Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2008:206 | First vendor Publication | 2008-09-26 |
Vendor | Mandriva | Last vendor Modification | 2008-09-26 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.17 (CVE-2008-0016, CVE-2008-3835, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4065, CVE-2008-4066, CVE-2008-4067, CVE-2008-4068, CVE-2008-4070). This update provides the latest Thunderbird to correct these issues. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2008:206 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-264 | Permissions, Privileges, and Access Controls |
17 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
17 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
17 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
8 % | CWE-399 | Resource Management Errors |
8 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10206 | |||
Oval ID: | oval:org.mitre.oval:def:10206 | ||
Title: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine and (1) misinterpretation of the characteristics of Namespace and QName in jsxml.c, (2) misuse of signed integers in the nsEscapeCount function in nsEscape.cpp, and (3) interaction of JavaScript garbage collection with certain use of an NPObject in the nsNPObjWrapper::GetNewOrUsed function in nsJSNPRuntime.cpp. | ||
Description: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine and (1) misinterpretation of the characteristics of Namespace and QName in jsxml.c, (2) misuse of signed integers in the nsEscapeCount function in nsEscape.cpp, and (3) interaction of JavaScript garbage collection with certain use of an NPObject in the nsNPObjWrapper::GetNewOrUsed function in nsJSNPRuntime.cpp. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4062 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10933 | |||
Oval ID: | oval:org.mitre.oval:def:10933 | ||
Title: | Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages." | ||
Description: | Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4070 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17610 | |||
Oval ID: | oval:org.mitre.oval:def:17610 | ||
Title: | USN-647-1 -- mozilla-thunderbird, thunderbird vulnerabilities | ||
Description: | It was discovered that the same-origin check in Thunderbird could be bypassed. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-647-1 CVE-2008-3835 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4063 CVE-2008-4064 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4070 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | mozilla-thunderbird thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22664 | |||
Oval ID: | oval:org.mitre.oval:def:22664 | ||
Title: | ELSA-2008:0908: thunderbird security update (Moderate) | ||
Description: | Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0908-01 CVE-2008-0016 CVE-2008-3835 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4070 | Version: | 53 |
Platform(s): | Oracle Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28693 | |||
Oval ID: | oval:org.mitre.oval:def:28693 | ||
Title: | RHSA-2008:0908 -- thunderbird security update (Moderate) | ||
Description: | Updated thunderbird packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird. (CVE-2008-0016, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0908 CESA-2008:0908-CentOS 5 CVE-2008-0016 CVE-2008-3835 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4070 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29008 | |||
Oval ID: | oval:org.mitre.oval:def:29008 | ||
Title: | RHSA-2008:0879 -- firefox security update (Critical) | ||
Description: | All firefox users should upgrade to this updated package, which contains backported patches that correct these issues. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0879 CESA-2008:0879-CentOS 5 CVE-2008-3837 CVE-2008-4058 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4063 CVE-2008-4064 CVE-2008-4065 CVE-2008-4067 CVE-2008-4068 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 CentOS Linux 5 | Product(s): | firefox devhelp nss xulrunner yelp |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8880 | |||
Oval ID: | oval:org.mitre.oval:def:8880 | ||
Title: | Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via HTML-escaped low surrogate characters that are ignored by the HTML parser, as demonstrated by a "javascript" sequence, aka "HTML escaped low surrogates bug." | ||
Description: | Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via HTML-escaped low surrogate characters that are ignored by the HTML parser, as demonstrated by a "jav�ascript" sequence, aka "HTML escaped low surrogates bug." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4066 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9643 | |||
Oval ID: | oval:org.mitre.oval:def:9643 | ||
Title: | The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vectors. | ||
Description: | The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3835 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Mozilla Firefox UTF-8 URL buffer overflow | More info here |
ExploitDB Exploits
id | Description |
---|---|
2009-09-14 | Mozilla Firefox 2.0.0.16 UTF-8 URL Remote Buffer Overflow Exploit |
OpenVAS Exploits
Date | Description |
---|---|
2009-10-13 | Name : SLES10: Security update for Mozilla File : nvt/sles10_gecko-sdk.nasl |
2009-10-13 | Name : SLES10: Security update for MozillaFirefox File : nvt/sles10_MozillaFirefox4.nasl |
2009-10-10 | Name : SLES9: Security update for Epiphany and Mozilla File : nvt/sles9p5036604.nasl |
2009-06-03 | Name : Solaris Update for Mozilla 1.7 125539-06 File : nvt/gb_solaris_125539_06.nasl |
2009-06-03 | Name : Solaris Update for Mozilla Firefox Web browser 125540-06 File : nvt/gb_solaris_125540_06.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-firefox MDVSA-2008:205 (mozilla-firefox) File : nvt/gb_mandriva_MDVSA_2008_205.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2008:206 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2008_206.nasl |
2009-03-23 | Name : Ubuntu Update for firefox, firefox-3.0, xulrunner-1.9 vulnerabilities USN-645-1 File : nvt/gb_ubuntu_USN_645_1.nasl |
2009-03-23 | Name : Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-647-1 File : nvt/gb_ubuntu_USN_647_1.nasl |
2009-03-23 | Name : Ubuntu Update for firefox-3.0, xulrunner-1.9 regression USN-645-3 File : nvt/gb_ubuntu_USN_645_3.nasl |
2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-645-2 File : nvt/gb_ubuntu_USN_645_2.nasl |
2009-03-06 | Name : RedHat Update for thunderbird RHSA-2008:0908-01 File : nvt/gb_RHSA-2008_0908-01_thunderbird.nasl |
2009-03-06 | Name : RedHat Update for firefox RHSA-2008:0879-01 File : nvt/gb_RHSA-2008_0879-01_firefox.nasl |
2009-03-06 | Name : RedHat Update for seamonkey RHSA-2008:0882-01 File : nvt/gb_RHSA-2008_0882-01_seamonkey.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0882-01 centos2 i386 File : nvt/gb_CESA-2008_0882-01_seamonkey_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0908 centos4 x86_64 File : nvt/gb_CESA-2008_0908_thunderbird_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0908 centos4 i386 File : nvt/gb_CESA-2008_0908_thunderbird_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0882 centos3 x86_64 File : nvt/gb_CESA-2008_0882_seamonkey_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0882 centos3 i386 File : nvt/gb_CESA-2008_0882_seamonkey_centos3_i386.nasl |
2009-02-17 | Name : Fedora Update for epiphany-extensions FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_epiphany-extensions_fc9.nasl |
2009-02-17 | Name : Fedora Update for epiphany FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_epiphany_fc9.nasl |
2009-02-17 | Name : Fedora Update for evolution-rss FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_evolution-rss_fc9.nasl |
2009-02-17 | Name : Fedora Update for firefox FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_firefox_fc9.nasl |
2009-02-17 | Name : Fedora Update for galeon FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_galeon_fc9.nasl |
2009-02-17 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_gnome-python2-extras_fc9.nasl |
2009-02-17 | Name : Fedora Update for gnome-web-photo FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_gnome-web-photo_fc9.nasl |
2009-02-17 | Name : Fedora Update for google-gadgets FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_google-gadgets_fc9.nasl |
2009-02-17 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_gtkmozembedmm_fc9.nasl |
2009-02-17 | Name : Fedora Update for kazehakase FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_kazehakase_fc9.nasl |
2009-02-17 | Name : Fedora Update for mozvoikko FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_mozvoikko_fc9.nasl |
2009-02-17 | Name : Fedora Update for mugshot FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_mugshot_fc9.nasl |
2009-02-17 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_ruby-gnome2_fc9.nasl |
2009-02-17 | Name : Fedora Update for totem FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_totem_fc9.nasl |
2009-02-17 | Name : Fedora Update for xulrunner FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_xulrunner_fc9.nasl |
2009-02-17 | Name : Fedora Update for yelp FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_yelp_fc9.nasl |
2009-02-17 | Name : Fedora Update for seamonkey FEDORA-2008-8429 File : nvt/gb_fedora_2008_8429_seamonkey_fc9.nasl |
2009-02-17 | Name : Fedora Update for thunderbird FEDORA-2008-9807 File : nvt/gb_fedora_2008_9807_thunderbird_fc8.nasl |
2009-02-17 | Name : Fedora Update for thunderbird FEDORA-2008-9859 File : nvt/gb_fedora_2008_9859_thunderbird_fc9.nasl |
2009-02-17 | Name : Fedora Update for Miro FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_Miro_fc9.nasl |
2009-02-17 | Name : Fedora Update for chmsee FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_chmsee_fc9.nasl |
2009-02-17 | Name : Fedora Update for Miro FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_Miro_fc8.nasl |
2009-02-17 | Name : Fedora Update for blam FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_blam_fc8.nasl |
2009-02-17 | Name : Fedora Update for cairo-dock FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_cairo-dock_fc8.nasl |
2009-02-17 | Name : Fedora Update for chmsee FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_chmsee_fc8.nasl |
2009-02-17 | Name : Fedora Update for devhelp FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_devhelp_fc8.nasl |
2009-02-17 | Name : Fedora Update for epiphany-extensions FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_epiphany-extensions_fc8.nasl |
2009-02-17 | Name : Fedora Update for epiphany FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_epiphany_fc8.nasl |
2009-02-17 | Name : Fedora Update for evolution-rss FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_evolution-rss_fc8.nasl |
2009-02-17 | Name : Fedora Update for firefox FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_firefox_fc8.nasl |
2009-02-17 | Name : Fedora Update for galeon FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_galeon_fc8.nasl |
2009-02-17 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_gnome-python2-extras_fc8.nasl |
2009-02-17 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_gtkmozembedmm_fc8.nasl |
2009-02-17 | Name : Fedora Update for devhelp FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_devhelp_fc9.nasl |
2009-02-17 | Name : Fedora Update for cairo-dock FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_cairo-dock_fc9.nasl |
2009-02-17 | Name : Fedora Update for blam FEDORA-2008-8425 File : nvt/gb_fedora_2008_8425_blam_fc9.nasl |
2009-02-17 | Name : Fedora Update for seamonkey FEDORA-2008-8401 File : nvt/gb_fedora_2008_8401_seamonkey_fc8.nasl |
2009-02-17 | Name : Fedora Update for yelp FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_yelp_fc8.nasl |
2009-02-17 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_ruby-gnome2_fc8.nasl |
2009-02-17 | Name : Fedora Update for openvrml FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_openvrml_fc8.nasl |
2009-02-17 | Name : Fedora Update for liferea FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_liferea_fc8.nasl |
2009-02-17 | Name : Fedora Update for kazehakase FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_kazehakase_fc8.nasl |
2009-02-17 | Name : Fedora Update for gnome-web-photo FEDORA-2008-8399 File : nvt/gb_fedora_2008_8399_gnome-web-photo_fc8.nasl |
2009-01-23 | Name : SuSE Update for MozillaFirefox,MozillaThunderbird,seamonkey,mozilla SUSE-SA:... File : nvt/gb_suse_2008_050.nasl |
2009-01-13 | Name : Debian Security Advisory DSA 1697-1 (iceape) File : nvt/deb_1697_1.nasl |
2009-01-13 | Name : Debian Security Advisory DSA 1696-1 (icedove) File : nvt/deb_1696_1.nasl |
2008-11-24 | Name : Debian Security Advisory DSA 1669-1 (xulrunner) File : nvt/deb_1669_1.nasl |
2008-11-01 | Name : Debian Security Advisory DSA 1649-1 (iceweasel) File : nvt/deb_1649_1.nasl |
2008-09-24 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox34.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-270-01 mozilla-thunderbird File : nvt/esoft_slk_ssa_2008_270_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-269-02 seamonkey File : nvt/esoft_slk_ssa_2008_269_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-269-01 mozilla-firefox File : nvt/esoft_slk_ssa_2008_269_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
48780 | Mozilla Multiple Products URL Parsing Implementation Crafted UTF-8 URL Arbitr... |
48773 | Mozilla Multiple Product nsXMLDocument::OnChannelRedirect Function Same Origi... |
48772 | Mozilla Multiple Products News Article Header Handling Overflow |
48771 | Mozilla Firefox HTML Escaped Low Surrogates XSS |
48770 | Mozilla Firefox XPConnect Component SCRIPT Element Privileged Code Execution |
48769 | Mozilla Multiple Products resource URI Traversal Access Restriction Bypass |
48761 | Mozilla Multiple Products on Linux URL-encoded resource URI Traversal Arbitra... |
48760 | Mozilla Multiple Products Stripped BOM Character XSS |
48759 | Mozilla Multiple Products MathML Component rowspan Attribute Handling Memory ... |
48751 | Mozilla Multiple Products nsJSNPRuntime.cpp nsNPObjWrapper::GetNewOrUsed Func... |
48750 | Mozilla Multiple Products nsEscape.cpp nsEscapeCount Function Memory Corruption |
48749 | Mozilla Multiple Products jsxml.c Namespace / Qname Characteristic Handling M... |
48748 | Mozilla Multiple Products XSLT Arbitrary Script Execution |
48747 | Mozilla Multiple Products document.loadBindingDocument() Arbitrary Script Exe... |
48746 | Mozilla Multiple Products XPCNativeWrappers Pollution Arbitrary Code Execution |
Snort® IPS/IDS
Date | Description |
---|---|
2017-08-29 | Mozilla Firefox BOM character cross site scripting attempt RuleID : 43749 - Revision : 2 - Type : BROWSER-FIREFOX |
2017-08-29 | Mozilla Firefox BOM character cross site scripting attempt RuleID : 43748 - Revision : 2 - Type : BROWSER-FIREFOX |
2017-08-23 | Mozilla products obfuscated cross site scripting attempt RuleID : 43673 - Revision : 3 - Type : BROWSER-FIREFOX |
2017-08-23 | Mozilla products obfuscated cross site scripting attempt RuleID : 43672 - Revision : 3 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox UTF-8 URL Handling Stack Buffer Overflow RuleID : 17519 - Revision : 9 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0879.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0882.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0908.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-645-2.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080923_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080923_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20081001_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0879.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-081002.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaThunderbird-081003.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_mozilla-xulrunner181-081002.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_mozilla-xulrunner190-081002.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_seamonkey-081003.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-647-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-645-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-206.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-645-3.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-205.nasl - Type : ACT_GATHER_INFO |
2009-01-08 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1696.nasl - Type : ACT_GATHER_INFO |
2009-01-08 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1697.nasl - Type : ACT_GATHER_INFO |
2008-11-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1669.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9859.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9807.nasl - Type : ACT_GATHER_INFO |
2008-10-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1649.nasl - Type : ACT_GATHER_INFO |
2008-10-08 | Name : The remote openSUSE host is missing a security update. File : suse_mozilla-xulrunner181-5656.nasl - Type : ACT_GATHER_INFO |
2008-10-08 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gecko-sdk-5654.nasl - Type : ACT_GATHER_INFO |
2008-10-07 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5657.nasl - Type : ACT_GATHER_INFO |
2008-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-5655.nasl - Type : ACT_GATHER_INFO |
2008-10-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0908.nasl - Type : ACT_GATHER_INFO |
2008-10-02 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0908.nasl - Type : ACT_GATHER_INFO |
2008-10-01 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-5640.nasl - Type : ACT_GATHER_INFO |
2008-10-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5644.nasl - Type : ACT_GATHER_INFO |
2008-09-29 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-8425.nasl - Type : ACT_GATHER_INFO |
2008-09-29 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8401.nasl - Type : ACT_GATHER_INFO |
2008-09-29 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-8399.nasl - Type : ACT_GATHER_INFO |
2008-09-29 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8429.nasl - Type : ACT_GATHER_INFO |
2008-09-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-270-01.nasl - Type : ACT_GATHER_INFO |
2008-09-26 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-269-01.nasl - Type : ACT_GATHER_INFO |
2008-09-26 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-269-02.nasl - Type : ACT_GATHER_INFO |
2008-09-26 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20017.nasl - Type : ACT_GATHER_INFO |
2008-09-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0882.nasl - Type : ACT_GATHER_INFO |
2008-09-24 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_1112.nasl - Type : ACT_GATHER_INFO |
2008-09-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0882.nasl - Type : ACT_GATHER_INFO |
2008-09-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0879.nasl - Type : ACT_GATHER_INFO |
2008-09-24 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_302.nasl - Type : ACT_GATHER_INFO |
2008-09-24 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_20017.nasl - Type : ACT_GATHER_INFO |
2008-09-24 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2273879e8a2f11dda6fe0030843d3802.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:39:43 |
|