Executive Summary

Informations
NameMDVSA-2009:134First vendor Publication2009-06-17
VendorMandrivaLast vendor Modification2009-06-17
Severity (Vendor) N/ARevisionN/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Security vulnerabilities have been discovered and corrected in Mozilla Firefox 3.x:

CVE-2009-1392: Firefox browser engine crashes CVE-2009-1832: Firefox double frame construction flaw CVE-2009-1833: Firefox JavaScript engine crashes CVE-2009-1834: Firefox URL spoofing with invalid unicode characters CVE-2009-1835: Firefox Arbitrary domain cookie access by local file: resources CVE-2009-1836: Firefox SSL tampering via non-200 responses to proxy CONNECT requests CVE-2009-1837: Firefox Race condition while accessing the private data of a NPObject JS wrapper class object CVE-2009-1838: Firefox arbitrary code execution flaw CVE-2009-1839: Firefox information disclosure flaw CVE-2009-1840: Firefox XUL scripts skip some security checks CVE-2009-1841: Firefox JavaScript arbitrary code execution CVE-2009-2043: firefox - remote TinyMCE denial of service CVE-2009-2044: firefox - remote GIF denial of service CVE-2009-2061: firefox - man-in-the-middle exploit CVE-2009-2065: firefox - man-in-the-middle exploit

This update provides the latest Mozilla Firefox 3.x to correct these issues.

Additionally, some packages which require so, have been rebuilt and are being provided as updates.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2009:134

CWE : Common Weakness Enumeration

idName
CWE-94Failure to Control Generation of Code ('Code Injection')
CWE-20Improper Input Validation
CWE-287Improper Authentication
CWE-264Permissions, Privileges, and Access Controls
CWE-362Race Condition
CWE-310Cryptographic Issues
CWE-200Information Exposure

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:9501
 
Oval ID: oval:org.mitre.oval:def:9501
Title: The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsEventStateManager::GetContentState and nsNativeTheme::CheckBooleanAttr; (2) UnhookTextRunFromFrames and ClearAllTextRunReferences; (3) nsTextFrame::ClearTextRun; (4) IsPercentageAware; (5) PL_DHashTableFinish; (6) nsListBoxBodyFrame::GetNextItemBox; (7) AtomTableClearEntry, related to the atom table, DOM mutation events, and Unicode surrogates; (8) nsHTMLEditor::HideResizers; and (9) nsWindow::SetCursor, related to changing the cursor; and other vectors.
Description: The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsEventStateManager::GetContentState and nsNativeTheme::CheckBooleanAttr; (2) UnhookTextRunFromFrames and ClearAllTextRunReferences; (3) nsTextFrame::ClearTextRun; (4) IsPercentageAware; (5) PL_DHashTableFinish; (6) nsListBoxBodyFrame::GetNextItemBox; (7) AtomTableClearEntry, related to the atom table, DOM mutation events, and Unicode surrogates; (8) nsHTMLEditor::HideResizers; and (9) nsWindow::SetCursor, related to changing the cursor; and other vectors.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1392
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10237
 
Oval ID: oval:org.mitre.oval:def:10237
Title: Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors involving "double frame construction."
Description: Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors involving "double frame construction."
Family: unix Class: vulnerability
Reference(s): CVE-2009-1832
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11487
 
Oval ID: oval:org.mitre.oval:def:11487
Title: The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) js_LeaveSharpObject, (2) ParseXMLSource, and (3) a certain assertion in jsinterp.c; and other vectors.
Description: The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) js_LeaveSharpObject, (2) ParseXMLSource, and (3) a certain assertion in jsinterp.c; and other vectors.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1833
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10436
 
Oval ID: oval:org.mitre.oval:def:10436
Title: Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote attackers to spoof the location bar via an IDN with invalid Unicode characters that are displayed as whitespace, as demonstrated by the \u115A through \u115E characters.
Description: Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote attackers to spoof the location bar via an IDN with invalid Unicode characters that are displayed as whitespace, as demonstrated by the \u115A through \u115E characters.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1834
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9803
 
Oval ID: oval:org.mitre.oval:def:9803
Title: Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate local documents with external domain names located after the file:// substring in a URL, which allows user-assisted remote attackers to read arbitrary cookies via a crafted HTML document, as demonstrated by a URL with file://example.com/C:/ at the beginning.
Description: Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate local documents with external domain names located after the file:// substring in a URL, which allows user-assisted remote attackers to read arbitrary cookies via a crafted HTML document, as demonstrated by a URL with file://example.com/C:/ at the beginning.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1835
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11764
 
Oval ID: oval:org.mitre.oval:def:11764
Title: Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.
Description: Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1836
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10628
 
Oval ID: oval:org.mitre.oval:def:10628
Title: Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-free vulnerability for memory associated with a destroyed Java object.
Description: Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-free vulnerability for memory associated with a destroyed Java object.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1837
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11080
 
Oval ID: oval:org.mitre.oval:def:11080
Title: The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted event handler, related to an incorrect context for this event handler.
Description: The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted event handler, related to an incorrect context for this event handler.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1838
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9256
 
Oval ID: oval:org.mitre.oval:def:9256
Title: Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack.
Description: Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1839
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9448
 
Oval ID: oval:org.mitre.oval:def:9448
Title: Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check content policy before loading a script file into a XUL document, which allows remote attackers to bypass intended access restrictions via a crafted HTML document, as demonstrated by a "web bug" in an e-mail message, or web script or an advertisement in a web page.
Description: Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check content policy before loading a script file into a XUL document, which allows remote attackers to bypass intended access restrictions via a crafted HTML document, as demonstrated by a "web bug" in an e-mail message, or web script or an advertisement in a web page.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1840
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9815
 
Oval ID: oval:org.mitre.oval:def:9815
Title: js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object, as demonstrated by the browser sidebar and the FeedWriter.
Description: js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object, as demonstrated by the browser sidebar and the FeedWriter.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1841
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22817
 
Oval ID: oval:org.mitre.oval:def:22817
Title: ELSA-2009:1095: firefox security update (Critical)
Description: js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object, as demonstrated by the browser sidebar and the FeedWriter.
Family: unix Class: patch
Reference(s): ELSA-2009:1095-01
CVE-2009-1392
CVE-2009-1832
CVE-2009-1833
CVE-2009-1834
CVE-2009-1835
CVE-2009-1836
CVE-2009-1837
CVE-2009-1838
CVE-2009-1839
CVE-2009-1840
CVE-2009-1841
Version: 46
Platform(s): Oracle Linux 5
Oracle Linux 4
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application106
Application33
Application71

OpenVAS Exploits

DateDescription
2011-08-09Name : CentOS Update for firefox CESA-2009:1095 centos5 i386
File : nvt/gb_CESA-2009_1095_firefox_centos5_i386.nasl
2011-08-09Name : CentOS Update for seamonkey CESA-2009:1096 centos3 i386
File : nvt/gb_CESA-2009_1096_seamonkey_centos3_i386.nasl
2011-08-09Name : CentOS Update for thunderbird CESA-2009:1126 centos5 i386
File : nvt/gb_CESA-2009_1126_thunderbird_centos5_i386.nasl
2009-10-11Name : SLES11: Security update for MozillaFirefox
File : nvt/sles11_MozillaFirefox3.nasl
2009-10-10Name : SLES9: Security update for epiphany
File : nvt/sles9p5059920.nasl
2009-08-17Name : Mandrake Security Advisory MDVSA-2009:185 (firefox)
File : nvt/mdksa_2009_185.nasl
2009-07-29Name : Debian Security Advisory DSA 1830-1 (icedove)
File : nvt/deb_1830_1.nasl
2009-07-29Name : Ubuntu USN-799-1 (dbus)
File : nvt/ubuntu_799_1.nasl
2009-07-29Name : Ubuntu USN-801-1 (tiff)
File : nvt/ubuntu_801_1.nasl
2009-07-29Name : Ubuntu USN-802-1 (apache2)
File : nvt/ubuntu_802_1.nasl
2009-07-29Name : Fedora Core 10 FEDORA-2009-7567 (seamonkey)
File : nvt/fcore_2009_7567.nasl
2009-07-29Name : Fedora Core 11 FEDORA-2009-7614 (seamonkey)
File : nvt/fcore_2009_7614.nasl
2009-06-30Name : RedHat Security Advisory RHSA-2009:1125
File : nvt/RHSA_2009_1125.nasl
2009-06-30Name : RedHat Security Advisory RHSA-2009:1126
File : nvt/RHSA_2009_1126.nasl
2009-06-30Name : Mandrake Security Advisory MDVSA-2009:141 (mozilla-thunderbird)
File : nvt/mdksa_2009_141.nasl
2009-06-30Name : Ubuntu USN-782-1 (thunderbird)
File : nvt/ubuntu_782_1.nasl
2009-06-30Name : Ubuntu USN-792-1 (openssl)
File : nvt/ubuntu_792_1.nasl
2009-06-30Name : CentOS Security Advisory CESA-2009:1126 (thunderbird)
File : nvt/ovcesa2009_1126.nasl
2009-06-23Name : Debian Security Advisory DSA 1820-1 (xulrunner)
File : nvt/deb_1820_1.nasl
2009-06-23Name : Mandrake Security Advisory MDVSA-2009:134 (firefox)
File : nvt/mdksa_2009_134.nasl
2009-06-23Name : Ubuntu USN-779-1 (xulrunner-1.9)
File : nvt/ubuntu_779_1.nasl
2009-06-23Name : SuSE Security Advisory SUSE-SA:2009:034 (MozillaFirefox)
File : nvt/suse_sa_2009_034.nasl
2009-06-23Name : Fedora Core 10 FEDORA-2009-6366 (firefox)
File : nvt/fcore_2009_6366.nasl
2009-06-23Name : Fedora Core 9 FEDORA-2009-6411 (firefox)
File : nvt/fcore_2009_6411.nasl
2009-06-23Name : CentOS Security Advisory CESA-2009:1095 (firefox)
File : nvt/ovcesa2009_1095.nasl
2009-06-16Name : Mozilla Firefox Multiple Vulnerability Jun-09 (Linux)
File : nvt/gb_firefox_mult_vuln_jun09_lin.nasl
2009-06-16Name : Mozilla Firefox Multiple Vulnerability Jun-09 (Win)
File : nvt/gb_firefox_mult_vuln_jun09_win.nasl
2009-06-16Name : Mozilla Seamonkey Multiple Vulnerability Jun-09 (Linux)
File : nvt/gb_seamonkey_mult_vuln_jun09_lin.nasl
2009-06-16Name : Mozilla Seamonkey Multiple Vulnerability Jun-09 (Win)
File : nvt/gb_seamonkey_mult_vuln_jun09_win.nasl
2009-06-16Name : Mozilla Thunderbird Multiple Vulnerability Jun-09 (Linux)
File : nvt/gb_thunderbird_mult_vuln_jun09_lin.nasl
2009-06-16Name : Mozilla Thunderbird Multiple Vulnerability Jun-09 (Win)
File : nvt/gb_thunderbird_mult_vuln_jun09_win.nasl
2009-06-15Name : RedHat Security Advisory RHSA-2009:1095
File : nvt/RHSA_2009_1095.nasl
2009-06-15Name : RedHat Security Advisory RHSA-2009:1096
File : nvt/RHSA_2009_1096.nasl
2009-06-15Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox39.nasl
2009-06-15Name : CentOS Security Advisory CESA-2009:1096 (seamonkey)
File : nvt/ovcesa2009_1096.nasl
0000-00-00Name : Slackware Advisory SSA:2009-167-01 mozilla-firefox
File : nvt/esoft_slk_ssa_2009_167_01.nasl
0000-00-00Name : Slackware Advisory SSA:2009-176-01 seamonkey
File : nvt/esoft_slk_ssa_2009_176_01.nasl
0000-00-00Name : Slackware Advisory SSA:2009-178-01 mozilla-thunderbird
File : nvt/esoft_slk_ssa_2009_178_01.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
56484Mozilla Firefox iFrame HTTP / HTTPS Content Detection Weakness
56471Mozilla Firefox on Linux BODY Element BACKGROUND Attribute Handling DoS
55197Mozilla Firefox nsViewManager.cpp TinyMCE Interaction Remote DoS
55164Mozilla Firefox xul.dll nsJSNPRuntime.cpp NPObjWrapper_NewResolve Function Ra...
55163Mozilla Firefox Location Bar file: URL Principal Assocation Access Restrictio...
55162Mozilla Multiple Products Invalid Unicode Character Title Bar Spoofing
55161Mozilla Multiple Products file: Resource Cross Domain Arbitrary Cookie Access
55160Mozilla Multiple Products Proxy Server CONNECT Response Manipulation SSL MiTM...
55159Mozilla Multiple Products xpcwrappedjsclass.cpp JavaScript Chrome Privilege E...
55158Mozilla Multiple Products XUL Document Script Loading Content Policy Bypass
55157Mozilla Multiple Products Garbage-collection Implementation Crafted Event Han...
55155Mozilla Multiple Products JavaScript Engine Unspecified Memory Corruption
55154Mozilla Multiple Products JavaScript Engine jsinterp.c c.hasOwnProperty Memor...
55153Mozilla Multiple Products JavaScript Engine jsxml.c ParseXMLSource Memory Cor...
55152Mozilla Multiple Products JavaScript Engine js_LeaveSharpObject Memory Corrup...
55148Mozilla Multiple Products Double Frame Construction Memory Corruption
55147Mozilla Multiple Products Browser Engine Multiple Unspecified Memory Corruption
55146Mozilla Multiple Products Browser Engine xulrunner nsWindow::SetCursor Functi...
55145Mozilla Multiple Products Browser Engine nsHTMLEditor::HideResizers contentEd...
55144Mozilla Multiple Products Browser Engine AtomTableClearEntry Multiple Method ...
55143Mozilla Multiple Products Browser Engine nsListBoxBodyFrame::GetNextItemBox x...
55142Mozilla Multiple Products Browser Engine PL_DHashTableFinish style Tag Handli...
55141Mozilla Multiple Products Browser Engine IsPercentageAware Function Memory Co...
55140Mozilla Multiple Products Browser Engine nsTextFrame::ClearTextRun Accessibil...
55139Mozilla Multiple Products Browser Engine UnhookTextRunFromFrames / ClearAllTe...
55138Mozilla Multiple Products Browser Engine nsEventStateManager::GetContentState...
55133Mozilla Firefox HTTP Host Header Proxy Server CONNECT Response Document Conte...

Snort® IPS/IDS

DateDescription
2014-01-10Mozilla Firefox browser engine memory corruption attempt
RuleID : 17613 - Revision : 6 - Type : BROWSER-FIREFOX

Nessus® Vulnerability Scanner

DateDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1095.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1096.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2009-1125.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2009-1126.nasl - Type : ACT_GATHER_INFO
2013-01-08Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090611_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090611_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing a security update.
File : sl_20090625_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2010-02-24Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1830.nasl - Type : ACT_GATHER_INFO
2010-01-06Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1095.nasl - Type : ACT_GATHER_INFO
2010-01-06Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2009-1126.nasl - Type : ACT_GATHER_INFO
2009-10-30Name : The remote SuSE system is missing the security patch seamonkey-6538
File : suse_seamonkey-6538.nasl - Type : ACT_GATHER_INFO
2009-10-22Name : The remote SuSE system is missing a security patch for seamonkey
File : suse_11_1_seamonkey-091007.nasl - Type : ACT_GATHER_INFO
2009-10-22Name : The remote SuSE system is missing a security patch for seamonkey
File : suse_11_0_seamonkey-091007.nasl - Type : ACT_GATHER_INFO
2009-10-07Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12519.nasl - Type : ACT_GATHER_INFO
2009-10-06Name : The remote SuSE system is missing the security patch MozillaThunderbird-6347
File : suse_MozillaThunderbird-6347.nasl - Type : ACT_GATHER_INFO
2009-09-24Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_MozillaFirefox-090615.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote SuSE system is missing a security patch for MozillaFirefox
File : suse_11_1_MozillaFirefox-090615.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote SuSE system is missing a security patch for MozillaThunderbird
File : suse_11_1_MozillaThunderbird-090710.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote SuSE system is missing a security patch for MozillaFirefox
File : suse_11_0_MozillaFirefox-090615.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote SuSE system is missing a security patch for MozillaThunderbird
File : suse_11_0_MozillaThunderbird-090710.nasl - Type : ACT_GATHER_INFO
2009-07-17Name : The remote Fedora host is missing a security update.
File : fedora_2009-7567.nasl - Type : ACT_GATHER_INFO
2009-07-17Name : The remote Fedora host is missing a security update.
File : fedora_2009-7614.nasl - Type : ACT_GATHER_INFO
2009-06-28Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-178-01.nasl - Type : ACT_GATHER_INFO
2009-06-28Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-141.nasl - Type : ACT_GATHER_INFO
2009-06-26Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-176-01.nasl - Type : ACT_GATHER_INFO
2009-06-26Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-782-1.nasl - Type : ACT_GATHER_INFO
2009-06-26Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2009-1125.nasl - Type : ACT_GATHER_INFO
2009-06-23Name : The remote Windows host contains a mail client that is affected by multiple v...
File : mozilla_thunderbird_20022.nasl - Type : ACT_GATHER_INFO
2009-06-23Name : A web browser on the remote host is affected by multiple vulnerabilities.
File : seamonkey_1117.nasl - Type : ACT_GATHER_INFO
2009-06-19Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1820.nasl - Type : ACT_GATHER_INFO
2009-06-18Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-134.nasl - Type : ACT_GATHER_INFO
2009-06-17Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-167-01.nasl - Type : ACT_GATHER_INFO
2009-06-16Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-6366.nasl - Type : ACT_GATHER_INFO
2009-06-16Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-6411.nasl - Type : ACT_GATHER_INFO
2009-06-15Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_da185955573811deb857000f20797ede.nasl - Type : ACT_GATHER_INFO
2009-06-15Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1096.nasl - Type : ACT_GATHER_INFO
2009-06-15Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-779-1.nasl - Type : ACT_GATHER_INFO
2009-06-12Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1095.nasl - Type : ACT_GATHER_INFO
2009-06-12Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1096.nasl - Type : ACT_GATHER_INFO
2009-06-12Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_3011.nasl - Type : ACT_GATHER_INFO
2009-04-28Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_3010.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2014-02-17 11:40:22
  • Multiple Updates