10 - RHSA-2004:421

Executive Summary

Summary
Title	Updated mozilla packages fix security issues

Informations
Name	RHSA-2004:421	First vendor Publication	2004-08-04
Vendor	RedHat	Last vendor Modification	2004-08-04
Severity (Vendor)	N/A	Revision	01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated mozilla packages based on version 1.4.3 that fix a number of security issues for Red Hat Enterprise Linux are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor.

A number of flaws have been found in Mozilla 1.4 that have been fixed in the Mozilla 1.4.3 release:

Zen Parse reported improper input validation to the SOAPParameter object constructor leading to an integer overflow and controllable heap corruption. Malicious JavaScript could be written to utilize this flaw and could allow arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0722 to this issue.

During a source code audit, Chris Evans discovered a buffer overflow and integer overflows which affect the libpng code inside Mozilla. An attacker could create a carefully crafted PNG file in such a way that it would cause Mozilla to crash or execute arbitrary code when the image was viewed. (CAN-2004-0597, CAN-2004-0599)

Zen Parse reported a flaw in the POP3 capability. A malicious POP3 server could send a carefully crafted response that would cause a heap overflow and potentially allow execution of arbitrary code as the user running Mozilla. (CAN-2004-0757)

Marcel Boesch found a flaw that allows a CA certificate to be imported with a DN the same as that of the built-in CA root certificates, which can cause a denial of service to SSL pages, as the malicious certificate is treated as invalid. (CAN-2004-0758)

Met - Martin Hassman reported a flaw in Mozilla that could allow malicious Javascript code to upload local files from a users machine without requiring confirmation. (CAN-2004-0759)

Mindlock Security reported a flaw in ftp URI handling. By using a NULL character (%00) in a ftp URI, Mozilla can be confused into opening a resource as a different MIME type. (CAN-2004-0760)

Mozilla does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates website spoofing and other attacks, also known as the frame injection vulnerability. (CAN-2004-0718)

Tolga Tarhan reported a flaw that can allow a malicious webpage to use a redirect sequence to spoof the security lock icon that makes a webpage appear to be encrypted. (CAN-2004-0761)

Jesse Ruderman reported a security issue that affects a number of browsers including Mozilla that could allow malicious websites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box. (CAN-2004-0762)

Emmanouel Kellinis discovered a caching flaw in Mozilla which allows malicious websites to spoof certificates of trusted websites via redirects and Javascript that uses the "onunload" method. (CAN-2004-0763)

Mozilla allowed malicious websites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files. (CAN-2004-0764)

The cert_TestHostName function in Mozilla only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN). This flaw could be used for spoofing if an attacker had control of machines on a default DNS search path. (CAN-2004-0765)

All users are advised to update to these erratum packages which contain a snapshot of Mozilla 1.4.3 including backported fixes and are not vulnerable to these issues.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info):

127338 - CAN-2004-0718 frame injection (spoofing) vuln in Mozilla before 1.7 127186 - CAN-2004-0758 Overriding built-in certificate leading to error -8182 (DoS), especially exploitable by email

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2004-421.html

CAPEC : Common Attack Pattern Enumeration & Classification

Id	Name
CAPEC-64	Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-72	URL Encoding

CWE : Common Weakness Enumeration

%	Id	Name

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10032

Oval ID:	oval:org.mitre.oval:def:10032
Title:	Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box.
Description:	Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0762	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3	Product(s):
Definition Synopsis:
RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section mozilla-js-debugger is earlier than 37:1.4.3-3.0.2 AND mozilla is earlier than 37:1.4.3-3.0.2 AND mozilla-chat is earlier than 37:1.4.3-3.0.2 AND mozilla-mail is earlier than 37:1.4.3-3.0.2 AND mozilla-dom-inspector is earlier than 37:1.4.3-3.0.2 AND mozilla-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nss is earlier than 37:1.4.3-3.0.2 AND mozilla-nss-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr-devel is earlier than 37:1.4.3-3.0.2

Definition Id: oval:org.mitre.oval:def:10304

Oval ID:	oval:org.mitre.oval:def:10304
Title:	Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service to SSL pages because the malicious certificate is treated as invalid.
Description:	Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service to SSL pages because the malicious certificate is treated as invalid.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0758	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3	Product(s):
Definition Synopsis:
RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section mozilla-js-debugger is earlier than 37:1.4.3-3.0.2 AND mozilla is earlier than 37:1.4.3-3.0.2 AND mozilla-chat is earlier than 37:1.4.3-3.0.2 AND mozilla-mail is earlier than 37:1.4.3-3.0.2 AND mozilla-dom-inspector is earlier than 37:1.4.3-3.0.2 AND mozilla-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nss is earlier than 37:1.4.3-3.0.2 AND mozilla-nss-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr-devel is earlier than 37:1.4.3-3.0.2

Definition Id: oval:org.mitre.oval:def:10938

Oval ID:	oval:org.mitre.oval:def:10938
Title:	Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (application crash) via a malformed PNG image.
Description:	Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (application crash) via a malformed PNG image.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0599	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3	Product(s):
Definition Synopsis:
RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section mozilla-js-debugger is earlier than 37:1.4.3-3.0.2 AND libpng10-devel is earlier than 0:1.0.13-15 AND mozilla is earlier than 37:1.4.3-3.0.2 AND mozilla-chat is earlier than 37:1.4.3-3.0.2 AND libpng-devel is earlier than 2:1.2.2-25 AND mozilla-mail is earlier than 37:1.4.3-3.0.2 AND libpng10 is earlier than 0:1.0.13-15 AND mozilla-dom-inspector is earlier than 37:1.4.3-3.0.2 AND mozilla-nss is earlier than 37:1.4.3-3.0.2 AND mozilla-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nss-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr-devel is earlier than 37:1.4.3-3.0.2 AND libpng is earlier than 2:1.2.2-25

Definition Id: oval:org.mitre.oval:def:11042

Oval ID:	oval:org.mitre.oval:def:11042
Title:	Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.
Description:	Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0757	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3	Product(s):
Definition Synopsis:
RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section mozilla-js-debugger is earlier than 37:1.4.3-3.0.2 AND mozilla is earlier than 37:1.4.3-3.0.2 AND mozilla-chat is earlier than 37:1.4.3-3.0.2 AND mozilla-mail is earlier than 37:1.4.3-3.0.2 AND mozilla-dom-inspector is earlier than 37:1.4.3-3.0.2 AND mozilla-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nss is earlier than 37:1.4.3-3.0.2 AND mozilla-nss-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr-devel is earlier than 37:1.4.3-3.0.2

Definition Id: oval:org.mitre.oval:def:11090

Oval ID:	oval:org.mitre.oval:def:11090
Title:	Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI.
Description:	Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0760	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3	Product(s):
Definition Synopsis:
RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section mozilla-js-debugger is earlier than 37:1.4.3-3.0.2 AND mozilla is earlier than 37:1.4.3-3.0.2 AND mozilla-chat is earlier than 37:1.4.3-3.0.2 AND mozilla-mail is earlier than 37:1.4.3-3.0.2 AND mozilla-dom-inspector is earlier than 37:1.4.3-3.0.2 AND mozilla-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nss is earlier than 37:1.4.3-3.0.2 AND mozilla-nss-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr-devel is earlier than 37:1.4.3-3.0.2

Definition Id: oval:org.mitre.oval:def:11153

Oval ID:	oval:org.mitre.oval:def:11153
Title:	Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an input type="file" tag.
Description:	Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an <input type="file"> tag.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0759	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3	Product(s):
Definition Synopsis:
RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section mozilla-js-debugger is earlier than 37:1.4.3-3.0.2 AND mozilla is earlier than 37:1.4.3-3.0.2 AND mozilla-chat is earlier than 37:1.4.3-3.0.2 AND mozilla-mail is earlier than 37:1.4.3-3.0.2 AND mozilla-dom-inspector is earlier than 37:1.4.3-3.0.2 AND mozilla-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nss is earlier than 37:1.4.3-3.0.2 AND mozilla-nss-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr-devel is earlier than 37:1.4.3-3.0.2

Definition Id: oval:org.mitre.oval:def:11162

Oval ID:	oval:org.mitre.oval:def:11162
Title:	The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN), which allows remote attackers to spoof trusted certificates.
Description:	The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN), which allows remote attackers to spoof trusted certificates.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0765	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3	Product(s):
Definition Synopsis:
RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section mozilla-js-debugger is earlier than 37:1.4.3-3.0.2 AND mozilla is earlier than 37:1.4.3-3.0.2 AND mozilla-chat is earlier than 37:1.4.3-3.0.2 AND mozilla-mail is earlier than 37:1.4.3-3.0.2 AND mozilla-dom-inspector is earlier than 37:1.4.3-3.0.2 AND mozilla-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nss is earlier than 37:1.4.3-3.0.2 AND mozilla-nss-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr-devel is earlier than 37:1.4.3-3.0.2

Definition Id: oval:org.mitre.oval:def:11284

Oval ID:	oval:org.mitre.oval:def:11284
Title:	Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Description:	Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0597	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3	Product(s):
Definition Synopsis:
RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section mozilla-js-debugger is earlier than 37:1.4.3-3.0.2 AND libpng10-devel is earlier than 0:1.0.13-15 AND mozilla is earlier than 37:1.4.3-3.0.2 AND mozilla-chat is earlier than 37:1.4.3-3.0.2 AND libpng-devel is earlier than 2:1.2.2-25 AND mozilla-mail is earlier than 37:1.4.3-3.0.2 AND libpng10 is earlier than 0:1.0.13-15 AND mozilla-dom-inspector is earlier than 37:1.4.3-3.0.2 AND mozilla-nss is earlier than 37:1.4.3-3.0.2 AND mozilla-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nss-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr-devel is earlier than 37:1.4.3-3.0.2 AND libpng is earlier than 2:1.2.2-25

Definition Id: oval:org.mitre.oval:def:1227

Oval ID:	oval:org.mitre.oval:def:1227
Title:	Mozilla FTP URI MIME Type Exploit Vulnerability
Description:	Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0760	Version:	1
Platform(s):	Sun Solaris 8	Product(s):	mozilla
Definition Synopsis:
Solaris 8 or 9 installed Solaris 8 Installed AND Solaris 9 Installed AND Mozilla components (any SUNWmoznav/SUNWmozmail) installed Mozilla (SUNWmoznav) installed AND Mozilla Mail (SUNWmozmail) installed AND NOT Patch 117765-02 or later installed AND NOT Patch 117767-02 or later installed

Definition Id: oval:org.mitre.oval:def:1479

Oval ID:	oval:org.mitre.oval:def:1479
Title:	Integer Overflow in libpng via Malformed PNG Image
Description:	Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (application crash) via a malformed PNG image.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0599	Version:	1
Platform(s):	Sun Solaris 7	Product(s):	libpng
Definition Synopsis:
Solaris 7,8,or 9 installed Solaris 8 Installed AND Solaris 7 Installed AND Solaris 9 Installed AND Netscape installed

Definition Id: oval:org.mitre.oval:def:2274

Oval ID:	oval:org.mitre.oval:def:2274
Title:	Windows Messenger 5 libpng Buffer Overflow
Description:	Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2004-0597	Version:	7
Platform(s):	Microsoft Windows 2000	Product(s):	Microsoft Data Access Components 2.8
Definition Synopsis:
NOT Windows Messenger 5.1 is installed AND the version of msmsgs.exe is less than 5.1.0.639

Definition Id: oval:org.mitre.oval:def:2378

Oval ID:	oval:org.mitre.oval:def:2378
Title:	Multiple Buffer Overflows in libpng
Description:	Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0597	Version:	1
Platform(s):	Sun Solaris 7	Product(s):	libpng
Definition Synopsis:
Solaris 7,8,or 9 installed Solaris 8 Installed AND Solaris 7 Installed AND Solaris 9 Installed AND Netscape installed

Definition Id: oval:org.mitre.oval:def:2418

Oval ID:	oval:org.mitre.oval:def:2418
Title:	Mozilla, Firefox, Thunderbird User Interface Hijacking Vulnerability
Description:	Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0764	Version:	1
Platform(s):	Sun Solaris 8	Product(s):	mozilla
Definition Synopsis:
Solaris 8 or 9 installed Solaris 8 Installed AND Solaris 9 Installed AND Mozilla components (any SUNWmoznav/SUNWmozmail) installed Mozilla (SUNWmoznav) installed AND Mozilla Mail (SUNWmozmail) installed AND NOT Patch 117765-02 or later installed AND NOT Patch 117767-02 or later installed

Definition Id: oval:org.mitre.oval:def:3134

Oval ID:	oval:org.mitre.oval:def:3134
Title:	Mozilla CA Certificate DoS
Description:	Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service to SSL pages because the malicious certificate is treated as invalid.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0758	Version:	1
Platform(s):	Sun Solaris 8	Product(s):	mozilla
Definition Synopsis:
Solaris 8 or 9 installed Solaris 8 Installed AND Solaris 9 Installed AND Mozilla components (any SUNWmoznav/SUNWmozmail) installed Mozilla (SUNWmoznav) installed AND Mozilla Mail (SUNWmozmail) installed AND NOT Patch 117765-02 or later installed AND NOT Patch 117767-02 or later installed

Definition Id: oval:org.mitre.oval:def:3250

Oval ID:	oval:org.mitre.oval:def:3250
Title:	Mozilla, Firefox, Thunderbird POP3 SendUidl Buffer Overflow
Description:	Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0757	Version:	1
Platform(s):	Sun Solaris 8	Product(s):	mozilla
Definition Synopsis:
Solaris 8 or 9 installed Solaris 8 Installed AND Solaris 9 Installed AND Mozilla components (any SUNWmoznav/SUNWmozmail) installed Mozilla (SUNWmoznav) installed AND Mozilla Mail (SUNWmozmail) installed AND NOT Patch 117765-02 or later installed AND NOT Patch 117767-02 or later installed

Definition Id: oval:org.mitre.oval:def:3603

Oval ID:	oval:org.mitre.oval:def:3603
Title:	Mozilla, Firefox, Thunderbird Security Lock Icon Spoof Vulnerability
Description:	Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0761	Version:	1
Platform(s):	Sun Solaris 8	Product(s):	mozilla
Definition Synopsis:
Solaris 8 or 9 installed Solaris 8 Installed AND Solaris 9 Installed AND Mozilla components (any SUNWmoznav/SUNWmozmail) installed Mozilla (SUNWmoznav) installed AND Mozilla Mail (SUNWmozmail) installed AND NOT Patch 117765-02 or later installed AND NOT Patch 117767-02 or later installed

Definition Id: oval:org.mitre.oval:def:3989

Oval ID:	oval:org.mitre.oval:def:3989
Title:	Mozilla Firefox Certificate Spoofing Vulnerability
Description:	Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0763	Version:	1
Platform(s):	Sun Solaris 8	Product(s):	mozilla
Definition Synopsis:
Solaris 8 or 9 installed Solaris 8 Installed AND Solaris 9 Installed AND Mozilla components (any SUNWmoznav/SUNWmozmail) installed Mozilla (SUNWmoznav) installed AND Mozilla Mail (SUNWmozmail) installed AND NOT Patch 117765-02 or later installed AND NOT Patch 117767-02 or later installed

Definition Id: oval:org.mitre.oval:def:4403

Oval ID:	oval:org.mitre.oval:def:4403
Title:	Mozilla, Firefox, Thunderbird XPInstall Security Vulnerability
Description:	Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0762	Version:	1
Platform(s):	Sun Solaris 8	Product(s):	mozilla
Definition Synopsis:
Solaris 8 or 9 installed Solaris 8 Installed AND Solaris 9 Installed AND Mozilla components (any SUNWmoznav/SUNWmozmail) installed Mozilla (SUNWmoznav) installed AND Mozilla Mail (SUNWmozmail) installed AND NOT Patch 117765-02 or later installed AND NOT Patch 117767-02 or later installed

Definition Id: oval:org.mitre.oval:def:4492

Oval ID:	oval:org.mitre.oval:def:4492
Title:	Adobe Acrobat Reader libpng Buffer Overflow
Description:	Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2004-0597	Version:	2
Platform(s):	Microsoft Windows 98 Microsoft Windows ME Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP	Product(s):	Adobe Acrobat Reader
Definition Synopsis:
the software Adobe Acrobat Reader major version 6, minor version less than 3 is installed the software Adobe Acrobat Reader 6, major version 6 is installed AND the software Adobe Acrobat Reader 6, minor version less than 3 is installed

Definition Id: oval:org.mitre.oval:def:4629

Oval ID:	oval:org.mitre.oval:def:4629
Title:	Mozilla, Netscape SOAPParameter Integer Overflow
Description:	Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0722	Version:	1
Platform(s):	Sun Solaris 8	Product(s):	mozilla
Definition Synopsis:
Solaris 8 or 9 installed Solaris 8 Installed AND Solaris 9 Installed AND Mozilla components (any SUNWmoznav/SUNWmozmail) installed Mozilla (SUNWmoznav) installed AND Mozilla Mail (SUNWmozmail) installed AND NOT Patch 117765-02 or later installed AND NOT Patch 117767-02 or later installed

Definition Id: oval:org.mitre.oval:def:4756

Oval ID:	oval:org.mitre.oval:def:4756
Title:	Mozilla, Firebird, Firefox Frame Injection Vulnerability
Description:	The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0718	Version:	1
Platform(s):	Sun Solaris 8	Product(s):	mozilla
Definition Synopsis:
Solaris 8 or 9 installed Solaris 8 Installed AND Solaris 9 Installed AND Mozilla components (any SUNWmoznav/SUNWmozmail) installed Mozilla (SUNWmoznav) installed AND Mozilla Mail (SUNWmozmail) installed AND NOT Patch 117765-02 or later installed AND NOT Patch 117767-02 or later installed

Definition Id: oval:org.mitre.oval:def:594

Oval ID:	oval:org.mitre.oval:def:594
Title:	Windows Messenger 6 libpng Buffer Overflow
Description:	Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2004-0597	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP	Product(s):	MSN Messenger
Definition Synopsis:
MSN Messenger 6.2 is installed AND NOT MSN Messenger 6.2.0205 or later is installed

Definition Id: oval:org.mitre.oval:def:7709

Oval ID:	oval:org.mitre.oval:def:7709
Title:	libpng buffer overflow
Description:	Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2004-0597	Version:	9
Platform(s):	Microsoft Windows 98 Microsoft Windows ME Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7	Product(s):	MSN Messenger 4.7 MSN Messenger 6.1 MSN Messenger 6.2 Adobe Acrobat Reader
Definition Synopsis:
Windows Messenger 5.0 Microsoft Windows 2000 SP4, Windows Server 2003 (x86) Gold, Windows Server 2003 SP1 (x86), Windows XP Professional x64 Edition SP1, Windows XP SP1 (32-bit), Windows XP (x86) SP2 Microsoft Windows 2000 SP4 or later is installed AND Microsoft Windows Server 2003 (x86) Gold is installed AND Microsoft Windows Server 2003 SP1 (x86) is installed AND Microsoft Windows XP Professional x64 Edition SP1 is installed AND Microsoft Windows XP SP1 (32-bit) is installed AND Microsoft Windows XP (x86) SP2 is installed AND the version of msmsgs.exe is greater than or equal to 5.0.0.0 AND the version of msmsgs.exe is less than 5.1.0.639 OR Windows Messenger 4.7 on Windows XP SP1 32-bit Microsoft Windows XP SP1 (32-bit) is installed AND MSN Messenger 4.7 is installed AND the version of msmsgs.exe is less than 4.7.0.2010 OR Windows Messenger 4.7 on Windows XP SP2 (x86) Microsoft Windows XP (x86) SP2 is installed AND MSN Messenger 4.7 is installed AND the version of msmsgs.exe is less than 4.7.0.3001 OR MSN Messenger 6.1/6.2 MSN Messenger 6.1, MSN Messenger 6.2 MSN Messenger 6.1 is installed AND MSN Messenger 6.2 is installed AND NOT MSN Messenger 6.2.0205 or later is installed OR Adobe Acrobat Reader 6 the software Adobe Acrobat Reader 6, major version 6 is installed AND the software Adobe Acrobat Reader 6, minor version less than 3 is installed

Definition Id: oval:org.mitre.oval:def:9240

Oval ID:	oval:org.mitre.oval:def:9240
Title:	Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted.
Description:	Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0761	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3	Product(s):
Definition Synopsis:
RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section mozilla-js-debugger is earlier than 37:1.4.3-3.0.2 AND mozilla is earlier than 37:1.4.3-3.0.2 AND mozilla-chat is earlier than 37:1.4.3-3.0.2 AND mozilla-mail is earlier than 37:1.4.3-3.0.2 AND mozilla-dom-inspector is earlier than 37:1.4.3-3.0.2 AND mozilla-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nss is earlier than 37:1.4.3-3.0.2 AND mozilla-nss-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr-devel is earlier than 37:1.4.3-3.0.2

Definition Id: oval:org.mitre.oval:def:9378

Oval ID:	oval:org.mitre.oval:def:9378
Title:	Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.
Description:	Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0722	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3	Product(s):
Definition Synopsis:
RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section mozilla-js-debugger is earlier than 37:1.4.3-3.0.2 AND mozilla is earlier than 37:1.4.3-3.0.2 AND mozilla-chat is earlier than 37:1.4.3-3.0.2 AND mozilla-mail is earlier than 37:1.4.3-3.0.2 AND mozilla-dom-inspector is earlier than 37:1.4.3-3.0.2 AND mozilla-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nss is earlier than 37:1.4.3-3.0.2 AND mozilla-nss-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr-devel is earlier than 37:1.4.3-3.0.2

Definition Id: oval:org.mitre.oval:def:9419

Oval ID:	oval:org.mitre.oval:def:9419
Title:	Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files.
Description:	Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0764	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3	Product(s):
Definition Synopsis:
RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section mozilla-js-debugger is earlier than 37:1.4.3-3.0.2 AND mozilla is earlier than 37:1.4.3-3.0.2 AND mozilla-chat is earlier than 37:1.4.3-3.0.2 AND mozilla-mail is earlier than 37:1.4.3-3.0.2 AND mozilla-dom-inspector is earlier than 37:1.4.3-3.0.2 AND mozilla-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nss is earlier than 37:1.4.3-3.0.2 AND mozilla-nss-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr-devel is earlier than 37:1.4.3-3.0.2

Definition Id: oval:org.mitre.oval:def:9436

Oval ID:	oval:org.mitre.oval:def:9436
Title:	Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method.
Description:	Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0763	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3	Product(s):
Definition Synopsis:
RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section mozilla-js-debugger is earlier than 37:1.4.3-3.0.2 AND mozilla is earlier than 37:1.4.3-3.0.2 AND mozilla-chat is earlier than 37:1.4.3-3.0.2 AND mozilla-mail is earlier than 37:1.4.3-3.0.2 AND mozilla-dom-inspector is earlier than 37:1.4.3-3.0.2 AND mozilla-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nss is earlier than 37:1.4.3-3.0.2 AND mozilla-nss-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr-devel is earlier than 37:1.4.3-3.0.2

Definition Id: oval:org.mitre.oval:def:9997

Oval ID:	oval:org.mitre.oval:def:9997
Title:	The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
Description:	The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0718	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3	Product(s):
Definition Synopsis:
RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section mozilla-js-debugger is earlier than 37:1.4.3-3.0.2 AND mozilla is earlier than 37:1.4.3-3.0.2 AND mozilla-chat is earlier than 37:1.4.3-3.0.2 AND mozilla-mail is earlier than 37:1.4.3-3.0.2 AND mozilla-dom-inspector is earlier than 37:1.4.3-3.0.2 AND mozilla-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nss is earlier than 37:1.4.3-3.0.2 AND mozilla-nss-devel is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr is earlier than 37:1.4.3-3.0.2 AND mozilla-nspr-devel is earlier than 37:1.4.3-3.0.2

CPE : Common Platform Enumeration

Type	Description	Count
Application	Firebirdsql Firebird cpe:2.3:a:firebirdsql:firebird:0.7:::::::*	1
Application	Greg Roelofs Libpng cpe:2.3:a:greg_roelofs:libpng:1.2.5:::::::* cpe:2.3:a:greg_roelofs:libpng:1.2.4:::::::* cpe:2.3:a:greg_roelofs:libpng:1.2.3:::::::* cpe:2.3:a:greg_roelofs:libpng:1.2.2:::::::* cpe:2.3:a:greg_roelofs:libpng:1.2.1:::::::* cpe:2.3:a:greg_roelofs:libpng:1.2.0:::::::* cpe:2.3:a:greg_roelofs:libpng:1.0.9:::::::* cpe:2.3:a:greg_roelofs:libpng:1.0.8:::::::* cpe:2.3:a:greg_roelofs:libpng:1.0.7:::::::* cpe:2.3:a:greg_roelofs:libpng:1.0.6:::::::* cpe:2.3:a:greg_roelofs:libpng:1.0.5:::::::* cpe:2.3:a:greg_roelofs:libpng:1.0.14:::::::* cpe:2.3:a:greg_roelofs:libpng:1.0.13:::::::* cpe:2.3:a:greg_roelofs:libpng:1.0.12:::::::* cpe:2.3:a:greg_roelofs:libpng:1.0.11:::::::* cpe:2.3:a:greg_roelofs:libpng:1.0.10:::::::* cpe:2.3:a:greg_roelofs:libpng:1.0:::::::*	17
Application	Microsoft Msn Messenger cpe:2.3:a:microsoft:msn_messenger:6.2:::::::* cpe:2.3:a:microsoft:msn_messenger:6.1:::::::*	2
Application	Microsoft Windows Media Player cpe:2.3:a:microsoft:windows_media_player:9:::::::*	1
Application	Microsoft Windows Messenger cpe:2.3:a:microsoft:windows_messenger:5.0:::::::*	1
Application	Mozilla Firefox cpe:2.3:a:mozilla:firefox:0.9.2:::::::* cpe:2.3:a:mozilla:firefox:0.9.1:::::::* cpe:2.3:a:mozilla:firefox:0.9_rc:::::::* cpe:2.3:a:mozilla:firefox:0.9:rc:::::: cpe:2.3:a:mozilla:firefox:0.9:::::::* cpe:2.3:a:mozilla:firefox:0.8:::::::* cpe:2.3:a:mozilla:firefox:0.7.1:::::::* cpe:2.3:a:mozilla:firefox:0.7:::::::* cpe:2.3:a:mozilla:firefox:0.6.1:::::::* cpe:2.3:a:mozilla:firefox:0.6:::::::* cpe:2.3:a:mozilla:firefox:0.5:::::::* cpe:2.3:a:mozilla:firefox:0.4:::::::* cpe:2.3:a:mozilla:firefox:0.3:::::::* cpe:2.3:a:mozilla:firefox:0.2:::::::* cpe:2.3:a:mozilla:firefox:0.1:::::::* cpe:2.3:a:mozilla:firefox:::::::: cpe:2.3:a:mozilla:firefox:::::::x86:* cpe:2.3:a:mozilla:firefox::::::x86::* cpe:2.3:a:mozilla:firefox::::::iphone_os::* cpe:2.3:a:mozilla:firefox::::::-::* cpe:2.3:a:mozilla:firefox::::::android::* cpe:2.3:a:mozilla:firefox:::::android:::* cpe:2.3:a:mozilla:firefox:-:::::::* cpe:2.3:a:mozilla:firefox:-:::::iphone_os::	24
Application	Mozilla cpe:2.3:a:mozilla:mozilla:1.7:::::::* cpe:2.3:a:mozilla:mozilla:1.7:alpha:::::: cpe:2.3:a:mozilla:mozilla:1.7:rc2:::::: cpe:2.3:a:mozilla:mozilla:1.7:rc1:::::: cpe:2.3:a:mozilla:mozilla:1.7:beta:::::: cpe:2.3:a:mozilla:mozilla:1.7:rc3:::::: cpe:2.3:a:mozilla:mozilla:1.6:::::::* cpe:2.3:a:mozilla:mozilla:1.6:beta:::::: cpe:2.3:a:mozilla:mozilla:1.6:alpha:::::: cpe:2.3:a:mozilla:mozilla:1.5.1:::::::* cpe:2.3:a:mozilla:mozilla:1.5:::::::* cpe:2.3:a:mozilla:mozilla:1.5:rc1:::::: cpe:2.3:a:mozilla:mozilla:1.5:rc2:::::: cpe:2.3:a:mozilla:mozilla:1.5:alpha:::::: cpe:2.3:a:mozilla:mozilla:1.4.4:::::::* cpe:2.3:a:mozilla:mozilla:1.4.2:::::::* cpe:2.3:a:mozilla:mozilla:1.4.1:::::::* cpe:2.3:a:mozilla:mozilla:1.4:alpha:::::: cpe:2.3:a:mozilla:mozilla:1.4:beta:::::: cpe:2.3:a:mozilla:mozilla:1.4:::::::* cpe:2.3:a:mozilla:mozilla:1.3.1:::::::* cpe:2.3:a:mozilla:mozilla:1.3:::::::* cpe:2.3:a:mozilla:mozilla:1.2.1:::::::* cpe:2.3:a:mozilla:mozilla:1.2:alpha:::::: cpe:2.3:a:mozilla:mozilla:1.2:::::::* cpe:2.3:a:mozilla:mozilla:1.2:beta:::::: cpe:2.3:a:mozilla:mozilla:1.1:::::::* cpe:2.3:a:mozilla:mozilla:1.1:beta:::::: cpe:2.3:a:mozilla:mozilla:1.1:alpha:::::: cpe:2.3:a:mozilla:mozilla:1.0.2:::::::* cpe:2.3:a:mozilla:mozilla:1.0.1:::::::* cpe:2.3:a:mozilla:mozilla:1.0:::::::* cpe:2.3:a:mozilla:mozilla:1.0:rc1:::::: cpe:2.3:a:mozilla:mozilla:1.0:rc3:::::: cpe:2.3:a:mozilla:mozilla:1.0:rc2:::::: cpe:2.3:a:mozilla:mozilla:0.9.9:::::::* cpe:2.3:a:mozilla:mozilla:0.9.8:::::::* cpe:2.3:a:mozilla:mozilla:0.9.7:::::::* cpe:2.3:a:mozilla:mozilla:0.9.6:::::::* cpe:2.3:a:mozilla:mozilla:0.9.5:::::::* cpe:2.3:a:mozilla:mozilla:0.9.48:::::::* cpe:2.3:a:mozilla:mozilla:0.9.4.1:::::::* cpe:2.3:a:mozilla:mozilla:0.9.4:::::::* cpe:2.3:a:mozilla:mozilla:0.9.35:::::::* cpe:2.3:a:mozilla:mozilla:0.9.3:::::::* cpe:2.3:a:mozilla:mozilla:0.9.2.1:::::::* cpe:2.3:a:mozilla:mozilla:0.9.2:::::::* cpe:2.3:a:mozilla:mozilla:0.8:::::::* cpe:2.3:a:mozilla:mozilla:m16:::::::* cpe:2.3:a:mozilla:mozilla:m15:::::::* cpe:2.3:a:mozilla:mozilla:::::::: cpe:2.3:a:mozilla:mozilla:-:::::::*	52
Application	Mozilla Thunderbird cpe:2.3:a:mozilla:thunderbird:0.7:rc:::::: cpe:2.3:a:mozilla:thunderbird:0.7:-:::::: cpe:2.3:a:mozilla:thunderbird:0.6:::::::* cpe:2.3:a:mozilla:thunderbird:0.5:::::::* cpe:2.3:a:mozilla:thunderbird:0.4:::::::* cpe:2.3:a:mozilla:thunderbird:0.3:::::::* cpe:2.3:a:mozilla:thunderbird:0.2:::::::* cpe:2.3:a:mozilla:thunderbird:0.1:::::::* cpe:2.3:a:mozilla:thunderbird:::::::: cpe:2.3:a:mozilla:thunderbird:::::::x86:* cpe:2.3:a:mozilla:thunderbird:-:::::::*	11
Application	Netscape Navigator cpe:2.3:a:netscape:navigator:7.1:::::::* cpe:2.3:a:netscape:navigator:7.0:::::::*	2
Os	Microsoft Windows 98Se cpe:2.3:o:microsoft:windows_98se::::::::	1
Os	Microsoft Windows Me cpe:2.3:o:microsoft:windows_me:::second_edition:::::*	1

OpenVAS Exploits

Date	Description
2009-10-10	Name : SLES9: Security update for Mozilla File : nvt/sles9p5016546.nasl
2008-09-24	Name : Gentoo Security Advisory GLSA 200507-14 (mozilla) File : nvt/glsa_200507_14.nasl
2008-09-24	Name : Gentoo Security Advisory GLSA 200408-22 (mozilla) File : nvt/glsa_200408_22.nasl
2008-09-24	Name : Gentoo Security Advisory GLSA 200408-03 (libpng) File : nvt/glsa_200408_03.nasl
2008-09-04	Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox14.nasl
2008-09-04	Name : FreeBSD Ports: thunderbird File : nvt/freebsd_thunderbird2.nasl
2008-09-04	Name : FreeBSD Ports: thunderbird File : nvt/freebsd_thunderbird1.nasl
2008-09-04	Name : FreeBSD Ports: png File : nvt/freebsd_png.nasl
2008-09-04	Name : FreeBSD Ports: mozilla File : nvt/freebsd_mozilla0.nasl
2008-09-04	Name : FreeBSD Ports: mozilla File : nvt/freebsd_mozilla.nasl
2008-09-04	Name : FreeBSD Ports: kdelibs File : nvt/freebsd_kdelibs1.nasl
2008-09-04	Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox9.nasl
2008-09-04	Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox18.nasl
2008-09-04	Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox13.nasl
2008-09-04	Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox12.nasl
2008-09-04	Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox11.nasl
2008-09-04	Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox10.nasl
2008-09-04	Name : FreeBSD Ports: ImageMagick, ImageMagick-nox11 File : nvt/freebsd_ImageMagick3.nasl
2008-01-17	Name : Debian Security Advisory DSA 536-1 (libpng) File : nvt/deb_536_1.nasl
2008-01-17	Name : Debian Security Advisory DSA 810-1 (mozilla) File : nvt/deb_810_1.nasl
2008-01-17	Name : Debian Security Advisory DSA 777-1 (mozilla) File : nvt/deb_777_1.nasl
2008-01-17	Name : Debian Security Advisory DSA 775-1 (mozilla) File : nvt/deb_775_1.nasl
2008-01-17	Name : Debian Security Advisory DSA 571-1 (libpng3) File : nvt/deb_571_1.nasl
2008-01-17	Name : Debian Security Advisory DSA 570-1 (libpng) File : nvt/deb_570_1.nasl
2005-11-03	Name : Mozilla/Firefox security manager certificate handling DoS File : nvt/mozilla_certif_handle_dos.nasl
2005-11-03	Name : Mozilla/Firefox user interface spoofing File : nvt/mozilla_firefox_xul_spoof.nasl
0000-00-00	Name : Slackware Advisory SSA:2004-223-02 imagemagick File : nvt/esoft_slk_ssa_2004_223_02.nasl
0000-00-00	Name : Slackware Advisory SSA:2004-223-01 Mozilla File : nvt/esoft_slk_ssa_2004_223_01.nasl
0000-00-00	Name : Slackware Advisory SSA:2004-222-01 libpng File : nvt/esoft_slk_ssa_2004_222_01.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
59835	Netscape Cross-domain Frame Injection Content Spoofing
59834	Mozilla Multiple Browser Cross-domain Frame Injection Content Spoofing
59316	Netscape SOAPParameter Object Constructor Overflow
8326	libpng png_handle_tRNS Remote Overflow A remote overflow exists in libpng. The library function png_handle_tRNS fails to perform a length check on PNG images resulting in a buffer overflow. With a specially crafted PNG file, an attacker can cause the execution of code resulting in a loss of integrity.
8316	libpng pngrutil.c Multiple Function Progressive Display Image Reading Overflow A potential local integer overflow exists in libpng. The library function png_push_read_chunk contains code that might be susceptible to integer overflows. It is currently unknown how dangerous this code might be. With a specially crafted request, an attacker might cause crashes or execution of code resulting in a loss of availability.
8315	libpng png_read_png Integer Overflow A local overflow exists in libpng. The library function png_read_png fails to validate the height of input PNG files resulting in a possible integer overflow. With a specially crafted request, an attacker might cause a crash of the applicatioin resulting in a loss of availability.
8314	libpng png_handle_sPLT Local Overflow A local overflow exists in libpng. The library function png_handle_sPLT fails to validate input resulting in a possible integer overflow. With a specially crafted request, an attacker might theoretically cause execution of code resulting in a loss of integrity.
8312	libpng png_handle_sBIT() Local Overflow A local overflow exists in libpng. The library function png_handle_sBIT relies on checks in other functions to perform input validation resulting in a possible buffer overflow. With a specially crafted PNG file, an attacker might cause execution of code resulting in a loss of integrity.
8311	Mozilla Browsers chrome/XML User Interface Spoofing
8310	Mozilla Browsers onunload Method SSL Certificate Spoofing
8309	Mozilla Browsers XPInstall Security Dialog Arbitrary Extension Installation An attackers website can inject arbitrary Mozilla extensions by tricking the user into interactively accepting security dialog boxes without seeing the dialog box.
8308	Mozilla Browsers Redirect Sequence Security Icon Spoof Mozilla based products contain a flaw that may allow a malicious user to spoof the SSL security icon. The issue is triggered when a specially crafted web paged is used to redirect the SSL information from another site. It is possible that the flaw may allow normal users to believe a page is encrypted when it truly is not resulting in a potential loss of confidentiality.
8307	Mozilla Browsers FTP URI Null Character MIME Type Spoofing Arbitrary Code Exe... Mozilla based browsers contain a flaw that allows a remote code injection. This flaw exists because the application does not properly validate input before opening. This could allow a user to create a specially crafted URL containing NULL characters that would spoof the MIME type and potentially execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
8305	Mozilla Browsers Arbitrary File Upload Mozilla contains a flaw that may allow a malicious user to capture or upload a file from a users machine. The issue is triggered when a user loads a malicious web page which uses a specially crafted javascript. It is possible that the flaw may allow an attacker to retrieve files from known locations without the user being notified, resulting in a loss of confidentiality.
8304	Mozilla Browsers cert_TestHostName Certificate Spoofing Mozilla contains a flaw that may allow a malicious user to spoof a trusted certificate. The issue is triggered when Mozilla fails to securely verfiy the hostname on certificates for non-Fully Qualified Domain Names (FQDN.) It is possible that the flaw may allow the attacker to spoof the hostname resulting in a loss of integrity.
8303	Mozilla Browsers SendUidl POP3 Overflow Mozilla contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a maliciously configured POP3 server overwrites heap memory in the users browser. It is possible that the flaw may allow remote code execution allowing system access and resulting in a loss of confidentiality and integrity.
8281	Mozilla Browsers SOAPParameter Object Constructor Overflow Mozilla/Netscape contains a flaw that may allow a malicious user to corrupt heap information. The issue is triggered when an integer overflow in the SOAPParameter object constructor occurs. It is possible that the flaw may allow the remote execution of arbitrary code resulting in a loss of integrity and/or availability.
8238	Mozilla Browsers onunload SSL Certificate Spoofing Mozilla and Mozilla Firefox contains a flaw that may allow a malicious user to spoof SSL certification. The issue is triggered when using "onunload" inside a < body> tag and redirection using http-equiv refresh metatag, document.write() and document.close(), which will spoof a trusted website. By sending a specially crafted webpage, a remote attacker can represent the malicious Web site as that of a trusted site, resulting in a loss of integrity.
7939	Mozilla Multiple Browsers CA Certificate SSL Page DoS Mozilla browsers contain a flaw that may allow a denial of service on stored certificates. The issue is triggered when receiving certificates with existing DN and different serial number as a built-in CA root cert occurs, and will result in the built-in CA root cert being overwritten. Ultimately this may result in loss of availability for sites using the original built-in CA root cert.
7466	Mozilla XPInstall Dialog Box Arbitrary Command Execution

Snort® IPS/IDS

Date	Description
2018-01-17	Mozilla Firefox SOAPParameter integer overflow attempt RuleID : 45184 - Revision : 1 - Type : BROWSER-FIREFOX
2018-01-17	Mozilla Firefox SOAPParameter integer overflow attempt RuleID : 45183 - Revision : 1 - Type : BROWSER-FIREFOX
2018-01-17	Mozilla Firefox SOAPParameter integer overflow attempt RuleID : 45182 - Revision : 1 - Type : BROWSER-FIREFOX
2018-01-17	Mozilla Firefox SOAPParameter integer overflow attempt RuleID : 45181 - Revision : 1 - Type : BROWSER-FIREFOX
2018-01-17	Mozilla Firefox SOAPParameter integer overflow attempt RuleID : 45180 - Revision : 1 - Type : BROWSER-FIREFOX
2018-01-17	Mozilla Firefox SOAPParameter integer overflow attempt RuleID : 45179 - Revision : 1 - Type : BROWSER-FIREFOX
2018-01-17	Mozilla Firefox SOAPParameter integer overflow attempt RuleID : 45178 - Revision : 1 - Type : BROWSER-FIREFOX
2018-01-17	Mozilla Firefox SOAPParameter integer overflow attempt RuleID : 45177 - Revision : 1 - Type : BROWSER-FIREFOX
2018-01-10	Mozilla SSL certificate spoofing attempt RuleID : 45127 - Revision : 1 - Type : BROWSER-FIREFOX
2014-01-10	Microsoft Multiple Products PNG large image height download attempt RuleID : 3133-community - Revision : 15 - Type : FILE-IMAGE
2014-01-10	Microsoft Multiple Products PNG large image height download attempt RuleID : 3133 - Revision : 15 - Type : FILE-IMAGE
2014-01-10	libpng tRNS overflow attempt RuleID : 2673-community - Revision : 12 - Type : FILE-IMAGE
2014-01-10	libpng tRNS overflow attempt RuleID : 2673 - Revision : 12 - Type : FILE-IMAGE

Nessus® Vulnerability Scanner

Date	Description
2011-10-13	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_641859e8eca111d8b913000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_a4fd8f5305eb11d9b45d000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_c1d97a8b05ed11d9b45d000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_f9e3e60be65011d89b0a000347a4fa7d.nasl - Type : ACT_GATHER_INFO
2007-02-18	Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2006-213.nasl - Type : ACT_GATHER_INFO
2007-02-18	Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2006-212.nasl - Type : ACT_GATHER_INFO
2006-07-05	Name : The remote CentOS host is missing a security update. File : centos_RHSA-2005-586.nasl - Type : ACT_GATHER_INFO
2006-07-03	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-587.nasl - Type : ACT_GATHER_INFO
2006-01-15	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-155-1.nasl - Type : ACT_GATHER_INFO
2006-01-15	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-149-1.nasl - Type : ACT_GATHER_INFO
2006-01-15	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1-1.nasl - Type : ACT_GATHER_INFO
2005-10-05	Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-128.nasl - Type : ACT_GATHER_INFO
2005-09-13	Name : The remote Debian host is missing a security-related update. File : debian_DSA-810.nasl - Type : ACT_GATHER_INFO
2005-08-18	Name : The remote Debian host is missing a security-related update. File : debian_DSA-775.nasl - Type : ACT_GATHER_INFO
2005-08-18	Name : The remote Debian host is missing a security-related update. File : debian_DSA-777.nasl - Type : ACT_GATHER_INFO
2005-07-22	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-587.nasl - Type : ACT_GATHER_INFO
2005-07-22	Name : The remote Fedora Core host is missing a security update. File : fedora_2005-616.nasl - Type : ACT_GATHER_INFO
2005-07-22	Name : The remote Fedora Core host is missing a security update. File : fedora_2005-619.nasl - Type : ACT_GATHER_INFO
2005-07-21	Name : The remote Fedora Core host is missing a security update. File : fedora_2005-605.nasl - Type : ACT_GATHER_INFO
2005-07-21	Name : The remote Fedora Core host is missing a security update. File : fedora_2005-603.nasl - Type : ACT_GATHER_INFO
2005-07-21	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-586.nasl - Type : ACT_GATHER_INFO
2005-07-13	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_abe47a5ae23c11d89b0a000347a4fa7d.nasl - Type : ACT_GATHER_INFO
2005-07-13	Name : A web browser installed on the remote host contains multiple vulnerabilities. File : mozilla_179.nasl - Type : ACT_GATHER_INFO
2005-07-13	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_e9f9d2320cb211d98a8a000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2005-07-13	Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_105.nasl - Type : ACT_GATHER_INFO
2005-07-13	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2004-222-01.nasl - Type : ACT_GATHER_INFO
2005-07-13	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_a7e0d783131b11d9bc4a000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2005-07-13	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_7c188c550cb011d98a8a000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2005-07-13	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2004-223-01.nasl - Type : ACT_GATHER_INFO
2005-07-13	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2004-223-02.nasl - Type : ACT_GATHER_INFO
2005-07-13	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_5360a659131c11d9bc4a000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2005-07-13	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_6e7408810cae11d98a8a000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2005-07-13	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_8d8238830ca911d98a8a000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2005-07-13	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_730db824e21611d89b0a000347a4fa7d.nasl - Type : ACT_GATHER_INFO
2005-02-08	Name : Arbitrary code can be executed on the remote host through the Media Player. File : smb_nt_ms05-009.nasl - Type : ACT_GATHER_INFO
2004-11-10	Name : The remote Debian host is missing a security-related update. File : debian_DSA-570.nasl - Type : ACT_GATHER_INFO
2004-11-10	Name : The remote Debian host is missing a security-related update. File : debian_DSA-571.nasl - Type : ACT_GATHER_INFO
2004-09-29	Name : The remote Debian host is missing a security-related update. File : debian_DSA-536.nasl - Type : ACT_GATHER_INFO
2004-09-06	Name : The remote Windows host has a web browser installed that is affected by a den... File : mozilla_certif_handle_dos.nasl - Type : ACT_GATHER_INFO
2004-08-30	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200408-03.nasl - Type : ACT_GATHER_INFO
2004-08-30	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200408-22.nasl - Type : ACT_GATHER_INFO
2004-08-22	Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-082.nasl - Type : ACT_GATHER_INFO
2004-08-22	Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-079.nasl - Type : ACT_GATHER_INFO
2004-08-12	Name : The remote device is missing a vendor-supplied security patch File : freebsd_kdelibs_3233.nasl - Type : ACT_GATHER_INFO
2004-08-10	Name : The remote host is missing a Mac OS X update that fixes a security issue. File : macosx_SecUpd20040809.nasl - Type : ACT_GATHER_INFO
2004-08-05	Name : The remote Fedora Core host is missing a security update. File : fedora_2004-238.nasl - Type : ACT_GATHER_INFO
2004-08-05	Name : The remote Fedora Core host is missing a security update. File : fedora_2004-237.nasl - Type : ACT_GATHER_INFO
2004-08-05	Name : The remote Fedora Core host is missing a security update. File : fedora_2004-239.nasl - Type : ACT_GATHER_INFO
2004-08-05	Name : The remote Fedora Core host is missing a security update. File : fedora_2004-236.nasl - Type : ACT_GATHER_INFO
2004-08-05	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-402.nasl - Type : ACT_GATHER_INFO
2004-08-05	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-421.nasl - Type : ACT_GATHER_INFO
2004-08-04	Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2004_023.nasl - Type : ACT_GATHER_INFO
2004-08-03	Name : The remote Windows host contains a web browser that has a code execution vuln... File : mozilla_firefox_cache_file.nasl - Type : ACT_GATHER_INFO
2004-08-02	Name : The remote Windows host has a web browser installed that is affected by multi... File : mozilla_firefox_xul_spoof.nasl - Type : ACT_GATHER_INFO
2004-08-02	Name : The remote Windows host contains a web browser that is affected by an integer... File : mozilla_soapparameter_overflow.nasl - Type : ACT_GATHER_INFO
2004-07-06	Name : The remote host is using an unsupported version of Mac OS X. File : macosx_version.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:48:37	Multiple Updates

Global Informations

Type	Count
Capec ID(s)	2
CWE ID(s)	3
Oval ID(s)	28
CPE ID(s)	113
osvdb(s)	20
Openvas Exploit(s)	29
Snort® Rule(s)	13
Nessus® Exploit(s)	56

	Related
10	CVE-2004-0764
10	CVE-2004-0757
10	CVE-2004-0722
10	CVE-2004-0597
7.5	CVE-2004-0765
7.5	CVE-2004-0718
6.4	CVE-2004-0760
6.4	CVE-2004-0759
5	CVE-2004-0763
5	CVE-2004-0762
5	CVE-2004-0761
5	CVE-2004-0758
5	CVE-2004-0599
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 13 more Alert(s)

10 - RHSA-2004:421

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CAPEC : Common Attack Pattern Enumeration & Classification

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU