Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2012:088 | First vendor Publication | 2012-06-09 |
Vendor | Mandriva | Last vendor Modification | 2012-06-09 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Security issues were identified and fixed in mozilla firefox and thunderbird: Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure (CVE-2012-1947) Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by changing the size of a container of absolutely positioned elements in a column (CVE-2012-1940). Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns (CVE-2012-1941). Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow remote attackers to execute arbitrary code via document changes involving replacement or insertion of a node (CVE-2012-1946). Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba (CVE-2012-1945). The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document (CVE-2012-1944). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components (CVE-2012-1938). jsinfer.cpp in Mozilla Firefox ESR 10.x before 10.0.5 and Thunderbird ESR 10.x before 10.0.5 does not properly determine data types, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted JavaScript code (CVE-2012-1939). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2012-1937). Ken Russell of Google reported a bug in NVIDIA graphics drivers that they needed to work around in the Chromium WebGL implementation. Mozilla has done the same in Firefox 13 and ESR 10.0.5 (CVE-2011-3101). The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response (CVE-2012-0441). NOTE: This flaw was addressed earlier with the MDVA-2012:036 advisory. The mozilla firefox and thunderbird packages has been upgraded to the latest respective versions which is unaffected by these security flaws. Additionally the NSPR and the NSS packages has been upgraded to the latest versions which resolves various upstream bugs. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2012:088 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
25 % | CWE-399 | Resource Management Errors |
12 % | CWE-200 | Information Exposure |
12 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:16701 | |||
Oval ID: | oval:org.mitre.oval:def:16701 | ||
Title: | The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response. | ||
Description: | The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0441 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16743 | |||
Oval ID: | oval:org.mitre.oval:def:16743 | ||
Title: | Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba. | ||
Description: | Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1945 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16911 | |||
Oval ID: | oval:org.mitre.oval:def:16911 | ||
Title: | Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure. | ||
Description: | Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1947 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16985 | |||
Oval ID: | oval:org.mitre.oval:def:16985 | ||
Title: | Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns. | ||
Description: | Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1941 | Version: | 22 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17005 | |||
Oval ID: | oval:org.mitre.oval:def:17005 | ||
Title: | The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document. | ||
Description: | The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1944 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17010 | |||
Oval ID: | oval:org.mitre.oval:def:17010 | ||
Title: | Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow remote attackers to execute arbitrary code via document changes involving replacement or insertion of a node. | ||
Description: | Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow remote attackers to execute arbitrary code via document changes involving replacement or insertion of a node. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1946 | Version: | 22 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17054 | |||
Oval ID: | oval:org.mitre.oval:def:17054 | ||
Title: | Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by changing the size of a container of absolutely positioned elements in a column. | ||
Description: | Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by changing the size of a container of absolutely positioned elements in a column. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1940 | Version: | 22 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17055 | |||
Oval ID: | oval:org.mitre.oval:def:17055 | ||
Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1937 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17058 | |||
Oval ID: | oval:org.mitre.oval:def:17058 | ||
Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components. | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1938 | Version: | 19 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17479 | |||
Oval ID: | oval:org.mitre.oval:def:17479 | ||
Title: | USN-1540-1 -- nss vulnerability | ||
Description: | NSS could be made to crash if it opened a specially crafted certificate. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1540-1 CVE-2012-0441 | Version: | 7 |
Platform(s): | Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 | Product(s): | nss |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17872 | |||
Oval ID: | oval:org.mitre.oval:def:17872 | ||
Title: | USN-1463-4 -- thunderbird vulnerabilities | ||
Description: | Several security issues were fixed in Thunderbird. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1463-4 CVE-2012-1937 CVE-2012-1938 CVE-2011-3101 CVE-2012-1944 CVE-2012-1945 CVE-2012-1946 CVE-2012-0441 CVE-2012-1940 CVE-2012-1941 CVE-2012-1947 | Version: | 7 |
Platform(s): | Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17873 | |||
Oval ID: | oval:org.mitre.oval:def:17873 | ||
Title: | USN-1463-6 -- thunderbird vulnerabilities | ||
Description: | Several security issues were fixed in Thunderbird. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1463-6 CVE-2012-1937 CVE-2012-1938 CVE-2011-3101 CVE-2012-1944 CVE-2012-1945 CVE-2012-1946 CVE-2012-0441 CVE-2012-1940 CVE-2012-1941 CVE-2012-1947 | Version: | 7 |
Platform(s): | Ubuntu 11.04 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17891 | |||
Oval ID: | oval:org.mitre.oval:def:17891 | ||
Title: | USN-1463-3 -- firefox regressions | ||
Description: | USN-1463-1 introduced regressions in Firefox. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1463-3 CVE-2012-1937 CVE-2012-1938 CVE-2011-3101 CVE-2012-1944 CVE-2012-1945 CVE-2012-1946 CVE-2012-0441 CVE-2012-1940 CVE-2012-1941 CVE-2012-1947 | Version: | 7 |
Platform(s): | Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 | Product(s): | firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17939 | |||
Oval ID: | oval:org.mitre.oval:def:17939 | ||
Title: | USN-1463-1 -- firefox vulnerabilities | ||
Description: | Several security issues were fixed in Firefox. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1463-1 CVE-2012-1937 CVE-2012-1938 CVE-2011-3101 CVE-2012-1944 CVE-2012-1945 CVE-2012-1946 CVE-2012-0441 CVE-2012-1940 CVE-2012-1941 CVE-2012-1947 | Version: | 7 |
Platform(s): | Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 | Product(s): | firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17984 | |||
Oval ID: | oval:org.mitre.oval:def:17984 | ||
Title: | USN-1540-2 -- nss vulnerability | ||
Description: | NSS could be made to crash if it opened a specially crafted certificate. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1540-2 CVE-2012-0441 | Version: | 7 |
Platform(s): | Ubuntu 12.04 | Product(s): | nss |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18563 | |||
Oval ID: | oval:org.mitre.oval:def:18563 | ||
Title: | DSA-2499-1 icedove - several | ||
Description: | Several vulnerabilities have been discovered in Icedove, the Debian version of the Mozilla Thunderbird mail/news client. There were miscellaneous memory safety hazards (<a href="http://security-tracker.debian.org/tracker/CVE-2012-1937">CVE-2012-1937</a>, <a href="http://security-tracker.debian.org/tracker/CVE-2012-1939">CVE-2012-1939</a>) and a use-after-free issue (<a href="http://security-tracker.debian.org/tracker/CVE-2012-1940">CVE-2012-1940</a>). | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2499-1 CVE-2012-1937 CVE-2012-1939 CVE-2012-1940 | Version: | 7 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | icedove |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18648 | |||
Oval ID: | oval:org.mitre.oval:def:18648 | ||
Title: | DSA-2489-1 iceape - several vulnerabilities | ||
Description: | Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2489-1 CVE-2012-1937 CVE-2012-1940 CVE-2012-1947 | Version: | 7 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | iceape |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19603 | |||
Oval ID: | oval:org.mitre.oval:def:19603 | ||
Title: | DSA-2490-1 nss - denial of service | ||
Description: | Kaspar Brand discovered that Mozilla's Network Security Services (NSS) libraries did insufficient length checking in the QuickDER decoder, allowing to crash a program using the libraries. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2490-1 CVE-2012-0441 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | nss |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20082 | |||
Oval ID: | oval:org.mitre.oval:def:20082 | ||
Title: | DSA-2488-1 iceweasel - several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2488-1 CVE-2012-1937 CVE-2012-1940 CVE-2012-1947 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20669 | |||
Oval ID: | oval:org.mitre.oval:def:20669 | ||
Title: | VMware security updates for vSphere API and ESX Service Console | ||
Description: | The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-0441 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21249 | |||
Oval ID: | oval:org.mitre.oval:def:21249 | ||
Title: | RHSA-2012:1091: nss, nspr, and nss-util security, bug fix, and enhancement update (Moderate) | ||
Description: | The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1091-01 CESA-2012:1091 CVE-2012-0441 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | nspr nss nss-util |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21417 | |||
Oval ID: | oval:org.mitre.oval:def:21417 | ||
Title: | RHSA-2012:0715: thunderbird security update (Critical) | ||
Description: | Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0715-01 CESA-2012:0715 CVE-2011-3101 CVE-2012-1937 CVE-2012-1938 CVE-2012-1939 CVE-2012-1940 CVE-2012-1941 CVE-2012-1944 CVE-2012-1945 CVE-2012-1946 CVE-2012-1947 | Version: | 133 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21427 | |||
Oval ID: | oval:org.mitre.oval:def:21427 | ||
Title: | RHSA-2012:0710: firefox security update (Critical) | ||
Description: | Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0710-01 CESA-2012:0710 CVE-2011-3101 CVE-2012-1937 CVE-2012-1938 CVE-2012-1939 CVE-2012-1940 CVE-2012-1941 CVE-2012-1944 CVE-2012-1945 CVE-2012-1946 CVE-2012-1947 | Version: | 133 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21561 | |||
Oval ID: | oval:org.mitre.oval:def:21561 | ||
Title: | RHSA-2012:1090: nss and nspr security, bug fix, and enhancement update (Moderate) | ||
Description: | The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1090-00 CESA-2012:1090 CVE-2012-0441 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | nspr nss |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23212 | |||
Oval ID: | oval:org.mitre.oval:def:23212 | ||
Title: | ELSA-2012:0715: thunderbird security update (Critical) | ||
Description: | Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0715-01 CVE-2011-3101 CVE-2012-1937 CVE-2012-1938 CVE-2012-1939 CVE-2012-1940 CVE-2012-1941 CVE-2012-1944 CVE-2012-1945 CVE-2012-1946 CVE-2012-1947 | Version: | 45 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23334 | |||
Oval ID: | oval:org.mitre.oval:def:23334 | ||
Title: | DEPRECATED: ELSA-2012:0710: firefox security update (Critical) | ||
Description: | Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0710-01 CVE-2011-3101 CVE-2012-1937 CVE-2012-1938 CVE-2012-1939 CVE-2012-1940 CVE-2012-1941 CVE-2012-1944 CVE-2012-1945 CVE-2012-1946 CVE-2012-1947 | Version: | 46 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23351 | |||
Oval ID: | oval:org.mitre.oval:def:23351 | ||
Title: | ELSA-2012:1090: nss and nspr security, bug fix, and enhancement update (Moderate) | ||
Description: | The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1090-00 CVE-2012-0441 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | nspr nss |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23793 | |||
Oval ID: | oval:org.mitre.oval:def:23793 | ||
Title: | ELSA-2012:0710: firefox security update (Critical) | ||
Description: | Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0710-01 CVE-2011-3101 CVE-2012-1937 CVE-2012-1938 CVE-2012-1939 CVE-2012-1940 CVE-2012-1941 CVE-2012-1944 CVE-2012-1945 CVE-2012-1946 CVE-2012-1947 | Version: | 45 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23800 | |||
Oval ID: | oval:org.mitre.oval:def:23800 | ||
Title: | ELSA-2012:1091: nss, nspr, and nss-util security, bug fix, and enhancement update (Moderate) | ||
Description: | The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1091-01 CVE-2012-0441 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | nspr nss nss-util |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23826 | |||
Oval ID: | oval:org.mitre.oval:def:23826 | ||
Title: | DEPRECATED: ELSA-2012:0715: thunderbird security update (Critical) | ||
Description: | Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0715-01 CVE-2011-3101 CVE-2012-1937 CVE-2012-1938 CVE-2012-1939 CVE-2012-1940 CVE-2012-1941 CVE-2012-1944 CVE-2012-1945 CVE-2012-1946 CVE-2012-1947 | Version: | 45 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26986 | |||
Oval ID: | oval:org.mitre.oval:def:26986 | ||
Title: | DEPRECATED: ELSA-2012-1090 -- nss and nspr security, bug fix, and enhancement update (moderate) | ||
Description: | nspr [4.9.1-4] - Resolves: rhbz#834219 - Fix postinstall scriptlet failures - Fix %post and %postun lines per packaging guidelines - Updated License: to MPLv2.0 per upstream [4.9.1-3] - Resolves: rhbz#834219 - Ensure nspr-config.in changes get applied [4.9.1-2] - Resolves: rhbz#834219 - restore top section of nspr-config-pc.patch - Needed to prevent multilib regressions nss [3.13.5-4.0.1.el5_8 ] - Update clean.gif in the tarball [3.13.5-4] - Related: rhbz#834219 - Fix ia64 / i386 multilib nss install failure - Remove no longer needed %pre and %preun scriplets meant for nss updates from RHEL-5.0 [3.13.5-3] - Resolves: rhbz#834219 - Fix the changes to the %post line - Having multiple commands requires that /sbin/lconfig be the beginning of the scriptlet [3.13.5-2] - Resolves: rhbz#834219 - Fix multilib and scriptlet problems - Fix %post and %postun lines per packaging guildelines - Add %{?_isa} to tools Requires: per packaging guidelines - Fix explicit-lib-dependency zlib error reported by rpmlint [3.13.5-1] - Resolves: rhbz#834219 - Update RHEL 5.x to NSS 3.13.5 and NSPR 4.9.1 for Mozilla 10.0.6 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1090 CVE-2012-0441 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | nspr nss |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27448 | |||
Oval ID: | oval:org.mitre.oval:def:27448 | ||
Title: | DEPRECATED: ELSA-2012-0710 -- firefox security update (critical) | ||
Description: | firefox: [10.0.5-1.0.1.el6_2] - Replace firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js [10.0.5-1] - Update to 10.0.5 ESR xulrunner: [10.0.5-1.0.1.el6_2] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [10.0.5-1] - Update to 10.0.5 ESR [10.0.4-2] - Added patch for mozbz#703633 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0710 CVE-2011-3101 CVE-2012-1937 CVE-2012-1938 CVE-2012-1939 CVE-2012-1940 CVE-2012-1941 CVE-2012-1944 CVE-2012-1945 CVE-2012-1946 CVE-2012-1947 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27686 | |||
Oval ID: | oval:org.mitre.oval:def:27686 | ||
Title: | DEPRECATED: ELSA-2012-1091 -- nss, nspr, and nss-util security, bug fix, and enhancement update (moderate) | ||
Description: | nspr [4.9.1-2] - Related: rhbz#833762 - Update License to MPLv2.0 [4.9.1-1] - Resolves: rhbz#833762 - Update to NSPR_4_9_1_RTM nss [3.13.5-1.0.1.el6_3 ] - Added nss-vendor.patch to change vendor - Use blank image instead of clean.gif in tar ball [3.13.5-1] - Resolves: rhbz#834100 - Update to 3.13.5 for mozilla 10.0.6 nss-util [3.13.5-1] - Resolves: rhbz#833763 - Update to 3.13.5 for Mozilla 10.0.6 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1091 CVE-2012-0441 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | nspr nss nss-util |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27864 | |||
Oval ID: | oval:org.mitre.oval:def:27864 | ||
Title: | DEPRECATED: ELSA-2012-0715 -- thunderbird security update (critical) | ||
Description: | [10.0.5-2.0.1.el6_2] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [10.0.5-2] - Update to 10.0.5 ESR | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0715 CVE-2011-3101 CVE-2012-1937 CVE-2012-1938 CVE-2012-1939 CVE-2012-1940 CVE-2012-1941 CVE-2012-1944 CVE-2012-1945 CVE-2012-1946 CVE-2012-1947 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-12-13 | Name : SuSE Update for MozillaFirefox, openSUSE-SU-2012:0760-1 (MozillaFirefox,) File : nvt/gb_suse_2012_0760_1.nasl |
2012-12-13 | Name : SuSE Update for update openSUSE-SU-2012:0656-1 (update) File : nvt/gb_suse_2012_0656_1.nasl |
2012-11-16 | Name : VMSA-2012-0016: VMware security updates for vSphere API and ESX Service Console File : nvt/gb_VMSA-2012-0016.nasl |
2012-08-24 | Name : Ubuntu Update for nss USN-1540-2 File : nvt/gb_ubuntu_USN_1540_2.nasl |
2012-08-17 | Name : Ubuntu Update for nss USN-1540-1 File : nvt/gb_ubuntu_USN_1540_1.nasl |
2012-08-10 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox68.nasl |
2012-08-10 | Name : Debian Security Advisory DSA 2489-1 (iceape) File : nvt/deb_2489_1.nasl |
2012-08-10 | Name : Debian Security Advisory DSA 2490-1 (nss) File : nvt/deb_2490_1.nasl |
2012-08-10 | Name : Debian Security Advisory DSA 2488-1 (iceweasel) File : nvt/deb_2488_1.nasl |
2012-08-10 | Name : Debian Security Advisory DSA 2499-1 (icedove) File : nvt/deb_2499_1.nasl |
2012-08-03 | Name : Mandriva Update for mozilla MDVSA-2012:088 (mozilla) File : nvt/gb_mandriva_MDVSA_2012_088.nasl |
2012-07-30 | Name : CentOS Update for firefox CESA-2012:0710 centos5 File : nvt/gb_CESA-2012_0710_firefox_centos5.nasl |
2012-07-30 | Name : CentOS Update for firefox CESA-2012:0710 centos6 File : nvt/gb_CESA-2012_0710_firefox_centos6.nasl |
2012-07-30 | Name : CentOS Update for nspr CESA-2012:1091 centos6 File : nvt/gb_CESA-2012_1091_nspr_centos6.nasl |
2012-07-30 | Name : CentOS Update for nspr CESA-2012:1090 centos5 File : nvt/gb_CESA-2012_1090_nspr_centos5.nasl |
2012-07-30 | Name : CentOS Update for thunderbird CESA-2012:0715 centos5 File : nvt/gb_CESA-2012_0715_thunderbird_centos5.nasl |
2012-07-30 | Name : CentOS Update for thunderbird CESA-2012:0715 centos6 File : nvt/gb_CESA-2012_0715_thunderbird_centos6.nasl |
2012-07-19 | Name : RedHat Update for nss and nspr RHSA-2012:1090-01 File : nvt/gb_RHSA-2012_1090-01_nss_and_nspr.nasl |
2012-07-19 | Name : RedHat Update for nss, nspr, and nss-util RHSA-2012:1091-01 File : nvt/gb_RHSA-2012_1091-01_nss_nspr_and_nss-util.nasl |
2012-06-28 | Name : Ubuntu Update for thunderbird USN-1463-6 File : nvt/gb_ubuntu_USN_1463_6.nasl |
2012-06-25 | Name : Mandriva Update for mozilla MDVSA-2012:088-1 (mozilla) File : nvt/gb_mandriva_MDVSA_2012_088_1.nasl |
2012-06-25 | Name : Ubuntu Update for thunderbird USN-1463-4 File : nvt/gb_ubuntu_USN_1463_4.nasl |
2012-06-22 | Name : Ubuntu Update for firefox USN-1463-3 File : nvt/gb_ubuntu_USN_1463_3.nasl |
2012-06-19 | Name : Mozilla Products Multiple Vulnerabilities - June12 (Mac OS X) File : nvt/gb_mozilla_prdts_mult_vuln_jun12_macosx.nasl |
2012-06-19 | Name : Mozilla Products Multiple Vulnerabilities - June12 (Windows) File : nvt/gb_mozilla_prdts_mult_vuln_jun12_win.nasl |
2012-06-19 | Name : Mozilla Products 'jsinfer.cpp' Denial of Service Vulnerability (Windows) File : nvt/gb_mozilla_prdts_jsinfer_dos_vuln_win.nasl |
2012-06-19 | Name : Mozilla Products 'jsinfer.cpp' Denial of Service Vulnerability (Mac OS X) File : nvt/gb_mozilla_prdts_jsinfer_dos_vuln_macosx.nasl |
2012-06-08 | Name : Ubuntu Update for firefox USN-1463-1 File : nvt/gb_ubuntu_USN_1463_1.nasl |
2012-06-08 | Name : RedHat Update for thunderbird RHSA-2012:0715-01 File : nvt/gb_RHSA-2012_0715-01_thunderbird.nasl |
2012-06-08 | Name : RedHat Update for firefox RHSA-2012:0710-01 File : nvt/gb_RHSA-2012_0710-01_firefox.nasl |
2012-05-31 | Name : Gentoo Security Advisory GLSA 201205-03 (chromium v8) File : nvt/glsa_201205_03.nasl |
2012-05-17 | Name : Google Chrome Multiple Vulnerabilities - May 12 (Linux) File : nvt/gb_google_chrome_mult_vuln_may12_lin.nasl |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2012-11-29 | IAVM : 2012-A-0189 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity : Category I - VMSKEY : V0035032 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-02-29 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2012-0016_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2012-1200.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1185.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-333.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-295.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-108.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1091.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1090.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2012-0715.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0710.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-120611.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-11-16 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0016.nasl - Type : ACT_GATHER_INFO |
2012-08-22 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1540-2.nasl - Type : ACT_GATHER_INFO |
2012-08-17 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1540-1.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120717_nss_and_nspr_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120717_nss__nspr__and_nss_util_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120606_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120605_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-07-18 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1090.nasl - Type : ACT_GATHER_INFO |
2012-07-18 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1091.nasl - Type : ACT_GATHER_INFO |
2012-07-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1091.nasl - Type : ACT_GATHER_INFO |
2012-07-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1090.nasl - Type : ACT_GATHER_INFO |
2012-06-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2490.nasl - Type : ACT_GATHER_INFO |
2012-06-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2489.nasl - Type : ACT_GATHER_INFO |
2012-06-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2499.nasl - Type : ACT_GATHER_INFO |
2012-06-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2488.nasl - Type : ACT_GATHER_INFO |
2012-06-27 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1463-6.nasl - Type : ACT_GATHER_INFO |
2012-06-25 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-088.nasl - Type : ACT_GATHER_INFO |
2012-06-22 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1463-4.nasl - Type : ACT_GATHER_INFO |
2012-06-21 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1463-3.nasl - Type : ACT_GATHER_INFO |
2012-06-21 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201205-03.nasl - Type : ACT_GATHER_INFO |
2012-06-15 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-8189.nasl - Type : ACT_GATHER_INFO |
2012-06-08 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2012-0715.nasl - Type : ACT_GATHER_INFO |
2012-06-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0710.nasl - Type : ACT_GATHER_INFO |
2012-06-07 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1463-1.nasl - Type : ACT_GATHER_INFO |
2012-06-07 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_210.nasl - Type : ACT_GATHER_INFO |
2012-06-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0715.nasl - Type : ACT_GATHER_INFO |
2012-06-07 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_130.nasl - Type : ACT_GATHER_INFO |
2012-06-07 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1005.nasl - Type : ACT_GATHER_INFO |
2012-06-07 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_130.nasl - Type : ACT_GATHER_INFO |
2012-06-07 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_1005.nasl - Type : ACT_GATHER_INFO |
2012-06-07 | Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_13_0.nasl - Type : ACT_GATHER_INFO |
2012-06-07 | Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_10_0_5.nasl - Type : ACT_GATHER_INFO |
2012-06-07 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_13_0.nasl - Type : ACT_GATHER_INFO |
2012-06-07 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_10_0_5.nasl - Type : ACT_GATHER_INFO |
2012-06-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0710.nasl - Type : ACT_GATHER_INFO |
2012-06-06 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_bfecf7c1af4711e195804061862b8c22.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:42:57 |
|