a:mozilla:firefox:4.0:beta5:::::: cpe:2.3:a:mozilla:firefox:4.0:beta4:::::: cpe:2.3:a:mozilla:firefox:4.0:beta2:::::: cpe:2.3:a:mozilla:firefox:4.0:beta12:::::: cpe:2.3:a:mozilla:firefox:4.0:-:::::: cpe:2.3:a:mozilla:firefox:4.0:beta11:::::: cpe:2.3:a:mozilla:firefox:4.0:beta10:::::: cpe:2.3:a:mozilla:firefox:4.0:beta7:::::: cpe:2.3:a:mozilla:firefox:4.0:beta8:::::: cpe:2.3:a:mozilla:firefox:4.0:beta9:::::: cpe:2.3:a:mozilla:firefox:3.7:a1_pre:::::: cpe:2.3:a:mozilla:firefox:3.7:alpha1:::::: cpe:2.3:a:mozilla:firefox:3.7:alpha2:::::: cpe:2.3:a:mozilla:firefox:3.7:a1_prerelease:::::: cpe:2.3:a:mozilla:firefox:3.6.9:::::::* cpe:2.3:a:mozilla:firefox:3.6.8:::::::* cpe:2.3:a:mozilla:firefox:3.6.7:::::::* cpe:2.3:a:mozilla:firefox:3.6.6:::::::* cpe:2.3:a:mozilla:firefox:3.6.4:::::::* cpe:2.3:a:mozilla:firefox:3.6.3:::::::* cpe:2.3:a:mozilla:firefox:3.6.28:::::::* cpe:2.3:a:mozilla:firefox:3.6.27:::::::* cpe:2.3:a:mozilla:firefox:3.6.26:::::::* cpe:2.3:a:mozilla:firefox:3.6.25:::::::* cpe:2.3:a:mozilla:firefox:3.6.24:::::::* cpe:2.3:a:mozilla:firefox:3.6.23:::::::* cpe:2.3:a:mozilla:firefox:3.6.22:::::::* cpe:2.3:a:mozilla:firefox:3.6.21:::::::* cpe:2.3:a:mozilla:firefox:3.6.20:::::::* cpe:2.3:a:mozilla:firefox:3.6.2:::::::* cpe:2.3:a:mozilla:firefox:3.6.19:::::::* cpe:2.3:a:mozilla:firefox:3.6.18:::::::* cpe:2.3:a:mozilla:firefox:3.6.17:::::::* cpe:2.3:a:mozilla:firefox:3.6.16:::::::* cpe:2.3:a:mozilla:firefox:3.6.15:::::::* cpe:2.3:a:mozilla:firefox:3.6.14:::::::* cpe:2.3:a:mozilla:firefox:3.6.13:::::::* cpe:2.3:a:mozilla:firefox:3.6.12:::::::* cpe:2.3:a:mozilla:firefox:3.6.11:::::::* cpe:2.3:a:mozilla:firefox:3.6.10:::::::* cpe:2.3:a:mozilla:firefox:3.6.1:::::::* cpe:2.3:a:mozilla:firefox:3.6:::::::* cpe:2.3:a:mozilla:firefox:3.6:a1_pre:::::: cpe:2.3:a:mozilla:firefox:3.6:a1:-:linux:::: cpe:2.3:a:mozilla:firefox:3.6:beta2:::::: cpe:2.3:a:mozilla:firefox:3.6:beta1:::::: cpe:2.3:a:mozilla:firefox:3.6:a1::linux::::* cpe:2.3:a:mozilla:firefox:3.6:a1:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.6:a1:::::: cpe:2.3:a:mozilla:firefox:3.6:a1_prerelease:::::: cpe:2.3:a:mozilla:firefox:3.5.9:::::::* cpe:2.3:a:mozilla:firefox:3.5.8:::::::* cpe:2.3:a:mozilla:firefox:3.5.7:::::::* cpe:2.3:a:mozilla:firefox:3.5.6:::::::* cpe:2.3:a:mozilla:firefox:3.5.5:::::::* cpe:2.3:a:mozilla:firefox:3.5.4:::::::* cpe:2.3:a:mozilla:firefox:3.5.3:::::::* cpe:2.3:a:mozilla:firefox:3.5.2:::::::* cpe:2.3:a:mozilla:firefox:3.5.2:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.5.2::linux::::: cpe:2.3:a:mozilla:firefox:3.5.2::~~~linux~~::::: cpe:2.3:a:mozilla:firefox:3.5.2:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.5.19:::::::* cpe:2.3:a:mozilla:firefox:3.5.18:::::::* cpe:2.3:a:mozilla:firefox:3.5.17:::::::* cpe:2.3:a:mozilla:firefox:3.5.16:::::::* cpe:2.3:a:mozilla:firefox:3.5.15:::::::* cpe:2.3:a:mozilla:firefox:3.5.14:::::::* cpe:2.3:a:mozilla:firefox:3.5.13:::::::* cpe:2.3:a:mozilla:firefox:3.5.12:::::::* cpe:2.3:a:mozilla:firefox:3.5.11:::::::* cpe:2.3:a:mozilla:firefox:3.5.10:::::::* cpe:2.3:a:mozilla:firefox:3.5.1:::::::* cpe:2.3:a:mozilla:firefox:3.5.1:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.5.1:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.5:::::::* cpe:2.3:a:mozilla:firefox:3.5:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.5:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.2:beta2:::::: cpe:2.3:a:mozilla:firefox:3.2:beta3:::::: cpe:2.3:a:mozilla:firefox:3.2:beta1:::::: cpe:2.3:a:mozilla:firefox:3.1:beta1:::::: cpe:2.3:a:mozilla:firefox:3.0beta5:::::::* cpe:2.3:a:mozilla:firefox:3.0.9:::::::* cpe:2.3:a:mozilla:firefox:3.0.9:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.9:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.8:::::::* cpe:2.3:a:mozilla:firefox:3.0.8:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.8:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.7:::::::* cpe:2.3:a:mozilla:firefox:3.0.7:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.7:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.6:::::::* cpe:2.3:a:mozilla:firefox:3.0.6:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.6:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.5:::::::* cpe:2.3:a:mozilla:firefox:3.0.5:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.5:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.4:::::::* cpe:2.3:a:mozilla:firefox:3.0.4:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.4:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.3:::::::* cpe:2.3:a:mozilla:firefox:3.0.3:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.3:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.2:::::::* cpe:2.3:a:mozilla:firefox:3.0.2:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.2:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.19:::::::* cpe:2.3:a:mozilla:firefox:3.0.18:::::::* cpe:2.3:a:mozilla:firefox:3.0.17:::::::* cpe:2.3:a:mozilla:firefox:3.0.16:::::::* cpe:2.3:a:mozilla:firefox:3.0.15:::::::* cpe:2.3:a:mozilla:firefox:3.0.14:::::::* cpe:2.3:a:mozilla:firefox:3.0.13:::::::* cpe:2.3:a:mozilla:firefox:3.0.13:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.13:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.12:::::::* cpe:2.3:a:mozilla:firefox:3.0.12:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.12:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.11:::::::* cpe:2.3:a:mozilla:firefox:3.0.11:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.11:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.10:::::::* cpe:2.3:a:mozilla:firefox:3.0.10:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.10:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.1:::::::* cpe:2.3:a:mozilla:firefox:3.0.1:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.1:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0:-:::::: cpe:2.3:a:mozilla:firefox:3.0:alpha:::::: cpe:2.3:a:mozilla:firefox:3.0:beta5:::::: cpe:2.3:a:mozilla:firefox:3.0:beta2:::::: cpe:2.3:a:mozilla:firefox:3.0:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.9:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.9:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.9:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.8:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.8:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.8:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.7:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.7:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.7:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.6:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.6:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.6:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.5:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.5:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.5:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.4:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.4:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.4:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.3:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.3:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.3:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.21:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.20:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.20:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.20:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.2:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.2:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.2:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.19:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.19:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.19:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.18:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.18:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.18:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.17:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.17:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.17:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.16:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.16:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.16:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.15:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.15:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.15:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.14:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.14:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.14:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.13:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.13:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.13:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.12:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.12:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.12:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.11:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.11:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.11:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.10:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.10:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.10:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.1:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.1:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.1:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0_8:::::::* cpe:2.3:a:mozilla:firefox:2.0_.9:::::::* cpe:2.3:a:mozilla:firefox:2.0_.7:::::::* cpe:2.3:a:mozilla:firefox:2.0_.6:::::::* cpe:2.3:a:mozilla:firefox:2.0_.5:::::::* cpe:2.3:a:mozilla:firefox:2.0_.4:::::::* cpe:2.3:a:mozilla:firefox:2.0_.10:::::::* cpe:2.3:a:mozilla:firefox:2.0_.1:::::::* cpe:2.3:a:mozilla:firefox:2.0:::::::* cpe:2.3:a:mozilla:firefox:2.0:beta1:::::: cpe:2.3:a:mozilla:firefox:2.0:beta_1:::::: cpe:2.3:a:mozilla:firefox:2.0:rc3:::::: cpe:2.3:a:mozilla:firefox:2.0:rc2:::::: cpe:2.3:a:mozilla:firefox:2.0:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:1.8:::::::* cpe:2.3:a:mozilla:firefox:1.5.8:::::::* cpe:2.3:a:mozilla:firefox:1.5.7:::::::* cpe:2.3:a:mozilla:firefox:1.5.6:::::::* cpe:2.3:a:mozilla:firefox:1.5.5:::::::* cpe:2.3:a:mozilla:firefox:1.5.4:::::::* cpe:2.3:a:mozilla:firefox:1.5.3:::::::* cpe:2.3:a:mozilla:firefox:1.5.2:::::::* cpe:2.3:a:mozilla:firefox:1.5.1:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.9:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.8:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.7:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.6:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.5:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.4:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.3:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.2:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.12:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.11:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.10:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::* cpe:2.3:a:mozilla:firefox:1.5:-:::::: cpe:2.3:a:mozilla:firefox:1.5:beta2:::::: cpe:2.3:a:mozilla:firefox:1.5:beta1:::::: cpe:2.3:a:mozilla:firefox:1.4.1:::::::* cpe:2.3:a:mozilla:firefox:1.0.8:::::::* cpe:2.3:a:mozilla:firefox:1.0.7:::::::* cpe:2.3:a:mozilla:firefox:1.0.6:::::::* cpe:2.3:a:mozilla:firefox:1.0.6::linux::::: cpe:2.3:a:mozilla:firefox:1.0.5:::::::* cpe:2.3:a:mozilla:firefox:1.0.4:::::::* cpe:2.3:a:mozilla:firefox:1.0.3:::::::* cpe:2.3:a:mozilla:firefox:1.0.2:::::::* cpe:2.3:a:mozilla:firefox:1.0.1:::::::* cpe:2.3:a:mozilla:firefox:1.0:preview_release:::::: cpe:2.3:a:mozilla:firefox:1.0:-:::::: cpe:2.3:a:mozilla:firefox:0.9.3:::::::* cpe:2.3:a:mozilla:firefox:0.9.2:::::::* cpe:2.3:a:mozilla:firefox:0.9.1:::::::* cpe:2.3:a:mozilla:firefox:0.9_rc:::::::* cpe:2.3:a:mozilla:firefox:0.9:rc:::::: cpe:2.3:a:mozilla:firefox:0.9:::::::* cpe:2.3:a:mozilla:firefox:0.8:::::::* cpe:2.3:a:mozilla:firefox:0.7.1:::::::* cpe:2.3:a:mozilla:firefox:0.7:::::::* cpe:2.3:a:mozilla:firefox:0.6.1:::::::* cpe:2.3:a:mozilla:firefox:0.6:::::::* cpe:2.3:a:mozilla:firefox:0.5:::::::* cpe:2.3:a:mozilla:firefox:0.4:::::::* cpe:2.3:a:mozilla:firefox:0.3:::::::* cpe:2.3:a:mozilla:firefox:0.2:::::::* cpe:2.3:a:mozilla:firefox:0.10.1:::::::* cpe:2.3:a:mozilla:firefox:0.10:::::::* cpe:2.3:a:mozilla:firefox:0.1:::::::* cpe:2.3:a:mozilla:firefox:::::::: cpe:2.3:a:mozilla:firefox:::::::x86:* cpe:2.3:a:mozilla:firefox::::::x86::* cpe:2.3:a:mozilla:firefox::::::iphone_os::* cpe:2.3:a:mozilla:firefox::::::-::* cpe:2.3:a:mozilla:firefox::::::android::* cpe:2.3:a:mozilla:firefox:::::android:::* cpe:2.3:a:mozilla:firefox:-:::::::* cpe:2.3:a:mozilla:firefox:-:::::iphone_os::	338
Application	Mozilla Firefox Esr cpe:2.3:a:mozilla:firefox_esr:17.0.8:::::::* cpe:2.3:a:mozilla:firefox_esr:17.0.7:::::::* cpe:2.3:a:mozilla:firefox_esr:17.0.6:::::::* cpe:2.3:a:mozilla:firefox_esr:17.0.5:::::::* cpe:2.3:a:mozilla:firefox_esr:17.0.4:::::::* cpe:2.3:a:mozilla:firefox_esr:17.0.3:::::::* cpe:2.3:a:mozilla:firefox_esr:17.0.2:::::::* cpe:2.3:a:mozilla:firefox_esr:17.0.1:::::::* cpe:2.3:a:mozilla:firefox_esr:17.0:::::::* cpe:2.3:a:mozilla:firefox_esr:10.2:::::::* cpe:2.3:a:mozilla:firefox_esr:10.1:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0.9:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0.8:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0.7:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0.6:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0.5:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0.4:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0.3:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0.2:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0.12:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0.11:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0.10:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0.1:::::::* cpe:2.3:a:mozilla:firefox_esr:10.0:::::::* cpe:2.3:a:mozilla:firefox_esr:::::::: cpe:2.3:a:mozilla:firefox_esr:::::::x86:* cpe:2.3:a:mozilla:firefox_esr:-:::::::*	27
Application	Mozilla Network Security Services cpe:2.3:a:mozilla:network_security_services:3.9.5:::::::* cpe:2.3:a:mozilla:network_security_services:3.9.4:::::::* cpe:2.3:a:mozilla:network_security_services:3.9.3:::::::* cpe:2.3:a:mozilla:network_security_services:3.9.2:::::::* cpe:2.3:a:mozilla:network_security_services:3.9.1:::::::* cpe:2.3:a:mozilla:network_security_services:3.9:::::::* cpe:2.3:a:mozilla:network_security_services:3.8:::::::* cpe:2.3:a:mozilla:network_security_services:3.7.7:::::::* cpe:2.3:a:mozilla:network_security_services:3.7.5:::::::* cpe:2.3:a:mozilla:network_security_services:3.7.3:::::::* cpe:2.3:a:mozilla:network_security_services:3.7.2:::::::* cpe:2.3:a:mozilla:network_security_services:3.7.1:::::::* cpe:2.3:a:mozilla:network_security_services:3.7:::::::* cpe:2.3:a:mozilla:network_security_services:3.6.1:::::::* cpe:2.3:a:mozilla:network_security_services:3.6:::::::* cpe:2.3:a:mozilla:network_security_services:3.5:::::::* cpe:2.3:a:mozilla:network_security_services:3.4.3:::::::* cpe:2.3:a:mozilla:network_security_services:3.4.2:::::::* cpe:2.3:a:mozilla:network_security_services:3.4.1:::::::* cpe:2.3:a:mozilla:network_security_services:3.4:::::::* cpe:2.3:a:mozilla:network_security_services:3.3.2:::::::* cpe:2.3:a:mozilla:network_security_services:3.3.1:::::::* cpe:2.3:a:mozilla:network_security_services:3.3:::::::* cpe:2.3:a:mozilla:network_security_services:3.2.1:::::::* cpe:2.3:a:mozilla:network_security_services:3.2:::::::* cpe:2.3:a:mozilla:network_security_services:3.14.5:::::::* cpe:2.3:a:mozilla:network_security_services:3.14.4:::::::* cpe:2.3:a:mozilla:network_security_services:3.14.3:::::::* cpe:2.3:a:mozilla:network_security_services:3.14.2:::::::* cpe:2.3:a:mozilla:network_security_services:3.14.1:::::::* cpe:2.3:a:mozilla:network_security_services:3.14:::::::* cpe:2.3:a:mozilla:network_security_services:3.12.9:::::::* cpe:2.3:a:mozilla:network_security_services:3.12.8:::::::* cpe:2.3:a:mozilla:network_security_services:3.12.7:::::::* cpe:2.3:a:mozilla:network_security_services:3.12.6:::::::* cpe:2.3:a:mozilla:network_security_services:3.12.5:::::::* cpe:2.3:a:mozilla:network_security_services:3.12.4:::::::* cpe:2.3:a:mozilla:network_security_services:3.12.3.2:::::::* cpe:2.3:a:mozilla:network_security_services:3.12.3.1:::::::* cpe:2.3:a:mozilla:network_security_services:3.12.3:::::::* cpe:2.3:a:mozilla:network_security_services:3.12.2:::::::* cpe:2.3:a:mozilla:network_security_services:3.12.11:::::::* cpe:2.3:a:mozilla:network_security_services:3.12.10:::::::* cpe:2.3:a:mozilla:network_security_services:3.12.1:::::::* cpe:2.3:a:mozilla:network_security_services:3.12:::::::* cpe:2.3:a:mozilla:network_security_services:3.11.9:::::::* cpe:2.3:a:mozilla:network_security_services:3.11.8:::::::* cpe:2.3:a:mozilla:network_security_services:3.11.7:::::::* cpe:2.3:a:mozilla:network_security_services:3.11.6:::::::* cpe:2.3:a:mozilla:network_security_services:3.11.5:::::::* cpe:2.3:a:mozilla:network_security_services:3.11.4:::::::* cpe:2.3:a:mozilla:network_security_services:3.11.3:::::::* cpe:2.3:a:mozilla:network_security_services:3.11.2:::::::* cpe:2.3:a:mozilla:network_security_services:3.11.10:::::::* cpe:2.3:a:mozilla:network_security_services:3.11.1:::::::* cpe:2.3:a:mozilla:network_security_services:3.11:::::::* cpe:2.3:a:mozilla:network_security_services:3.10.2:::::::* cpe:2.3:a:mozilla:network_security_services:3.10.1:::::::* cpe:2.3:a:mozilla:network_security_services:3.10:::::::* cpe:2.3:a:mozilla:network_security_services:3.1.1:::::::* cpe:2.3:a:mozilla:network_security_services:3.1:::::::* cpe:2.3:a:mozilla:network_security_services:::::::: cpe:2.3:a:mozilla:network_security_services:-:::::::*	63
Application	Mozilla Seamonkey cpe:2.3:a:mozilla:seamonkey:2.9.1:::::::* cpe:2.3:a:mozilla:seamonkey:2.9:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.9:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.9:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.9:::::::* cpe:2.3:a:mozilla:seamonkey:2.9:beta4:::::: cpe:2.3:a:mozilla:seamonkey:2.8:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.8:beta5:::::: cpe:2.3:a:mozilla:seamonkey:2.8:beta4:::::: cpe:2.3:a:mozilla:seamonkey:2.8:beta6:::::: cpe:2.3:a:mozilla:seamonkey:2.8:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.8:::::::* cpe:2.3:a:mozilla:seamonkey:2.8:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.7.2:::::::* cpe:2.3:a:mozilla:seamonkey:2.7.1:::::::* cpe:2.3:a:mozilla:seamonkey:2.7:beta5:::::: cpe:2.3:a:mozilla:seamonkey:2.7:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.7:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.7:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.7:::::::* cpe:2.3:a:mozilla:seamonkey:2.7:beta4:::::: cpe:2.3:a:mozilla:seamonkey:2.6.1:::::::* cpe:2.3:a:mozilla:seamonkey:2.6:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.6:::::::* cpe:2.3:a:mozilla:seamonkey:2.6:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.6:beta4:::::: cpe:2.3:a:mozilla:seamonkey:2.6:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.5:::::::* cpe:2.3:a:mozilla:seamonkey:2.5:beta4:::::: cpe:2.3:a:mozilla:seamonkey:2.5:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.5:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.5:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.4.1:::::::* cpe:2.3:a:mozilla:seamonkey:2.4:::::::* cpe:2.3:a:mozilla:seamonkey:2.4:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.4:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.4:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.3.3:::::::* cpe:2.3:a:mozilla:seamonkey:2.3.2:::::::* cpe:2.3:a:mozilla:seamonkey:2.3.1:::::::* cpe:2.3:a:mozilla:seamonkey:2.3:::::::* cpe:2.3:a:mozilla:seamonkey:2.3:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.3:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.3:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.20:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.20:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.20:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.20:::::::* cpe:2.3:a:mozilla:seamonkey:2.2:::::::* cpe:2.3:a:mozilla:seamonkey:2.2:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.2:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.2:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.19:::::::* cpe:2.3:a:mozilla:seamonkey:2.19:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.19:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.18:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.18:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.18:beta4:::::: cpe:2.3:a:mozilla:seamonkey:2.18:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.17.1:::::::* cpe:2.3:a:mozilla:seamonkey:2.17:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.17:beta4:::::: cpe:2.3:a:mozilla:seamonkey:2.17:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.17:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.17:::::::* cpe:2.3:a:mozilla:seamonkey:2.16.2:::::::* cpe:2.3:a:mozilla:seamonkey:2.16.1:::::::* cpe:2.3:a:mozilla:seamonkey:2.16:beta5:::::: cpe:2.3:a:mozilla:seamonkey:2.16:beta4:::::: cpe:2.3:a:mozilla:seamonkey:2.16:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.16:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.16:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.16:beta6:::::: cpe:2.3:a:mozilla:seamonkey:2.16:::::::* cpe:2.3:a:mozilla:seamonkey:2.15.2:::::::* cpe:2.3:a:mozilla:seamonkey:2.15.1:::::::* cpe:2.3:a:mozilla:seamonkey:2.15:beta5:::::: cpe:2.3:a:mozilla:seamonkey:2.15:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.15:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.15:beta4:::::: cpe:2.3:a:mozilla:seamonkey:2.15:beta6:::::: cpe:2.3:a:mozilla:seamonkey:2.15:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.15:::::::* cpe:2.3:a:mozilla:seamonkey:2.14.1:::::::* cpe:2.3:a:mozilla:seamonkey:2.14:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.14:beta5:::::: cpe:2.3:a:mozilla:seamonkey:2.14:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.14:beta4:::::: cpe:2.3:a:mozilla:seamonkey:2.14:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.14:::::::* cpe:2.3:a:mozilla:seamonkey:2.13.2:::::::* cpe:2.3:a:mozilla:seamonkey:2.13.1:::::::* cpe:2.3:a:mozilla:seamonkey:2.13:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.13:beta4:::::: cpe:2.3:a:mozilla:seamonkey:2.13:beta5:::::: cpe:2.3:a:mozilla:seamonkey:2.13:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.13:beta6:::::: cpe:2.3:a:mozilla:seamonkey:2.13:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.13:::::::* cpe:2.3:a:mozilla:seamonkey:2.12.1:::::::* cpe:2.3:a:mozilla:seamonkey:2.12:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.12:beta6:::::: cpe:2.3:a:mozilla:seamonkey:2.12:beta5:::::: cpe:2.3:a:mozilla:seamonkey:2.12:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.12:beta4:::::: cpe:2.3:a:mozilla:seamonkey:2.12:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.12:::::::* cpe:2.3:a:mozilla:seamonkey:2.11:::::::* cpe:2.3:a:mozilla:seamonkey:2.11:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.11:beta4:::::: cpe:2.3:a:mozilla:seamonkey:2.11:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.11:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.11:beta6:::::: cpe:2.3:a:mozilla:seamonkey:2.11:beta5:::::: cpe:2.3:a:mozilla:seamonkey:2.10.1:::::::* cpe:2.3:a:mozilla:seamonkey:2.10:::::::* cpe:2.3:a:mozilla:seamonkey:2.10:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.10:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.10:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:::::: cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:::::: cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:::::: cpe:2.3:a:mozilla:seamonkey:2.1:beta3:::::: cpe:2.3:a:mozilla:seamonkey:2.1:rc1:::::: cpe:2.3:a:mozilla:seamonkey:2.1:rc2:::::: cpe:2.3:a:mozilla:seamonkey:2.1:beta1:::::: cpe:2.3:a:mozilla:seamonkey:2.1:::::::* cpe:2.3:a:mozilla:seamonkey:2.1:beta2:::::: cpe:2.3:a:mozilla:seamonkey:2.0a1pre:::::::* cpe:2.3:a:mozilla:seamonkey:2.0a1::pre::::: cpe:2.3:a:mozilla:seamonkey:2.0.9:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.8:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.7:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.6:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.5:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.4:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.3:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.2:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.14:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.13:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.12:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.11:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.10:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.1:::::::* cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:::::: cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:::::: cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:::::: cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:::::: cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:::::: cpe:2.3:a:mozilla:seamonkey:2.0:rc2:::::: cpe:2.3:a:mozilla:seamonkey:2.0:rc1:::::: cpe:2.3:a:mozilla:seamonkey:2.0:::::::* cpe:2.3:a:mozilla:seamonkey:2.:beta3:::::: cpe:2.3:a:mozilla:seamonkey:1.5.0.9:::::::* cpe:2.3:a:mozilla:seamonkey:1.5.0.8:::::::* cpe:2.3:a:mozilla:seamonkey:1.5.0.10:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.9:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.8:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.7:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.6:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.5:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.5:1.1.10:::::: cpe:2.3:a:mozilla:seamonkey:1.1.4:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.3:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.2:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.19:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.18:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.17:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.16:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.15:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.14:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.13:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.12:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.11:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.10:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.1:::::::* cpe:2.3:a:mozilla:seamonkey:1.1:beta:::::: cpe:2.3:a:mozilla:seamonkey:1.1:alpha:::::: cpe:2.3:a:mozilla:seamonkey:1.1:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.99:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.9:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.8:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.7:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.6:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.5:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.4:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.3:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.2:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.1:::::::* cpe:2.3:a:mozilla:seamonkey:1.0:alpha:::::: cpe:2.3:a:mozilla:seamonkey:1.0:beta:::::: cpe:2.3:a:mozilla:seamonkey:1.0:::::::* cpe:2.3:a:mozilla:seamonkey:1.0::dev::::: cpe:2.3:a:mozilla:seamonkey:1.0::alpha::::: cpe:2.3:a:mozilla:seamonkey:1.0::beta::::: cpe:2.3:a:mozilla:seamonkey:::::::: cpe:2.3:a:mozilla:seamonkey:-:::::::*	197
Application	Mozilla Thunderbird cpe:2.3:a:mozilla:thunderbird:17.0.8:::::::* cpe:2.3:a:mozilla:thunderbird:17.0.7:::::::* cpe:2.3:a:mozilla:thunderbird:17.0.6:::::::* cpe:2.3:a:mozilla:thunderbird:17.0.5:::::::* cpe:2.3:a:mozilla:thunderbird:17.0.4:::::::* cpe:2.3:a:mozilla:thunderbird:17.0.3:::::::* cpe:2.3:a:mozilla:thunderbird:17.0.2:::::::* cpe:2.3:a:mozilla:thunderbird:17.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:17.0:::::::* cpe:2.3:a:mozilla:thunderbird:17.0:beta1:::::: cpe:2.3:a:mozilla:thunderbird:17.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:17.0:beta3:::::: cpe:2.3:a:mozilla:thunderbird:16.0.2:::::::* cpe:2.3:a:mozilla:thunderbird:16.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:16.0:::::::* cpe:2.3:a:mozilla:thunderbird:16.0:beta1:::::: cpe:2.3:a:mozilla:thunderbird:16.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:16.0:beta3:::::: cpe:2.3:a:mozilla:thunderbird:16.0:beta4:::::: cpe:2.3:a:mozilla:thunderbird:15.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:15.0:::::::* cpe:2.3:a:mozilla:thunderbird:15.0:beta1:::::: cpe:2.3:a:mozilla:thunderbird:15.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:15.0:beta3:::::: cpe:2.3:a:mozilla:thunderbird:15.0:beta4:::::: cpe:2.3:a:mozilla:thunderbird:15.0:beta5:::::: cpe:2.3:a:mozilla:thunderbird:14.0:::::::* cpe:2.3:a:mozilla:thunderbird:14.0:beta1:::::: cpe:2.3:a:mozilla:thunderbird:14.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:14.0:beta3:::::: cpe:2.3:a:mozilla:thunderbird:14.0:beta4:::::: cpe:2.3:a:mozilla:thunderbird:14.0:beta5:::::: cpe:2.3:a:mozilla:thunderbird:13.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:13.0:::::::* cpe:2.3:a:mozilla:thunderbird:13.0:beta1:::::: cpe:2.3:a:mozilla:thunderbird:13.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:13.0:beta3:::::: cpe:2.3:a:mozilla:thunderbird:13.0:beta4:::::: cpe:2.3:a:mozilla:thunderbird:12.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:12.0:::::::* cpe:2.3:a:mozilla:thunderbird:12.0:beta1:::::: cpe:2.3:a:mozilla:thunderbird:12.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:12.0:beta3:::::: cpe:2.3:a:mozilla:thunderbird:12.0:beta4:::::: cpe:2.3:a:mozilla:thunderbird:12.0:beta5:::::: cpe:2.3:a:mozilla:thunderbird:11.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:11.0:::::::* cpe:2.3:a:mozilla:thunderbird:11.0:beta1:::::: cpe:2.3:a:mozilla:thunderbird:11.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:11.0:beta3:::::: cpe:2.3:a:mozilla:thunderbird:11.0:beta4:::::: cpe:2.3:a:mozilla:thunderbird:11.0:beta5:::::: cpe:2.3:a:mozilla:thunderbird:10.0.4:::::::* cpe:2.3:a:mozilla:thunderbird:10.0.3:::::::* cpe:2.3:a:mozilla:thunderbird:10.0.2:::::::* cpe:2.3:a:mozilla:thunderbird:10.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:10.0:::::::* cpe:2.3:a:mozilla:thunderbird:10.0:beta1:::::: cpe:2.3:a:mozilla:thunderbird:10.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:10.0:beta3:::::: cpe:2.3:a:mozilla:thunderbird:10.0:beta4:::::: cpe:2.3:a:mozilla:thunderbird:10.0:beta5:::::: cpe:2.3:a:mozilla:thunderbird:9.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:9.0:::::::* cpe:2.3:a:mozilla:thunderbird:9.0:beta1:::::: cpe:2.3:a:mozilla:thunderbird:9.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:9.0:beta3:::::: cpe:2.3:a:mozilla:thunderbird:9.0:beta4:::::: cpe:2.3:a:mozilla:thunderbird:9.0:beta5:::::: cpe:2.3:a:mozilla:thunderbird:8.0:::::::* cpe:2.3:a:mozilla:thunderbird:8.0:beta1:::::: cpe:2.3:a:mozilla:thunderbird:8.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:8.0:beta3:::::: cpe:2.3:a:mozilla:thunderbird:8.0:beta4:::::: cpe:2.3:a:mozilla:thunderbird:8.0:beta5:::::: cpe:2.3:a:mozilla:thunderbird:7.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:7.0:::::::* cpe:2.3:a:mozilla:thunderbird:7.0:beta1:::::: cpe:2.3:a:mozilla:thunderbird:7.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:7.0:beta3:::::: cpe:2.3:a:mozilla:thunderbird:6.0.2:::::::* cpe:2.3:a:mozilla:thunderbird:6.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:6.0:::::::* cpe:2.3:a:mozilla:thunderbird:6.0:beta1:::::: cpe:2.3:a:mozilla:thunderbird:6.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:6.0:beta3:::::: cpe:2.3:a:mozilla:thunderbird:5.0:::::::* cpe:2.3:a:mozilla:thunderbird:5.0:beta1:::::: cpe:2.3:a:mozilla:thunderbird:5.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:3.3:alpha1:::::: cpe:2.3:a:mozilla:thunderbird:3.3:alpha2:::::: cpe:2.3:a:mozilla:thunderbird:3.3:alpha3:::::: cpe:2.3:a:mozilla:thunderbird:3.1.9:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.8:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.7:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.6:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.5:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.4:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.3:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.20:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.2:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.19:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.18:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.17:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.16:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.15:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.14:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.13:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.12:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.11:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.10:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.1:::::::* cpe:2.3:a:mozilla:thunderbird:3.1:alpha1:::::: cpe:2.3:a:mozilla:thunderbird:3.1:beta1:::::: cpe:2.3:a:mozilla:thunderbird:3.1:beta2:::::: cpe:2.3:a:mozilla:thunderbird:3.1:rc1:::::: cpe:2.3:a:mozilla:thunderbird:3.1:rc2:::::: cpe:2.3:a:mozilla:thunderbird:3.1:-:::::: cpe:2.3:a:mozilla:thunderbird:3.0.9:::::::* cpe:2.3:a:mozilla:thunderbird:3.0.8:::::::* cpe:2.3:a:mozilla:thunderbird:3.0.7:::::::* cpe:2.3:a:mozilla:thunderbird:3.0.6:::::::* cpe:2.3:a:mozilla:thunderbird:3.0.5:::::::* cpe:2.3:a:mozilla:thunderbird:3.0.4:::::::* cpe:2.3:a:mozilla:thunderbird:3.0.3:::::::* cpe:2.3:a:mozilla:thunderbird:3.0.2:::::::* cpe:2.3:a:mozilla:thunderbird:3.0.11:::::::* cpe:2.3:a:mozilla:thunderbird:3.0.10:::::::* cpe:2.3:a:mozilla:thunderbird:3.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:3.0:alpha1:::::: cpe:2.3:a:mozilla:thunderbird:3.0:alpha2:::::: cpe:2.3:a:mozilla:thunderbird:3.0:alpha3:::::: cpe:2.3:a:mozilla:thunderbird:3.0:beta1:::::: cpe:2.3:a:mozilla:thunderbird:3.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:3.0:beta3:::::: cpe:2.3:a:mozilla:thunderbird:3.0:beta4:::::: cpe:2.3:a:mozilla:thunderbird:3.0:rc1:::::: cpe:2.3:a:mozilla:thunderbird:3.0:rc2:::::: cpe:2.3:a:mozilla:thunderbird:3.0:-:::::: cpe:2.3:a:mozilla:thunderbird:2.0.0.9:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.8:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.7:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.6:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.5:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.4:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.3:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.24:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.23:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.22:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.21:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.20:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.2:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.19:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.18:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.17:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.16:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.15:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.14:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.13:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.12:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.11:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.0:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.0:rc1:::::: cpe:2.3:a:mozilla:thunderbird:2.0_8:::::::* cpe:2.3:a:mozilla:thunderbird:2.0_.9:::::::* cpe:2.3:a:mozilla:thunderbird:2.0_.6:::::::* cpe:2.3:a:mozilla:thunderbird:2.0_.5:::::::* cpe:2.3:a:mozilla:thunderbird:2.0_.4:::::::* cpe:2.3:a:mozilla:thunderbird:2.0_.14:::::::* cpe:2.3:a:mozilla:thunderbird:2.0_.13:::::::* cpe:2.3:a:mozilla:thunderbird:2.0_.12:::::::* cpe:2.3:a:mozilla:thunderbird:2.0:alpha1:::::: cpe:2.3:a:mozilla:thunderbird:2.0:beta1:::::: cpe:2.3:a:mozilla:thunderbird:2.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:2.0:-:::::: cpe:2.3:a:mozilla:thunderbird:1.7.3:::::::* cpe:2.3:a:mozilla:thunderbird:1.7.1:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.2:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.1:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.9:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.8:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.7:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.6:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.5:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.4:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.3:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.2:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.14:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.13:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.12:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.11:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.10:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:1.5:beta2:::::: cpe:2.3:a:mozilla:thunderbird:1.5:beta1:::::: cpe:2.3:a:mozilla:thunderbird:1.5:rc1:::::: cpe:2.3:a:mozilla:thunderbird:1.5:rc2:::::: cpe:2.3:a:mozilla:thunderbird:1.5:-:::::: cpe:2.3:a:mozilla:thunderbird:1.1:alpha1:::::: cpe:2.3:a:mozilla:thunderbird:1.1:alpha2:::::: cpe:2.3:a:mozilla:thunderbird:1.0.8:::::::* cpe:2.3:a:mozilla:thunderbird:1.0.7:::::::* cpe:2.3:a:mozilla:thunderbird:1.0.6:::::::* cpe:2.3:a:mozilla:thunderbird:1.0.5:::::::* cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:::::: cpe:2.3:a:mozilla:thunderbird:1.0.4:::::::* cpe:2.3:a:mozilla:thunderbird:1.0.3:::::::* cpe:2.3:a:mozilla:thunderbird:1.0.2:::::::* cpe:2.3:a:mozilla:thunderbird:1.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:1.0:rc:::::: cpe:2.3:a:mozilla:thunderbird:1.0:-:::::: cpe:2.3:a:mozilla:thunderbird:0.9:::::::* cpe:2.3:a:mozilla:thunderbird:0.8:::::::* cpe:2.3:a:mozilla:thunderbird:0.7.3:::::::* cpe:2.3:a:mozilla:thunderbird:0.7.2:::::::* cpe:2.3:a:mozilla:thunderbird:0.7.1:::::::* cpe:2.3:a:mozilla:thunderbird:0.7:rc:::::: cpe:2.3:a:mozilla:thunderbird:0.7:-:::::: cpe:2.3:a:mozilla:thunderbird:0.6:::::::* cpe:2.3:a:mozilla:thunderbird:0.5:::::::* cpe:2.3:a:mozilla:thunderbird:0.4:::::::* cpe:2.3:a:mozilla:thunderbird:0.3:::::::* cpe:2.3:a:mozilla:thunderbird:0.2:::::::* cpe:2.3:a:mozilla:thunderbird:0.1:::::::* cpe:2.3:a:mozilla:thunderbird:::::::: cpe:2.3:a:mozilla:thunderbird:::::::x86:* cpe:2.3:a:mozilla:thunderbird:-:::::::*	228
Application	Mozilla Thunderbird Esr cpe:2.3:a:mozilla:thunderbird_esr:17.0.9:::::::* cpe:2.3:a:mozilla:thunderbird_esr:17.0.8:::::::* cpe:2.3:a:mozilla:thunderbird_esr:17.0.7:::::::* cpe:2.3:a:mozilla:thunderbird_esr:17.0.6:::::::* cpe:2.3:a:mozilla:thunderbird_esr:17.0.5:::::::* cpe:2.3:a:mozilla:thunderbird_esr:17.0.4:::::::* cpe:2.3:a:mozilla:thunderbird_esr:17.0.3:::::::* cpe:2.3:a:mozilla:thunderbird_esr:17.0.2:::::::* cpe:2.3:a:mozilla:thunderbird_esr:17.0.1:::::::* cpe:2.3:a:mozilla:thunderbird_esr:17.0:::::::* cpe:2.3:a:mozilla:thunderbird_esr:10.0.9:::::::* cpe:2.3:a:mozilla:thunderbird_esr:10.0.8:::::::* cpe:2.3:a:mozilla:thunderbird_esr:10.0.7:::::::* cpe:2.3:a:mozilla:thunderbird_esr:10.0.6:::::::* cpe:2.3:a:mozilla:thunderbird_esr:10.0.5:::::::* cpe:2.3:a:mozilla:thunderbird_esr:10.0.4:::::::* cpe:2.3:a:mozilla:thunderbird_esr:10.0.3:::::::* cpe:2.3:a:mozilla:thunderbird_esr:10.0.2:::::::* cpe:2.3:a:mozilla:thunderbird_esr:10.0.12:::::::* cpe:2.3:a:mozilla:thunderbird_esr:10.0.11:::::::* cpe:2.3:a:mozilla:thunderbird_esr:10.0.10:::::::* cpe:2.3:a:mozilla:thunderbird_esr:10.0.1:::::::* cpe:2.3:a:mozilla:thunderbird_esr:10.0:::::::* cpe:2.3:a:mozilla:thunderbird_esr::::::::	24
Application	Oracle Vm Server cpe:2.3:a:oracle:vm_server:3.2::::::x86:	1
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm::: cpe:2.3:o:canonical:ubuntu_linux:12.04::::-::: cpe:2.3:o:canonical:ubuntu_linux:11.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::	5
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:7.0:::::::*	1
Os	Opensuse cpe:2.3:o:opensuse:opensuse:12.3:::::::* cpe:2.3:o:opensuse:opensuse:12.2:::::::* cpe:2.3:o:opensuse:opensuse:12.1:::::::* cpe:2.3:o:opensuse:opensuse:11.4:::::::*	4
Os	Redhat Enterprise Linux Aus cpe:2.3:o:redhat:enterprise_linux_aus:5.9:::::::*	1
Os	Redhat Enterprise Linux Desktop cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*	2
Os	Redhat Enterprise Linux Eus cpe:2.3:o:redhat:enterprise_linux_eus:6.3:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::*	2
Os	Redhat Enterprise Linux Server cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*	2
Os	Redhat Enterprise Linux Server Aus cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::*	1
Os	Redhat Enterprise Linux Workstation cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*	2
Os	Suse Linux Enterprise Desktop cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:::::: cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:::::: cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:::-:::*	3
Os	Suse Linux Enterprise Server cpe:2.3:o:suse:linux_enterprise_server:11:sp2::::-::* cpe:2.3:o:suse:linux_enterprise_server:11:sp2::::vmware::* cpe:2.3:o:suse:linux_enterprise_server:11:sp1:::ltss:-:: cpe:2.3:o:suse:linux_enterprise_server:11:sp1:::ltss:vmware:: cpe:2.3:o:suse:linux_enterprise_server:10:sp4:::::: cpe:2.3:o:suse:linux_enterprise_server:10:sp4:::-:::*	6
Os	Suse Linux Enterprise Software Development Kit cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:::::: cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4::::::	2

SAINT Exploits

Description	Link
Mozilla Firefox onreadystatechange Event Use After Free	More info here
Mozilla Firefox XMLSerializer serializeToStream Use-after-free Vulnerability	More info here
Firefox crypto.generateCRMFRequest command execution	More info here

ExploitDB Exploits

id	Description
2014-08-19	Firefox toString console.time Privileged Javascript Injection
2013-12-24	Firefox 5.0 - 15.0.1 - __exposedProps__ XCS Code Execution

Snort® IPS/IDS

Date	Description
2017-03-01	Mozilla Firefox generatecrmfrequest policy function call access attempt RuleID : 41423 - Revision : 3 - Type : BROWSER-PLUGINS
2017-03-01	Mozilla Firefox generatecrmfrequest policy function call access attempt RuleID : 41422 - Revision : 3 - Type : BROWSER-PLUGINS
2015-09-23	Mozilla Firefox generatecrmfrequest policy function call access attempt RuleID : 35686 - Revision : 3 - Type : BROWSER-PLUGINS
2015-09-23	Mozilla Firefox generatecrmfrequest policy function call access attempt RuleID : 35685 - Revision : 3 - Type : BROWSER-PLUGINS
2015-02-18	Mozilla Firefox 17 onreadystatechange memory corruption attempt RuleID : 33090 - Revision : 5 - Type : BROWSER-FIREFOX
2015-02-18	Mozilla Firefox 17 onreadystatechange memory corruption attempt RuleID : 33089 - Revision : 5 - Type : BROWSER-FIREFOX
2015-02-18	Mozilla Firefox 17 onreadystatechange memory corruption attempt RuleID : 33088 - Revision : 5 - Type : BROWSER-FIREFOX
2015-02-11	Mozilla Firefox XMLSerializer serializeToStream use-after-free attempt RuleID : 32994 - Revision : 6 - Type : BROWSER-FIREFOX
2015-02-11	Mozilla Firefox XMLSerializer serializeToStream use-after-free attempt RuleID : 32993 - Revision : 6 - Type : BROWSER-FIREFOX
2014-01-10	Mozilla Firefox 17 onreadystatechange memory corruption attempt RuleID : 27568 - Revision : 6 - Type : BROWSER-FIREFOX
2014-01-10	Nailed exploit kit Firefox exploit download - autopwn RuleID : 27080 - Revision : 2 - Type : EXPLOIT-KIT

Nessus® Vulnerability Scanner

Date	Description
2016-03-04	Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_esx_VMSA-2013-0015_remote.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-0306-1.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-0850-1.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-1181.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-141.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-17.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-206.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-207.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-208.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-209.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-309.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-400.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-438.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-447.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-448.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-554.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-555.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-556.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-574.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-652.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-717.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-718.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-719.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-720.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-819.nasl - Type : ACT_GATHER_INFO
2013-12-12	Name : The remote CentOS host is missing a security update. File : centos_RHSA-2013-1812.nasl - Type : ACT_GATHER_INFO
2013-12-12	Name : The remote CentOS host is missing a security update. File : centos_RHSA-2013-1823.nasl - Type : ACT_GATHER_INFO
2013-12-12	Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2013-1812.nasl - Type : ACT_GATHER_INFO
2013-12-12	Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2013-1823.nasl - Type : ACT_GATHER_INFO
2013-12-12	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1823.nasl - Type : ACT_GATHER_INFO
2013-12-11	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1812.nasl - Type : ACT_GATHER_INFO
2013-12-06	Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2013-0015.nasl - Type : ACT_GATHER_INFO
2013-10-02	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_7dfed67b20aa11e3b8d80025905a4771.nasl - Type : ACT_GATHER_INFO
2013-10-01	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-216.nasl - Type : ACT_GATHER_INFO
2013-10-01	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-217.nasl - Type : ACT_GATHER_INFO
2013-09-30	Name : The remote Fedora host is missing one or more security updates. File : fedora_2013-17047.nasl - Type : ACT_GATHER_INFO
2013-09-28	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201309-23.nasl - Type : ACT_GATHER_INFO
2013-09-28	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-130919.nasl - Type : ACT_GATHER_INFO
2013-09-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2762.nasl - Type : ACT_GATHER_INFO
2013-09-23	Name : The remote Fedora host is missing one or more security updates. File : fedora_2013-17074.nasl - Type : ACT_GATHER_INFO
2013-09-21	Name : The remote Fedora host is missing one or more security updates. File : fedora_2013-16992.nasl - Type : ACT_GATHER_INFO
2013-09-19	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2759.nasl - Type : ACT_GATHER_INFO
2013-09-19	Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_17_0_9_esr.nasl - Type : ACT_GATHER_INFO
2013-09-19	Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_24.nasl - Type : ACT_GATHER_INFO
2013-09-19	Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0_9_esr.nasl - Type : ACT_GATHER_INFO
2013-09-19	Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_24_0.nasl - Type : ACT_GATHER_INFO
2013-09-19	Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_1709_esr.nasl - Type : ACT_GATHER_INFO
2013-09-19	Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_24.nasl - Type : ACT_GATHER_INFO
2013-09-19	Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1709_esr.nasl - Type : ACT_GATHER_INFO
2013-09-19	Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_24.nasl - Type : ACT_GATHER_INFO
2013-09-19	Name : The remote Windows host contains a web browser that is potentially affected b... File : seamonkey_221.nasl - Type : ACT_GATHER_INFO
2013-09-19	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1952-1.nasl - Type : ACT_GATHER_INFO
2013-09-18	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1268.nasl - Type : ACT_GATHER_INFO
2013-09-18	Name : The remote CentOS host is missing a security update. File : centos_RHSA-2013-1269.nasl - Type : ACT_GATHER_INFO
2013-09-18	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1268.nasl - Type : ACT_GATHER_INFO
2013-09-18	Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2013-1269.nasl - Type : ACT_GATHER_INFO
2013-09-18	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1268.nasl - Type : ACT_GATHER_INFO
2013-09-18	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1269.nasl - Type : ACT_GATHER_INFO
2013-09-18	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130917_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-09-18	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130917_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-09-18	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1951-1.nasl - Type : ACT_GATHER_INFO
2013-08-30	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2746.nasl - Type : ACT_GATHER_INFO
2013-08-14	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-130809.nasl - Type : ACT_GATHER_INFO
2013-08-14	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-130810.nasl - Type : ACT_GATHER_INFO
2013-08-09	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2735.nasl - Type : ACT_GATHER_INFO
2013-08-09	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_0998e79d005511e3905b0025905a4771.nasl - Type : ACT_GATHER_INFO
2013-08-09	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130807_nss__nss_util__nss_softokn__and_nspr_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1140.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote CentOS host is missing a security update. File : centos_RHSA-2013-1142.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1144.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_17_0_8_esr.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_23.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0_8.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0_8_esr.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_1708_esr.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_23.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1708.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1708_esr.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1140.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2013-1142.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1144.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1140.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1142.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1144.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Windows host contains a web browser that is potentially affected b... File : seamonkey_220.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130807_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130807_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-08-08	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1925-1.nasl - Type : ACT_GATHER_INFO
2013-08-07	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1924-1.nasl - Type : ACT_GATHER_INFO
2013-08-07	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1924-2.nasl - Type : ACT_GATHER_INFO
2013-08-06	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1135.nasl - Type : ACT_GATHER_INFO
2013-08-06	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1135.nasl - Type : ACT_GATHER_INFO
2013-08-06	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1135.nasl - Type : ACT_GATHER_INFO
2013-08-06	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130805_nss_and_nspr_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-07-18	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-20130628-130702.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0144.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2013-0145.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0271.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2013-0272.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0614.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2013-0627.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0696.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2013-0697.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0820.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2013-0821.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0981.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2013-0982.nasl - Type : ACT_GATHER_INFO
2013-07-07	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2720.nasl - Type : ACT_GATHER_INFO
2013-07-06	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-20130628-130628.nasl - Type : ACT_GATHER_INFO
2013-07-06	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox-20130628-8636.nasl - Type : ACT_GATHER_INFO
2013-07-05	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1890-2.nasl - Type : ACT_GATHER_INFO
2013-06-29	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2716.nasl - Type : ACT_GATHER_INFO
2013-06-27	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0981.nasl - Type : ACT_GATHER_INFO
2013-06-27	Name : The remote CentOS host is missing a security update. File : centos_RHSA-2013-0982.nasl - Type : ACT_GATHER_INFO
2013-06-27	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_b3fcb387de4b11e2b1c60025905a4771.nasl - Type : ACT_GATHER_INFO
2013-06-27	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1890-1.nasl - Type : ACT_GATHER_INFO
2013-06-27	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1891-1.nasl - Type : ACT_GATHER_INFO
2013-06-26	Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_17_0_7_esr.nasl - Type : ACT_GATHER_INFO
2013-06-26	Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_22.nasl - Type : ACT_GATHER_INFO
2013-06-26	Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0_7.nasl - Type : ACT_GATHER_INFO
2013-06-26	Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0_7_esr.nasl - Type : ACT_GATHER_INFO
2013-06-26	Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_1707_esr.nasl - Type : ACT_GATHER_INFO
2013-06-26	Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_22.nasl - Type : ACT_GATHER_INFO
2013-06-26	Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1707.nasl - Type : ACT_GATHER_INFO
2013-06-26	Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1707_esr.nasl - Type : ACT_GATHER_INFO
2013-06-26	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0981.nasl - Type : ACT_GATHER_INFO
2013-06-26	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0982.nasl - Type : ACT_GATHER_INFO
2013-06-26	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130625_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-06-26	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130625_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-06-03	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2699.nasl - Type : ACT_GATHER_INFO
2013-05-29	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-20130516-130516.nasl - Type : ACT_GATHER_INFO
2013-05-29	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-20130516-130517.nasl - Type : ACT_GATHER_INFO
2013-05-29	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox-20130516-8578.nasl - Type : ACT_GATHER_INFO
2013-05-16	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_4a1ca8a4bd8211e2b7a0d43d7e0c7c02.nasl - Type : ACT_GATHER_INFO
2013-05-16	Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_17_0_6_esr.nasl - Type : ACT_GATHER_INFO
2013-05-16	Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_21.nasl - Type : ACT_GATHER_INFO
2013-05-16	Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0_6.nasl - Type : ACT_GATHER_INFO
2013-05-16	Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0_6_esr.nasl - Type : ACT_GATHER_INFO
2013-05-16	Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_1706_esr.nasl - Type : ACT_GATHER_INFO
2013-05-16	Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_21.nasl - Type : ACT_GATHER_INFO
2013-05-16	Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1706.nasl - Type : ACT_GATHER_INFO
2013-05-16	Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1706_esr.nasl - Type : ACT_GATHER_INFO
2013-05-16	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130514_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-05-16	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130514_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-05-15	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0820.nasl - Type : ACT_GATHER_INFO
2013-05-15	Name : The remote CentOS host is missing a security update. File : centos_RHSA-2013-0821.nasl - Type : ACT_GATHER_INFO
2013-05-15	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0820.nasl - Type : ACT_GATHER_INFO
2013-05-15	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0821.nasl - Type : ACT_GATHER_INFO
2013-05-15	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1822-1.nasl - Type : ACT_GATHER_INFO
2013-05-15	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1823-1.nasl - Type : ACT_GATHER_INFO
2013-04-22	Name : The remote Fedora host is missing a security update. File : fedora_2013-4871.nasl - Type : ACT_GATHER_INFO
2013-04-16	Name : The remote Fedora host is missing a security update. File : fedora_2013-4957.nasl - Type : ACT_GATHER_INFO
2013-04-16	Name : The remote Fedora host is missing a security update. File : fedora_2013-4983.nasl - Type : ACT_GATHER_INFO
2013-04-09	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-20130404-130404.nasl - Type : ACT_GATHER_INFO
2013-04-09	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox-20130404-8537.nasl - Type : ACT_GATHER_INFO
2013-04-09	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1791-1.nasl - Type : ACT_GATHER_INFO
2013-04-08	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_949764339c7411e2a9fcd43d7e0c7c02.nasl - Type : ACT_GATHER_INFO
2013-04-05	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1786-1.nasl - Type : ACT_GATHER_INFO
2013-04-05	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1786-2.nasl - Type : ACT_GATHER_INFO
2013-04-04	Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_17_0_5_esr.nasl - Type : ACT_GATHER_INFO
2013-04-04	Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_20.nasl - Type : ACT_GATHER_INFO
2013-04-04	Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0_5.nasl - Type : ACT_GATHER_INFO
2013-04-04	Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0_5_esr.nasl - Type : ACT_GATHER_INFO
2013-04-04	Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_1705_esr.nasl - Type : ACT_GATHER_INFO
2013-04-04	Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_20.nasl - Type : ACT_GATHER_INFO
2013-04-04	Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1705.nasl - Type : ACT_GATHER_INFO
2013-04-04	Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1705_esr.nasl - Type : ACT_GATHER_INFO
2013-04-04	Name : The remote Windows host contains a web browser that is potentially affected b... File : seamonkey_217.nasl - Type : ACT_GATHER_INFO
2013-04-03	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0696.nasl - Type : ACT_GATHER_INFO
2013-04-03	Name : The remote CentOS host is missing a security update. File : centos_RHSA-2013-0697.nasl - Type : ACT_GATHER_INFO
2013-04-03	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0696.nasl - Type : ACT_GATHER_INFO
2013-04-03	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0697.nasl - Type : ACT_GATHER_INFO
2013-04-03	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130402_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-04-03	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130402_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-03-17	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-201303-130311.nasl - Type : ACT_GATHER_INFO
2013-03-17	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox-201303-8506.nasl - Type : ACT_GATHER_INFO
2013-03-13	Name : The remote CentOS host is missing a security update. File : centos_RHSA-2013-0627.nasl - Type : ACT_GATHER_INFO
2013-03-13	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130311_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-03-13	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1758-2.nasl - Type : ACT_GATHER_INFO
2013-03-12	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0627.nasl - Type : ACT_GATHER_INFO
2013-03-11	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_630c8c08880f11e2807fd43d7e0c7c02.nasl - Type : ACT_GATHER_INFO
2013-03-11	Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0_4.nasl - Type : ACT_GATHER_INFO
2013-03-11	Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0_4_esr.nasl - Type : ACT_GATHER_INFO
2013-03-11	Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1704.nasl - Type : ACT_GATHER_INFO
2013-03-11	Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1704_esr.nasl - Type : ACT_GATHER_INFO
2013-03-11	Name : The remote Windows host contains a web browser that is potentially affected b... File : seamonkey_2161.nasl - Type : ACT_GATHER_INFO
2013-03-10	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0614.nasl - Type : ACT_GATHER_INFO
2013-03-10	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0614.nasl - Type : ACT_GATHER_INFO
2013-03-10	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130308_xulrunner_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-03-10	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-201303-130305.nasl - Type : ACT_GATHER_INFO
2013-03-09	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1758-1.nasl - Type : ACT_GATHER_INFO
2013-03-08	Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_17_0_4_esr.nasl - Type : ACT_GATHER_INFO
2013-03-08	Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_19_0_2.nasl - Type : ACT_GATHER_INFO
2013-03-08	Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_1704_esr.nasl - Type : ACT_GATHER_INFO
2013-03-08	Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_1902.nasl - Type : ACT_GATHER_INFO
2013-03-05	Name : The remote Fedora host is missing a security update. File : fedora_2013-2988.nasl - Type : ACT_GATHER_INFO
2013-03-05	Name : The remote Fedora host is missing a security update. File : fedora_2013-2992.nasl - Type : ACT_GATHER_INFO
2013-03-01	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1729-2.nasl - Type : ACT_GATHER_INFO
2013-02-26	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1748-1.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote CentOS host is missing a security update. File : centos_RHSA-2013-0272.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130219_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130219_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-02-20	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0271.nasl - Type : ACT_GATHER_INFO
2013-02-20	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_e3f0374a7ad611e284cdd43d7e0c7c02.nasl - Type : ACT_GATHER_INFO
2013-02-20	Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_17_0_3_esr.nasl - Type : ACT_GATHER_INFO
2013-02-20	Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_19_0.nasl - Type : ACT_GATHER_INFO
2013-02-20	Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0_3.nasl - Type : ACT_GATHER_INFO
2013-02-20	Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0_3_esr.nasl - Type : ACT_GATHER_INFO
2013-02-20	Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_1703_esr.nasl - Type : ACT_GATHER_INFO
2013-02-20	Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_190.nasl - Type : ACT_GATHER_INFO
2013-02-20	Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1703.nasl - Type : ACT_GATHER_INFO
2013-02-20	Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1703_esr.nasl - Type : ACT_GATHER_INFO
2013-02-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0271.nasl - Type : ACT_GATHER_INFO
2013-02-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0272.nasl - Type : ACT_GATHER_INFO
2013-02-20	Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_216.nasl - Type : ACT_GATHER_INFO
2013-02-20	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1729-1.nasl - Type : ACT_GATHER_INFO
2013-02-06	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1681-4.nasl - Type : ACT_GATHER_INFO
2013-02-04	Name : The remote Fedora host is missing a security update. File : fedora_2013-1382.nasl - Type : ACT_GATHER_INFO
2013-02-04	Name : The remote Fedora host is missing a security update. File : fedora_2013-1432.nasl - Type : ACT_GATHER_INFO
2013-01-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-1442.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-201301-130110.nasl - Type : ACT_GATHER_INFO
2013-01-23	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1681-3.nasl - Type : ACT_GATHER_INFO
2013-01-20	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox-201301-8426.nasl - Type : ACT_GATHER_INFO
2013-01-15	Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_10_0_12.nasl - Type : ACT_GATHER_INFO
2013-01-15	Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_17_0_1.nasl - Type : ACT_GATHER_INFO
2013-01-15	Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_17_0_2.nasl - Type : ACT_GATHER_INFO
2013-01-15	Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_18_0.nasl - Type : ACT_GATHER_INFO
2013-01-15	Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_10_0_12.nasl - Type : ACT_GATHER_INFO
2013-01-15	Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0_2.nasl - Type : ACT_GATHER_INFO
2013-01-15	Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_10012.nasl - Type : ACT_GATHER_INFO
2013-01-15	Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_1701.nasl - Type : ACT_GATHER_INFO
2013-01-15	Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_1702.nasl - Type : ACT_GATHER_INFO
2013-01-15	Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_180.nasl - Type : ACT_GATHER_INFO
2013-01-15	Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_10012.nasl - Type : ACT_GATHER_INFO
2013-01-15	Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1702.nasl - Type : ACT_GATHER_INFO
2013-01-15	Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_215.nasl - Type : ACT_GATHER_INFO
2013-01-11	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130108_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-01-11	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130108_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-01-10	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_a4ed66325aa911e28fcbc8600054b392.nasl - Type : ACT_GATHER_INFO
2013-01-09	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0144.nasl - Type : ACT_GATHER_INFO
2013-01-09	Name : The remote CentOS host is missing a security update. File : centos_RHSA-2013-0145.nasl - Type : ACT_GATHER_INFO
2013-01-09	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0144.nasl - Type : ACT_GATHER_INFO
2013-01-09	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0145.nasl - Type : ACT_GATHER_INFO
2013-01-09	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1681-1.nasl - Type : ACT_GATHER_INFO
2013-01-09	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1681-2.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:37:47	Multiple Updates
2013-09-28 00:19:28	First insertion

Global Informations

Type	Count
CWE ID(s)	80
Oval ID(s)	199
CPE ID(s)	909
Saint Exploit(s)	3
ExploitDB Exploit(s)	2
Snort® Rule(s)	11
Nessus® Exploit(s)	245

	Related
10	CVE-2013-1736
10	CVE-2013-1719
10	CVE-2013-1718
10	CVE-2013-1710
10	CVE-2013-1705
10	CVE-2013-1702
10	CVE-2013-1701
10	CVE-2013-1682
10	CVE-2013-1681
10	CVE-2013-1680
10	CVE-2013-1679
10	CVE-2013-1678
10	CVE-2013-1677
10	CVE-2013-1676
10	CVE-2013-0801
10	CVE-2013-0796
10	CVE-2013-0795
10	CVE-2013-0789
10	CVE-2013-0788
10	CVE-2013-0767
9.3	CVE-2013-1738
9.3	CVE-2013-1735
9.3	CVE-2013-1732
9.3	CVE-2013-1724
9.3	CVE-2013-1722
9.3	CVE-2013-1704
9.3	CVE-2013-1697
9.3	CVE-2013-1690
9.3	CVE-2013-1687
9.3	CVE-2013-1684
9.3	CVE-2013-1674
9.3	CVE-2013-0787
9.3	CVE-2013-0784
9.3	CVE-2013-0783
9.3	CVE-2013-0782
9.3	CVE-2013-0781
9.3	CVE-2013-0780
9.3	CVE-2013-0779
9.3	CVE-2013-0778
9.3	CVE-2013-0777
9.3	CVE-2013-0775
9.3	CVE-2013-0773
9.3	CVE-2013-0771
9.3	CVE-2013-0770
9.3	CVE-2013-0769
9.3	CVE-2013-0768
9.3	CVE-2013-0766
9.3	CVE-2013-0765
9.3	CVE-2013-0764
9.3	CVE-2013-0763
9.3	CVE-2013-0762
9.3	CVE-2013-0761
9.3	CVE-2013-0760
9.3	CVE-2013-0758
9.3	CVE-2013-0757
9.3	CVE-2013-0756
9.3	CVE-2013-0755
9.3	CVE-2013-0754
9.3	CVE-2013-0753
9.3	CVE-2013-0752
9.3	CVE-2013-0750
9.3	CVE-2013-0749
9.3	CVE-2013-0746
9.3	CVE-2013-0745
9.3	CVE-2013-0744
7.5	CVE-2013-1694
7.2	CVE-2013-1707
7.2	CVE-2013-0799
6.9	CVE-2013-1712
6.9	CVE-2013-0797
6.8	CVE-2013-1730
6.8	CVE-2013-1725
6.8	CVE-2013-1720
6.8	CVE-2013-0800
6.8	CVE-2013-0747
6.2	CVE-2013-1726
5.8	CVE-2013-0794
5.8	CVE-2013-0772
5.8	CVE-2013-0751
5.4	CVE-2013-1717
5	CVE-2013-1737
5	CVE-2013-0791
5	CVE-2013-0759
4.3	CVE-2013-1728
4.3	CVE-2013-1723
4.3	CVE-2013-1714
4.3	CVE-2013-1713
4.3	CVE-2013-1711
4.3	CVE-2013-1709
4.3	CVE-2013-1708
4.3	CVE-2013-1693
4.3	CVE-2013-1692
4.3	CVE-2013-1675
4.3	CVE-2013-1671
4.3	CVE-2013-1670
4.3	CVE-2013-0793
4.3	CVE-2013-0792
4.3	CVE-2013-0774
4.3	CVE-2013-0748
4	CVE-2013-0776
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 100 more Alert(s)