Executive Summary
Summary | |
---|---|
Title | seamonkey security update |
Informations | |||
---|---|---|---|
Name | RHSA-2008:0208 | First vendor Publication | 2008-03-27 |
Vendor | RedHat | Last vendor Modification | 2008-03-27 |
Severity (Vendor) | Critical | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of some malformed web content. A web page containing such malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2008-1233, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237) Several flaws were found in the display of malformed web content. A web page containing specially-crafted content could, potentially, trick a SeaMonkey user into surrendering sensitive information. (CVE-2008-1234, CVE-2008-1238, CVE-2008-1241) All SeaMonkey users should upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 438713 - CVE-2008-1233 Mozilla products XPCNativeWrapper pollution 438715 - CVE-2008-1234 universal XSS using event handlers 438717 - CVE-2008-1235 chrome privilege via wrong principal 438718 - CVE-2008-1236 browser engine crashes 438721 - CVE-2008-1237 javascript crashes 438724 - CVE-2008-1238 Referrer spoofing bug 438730 - CVE-2008-1241 XUL popup spoofing |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2008-0208.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-399 | Resource Management Errors |
17 % | CWE-287 | Improper Authentication |
17 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
17 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
17 % | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10980 | |||
Oval ID: | oval:org.mitre.oval:def:10980 | ||
Title: | Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via unknown vectors that cause JavaScript to execute with the wrong principal, aka "Privilege escalation via incorrect principals." | ||
Description: | Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via unknown vectors that cause JavaScript to execute with the wrong principal, aka "Privilege escalation via incorrect principals." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1235 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11788 | |||
Oval ID: | oval:org.mitre.oval:def:11788 | ||
Title: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the layout engine. | ||
Description: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the layout engine. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1236 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17490 | |||
Oval ID: | oval:org.mitre.oval:def:17490 | ||
Title: | USN-605-1 -- mozilla-thunderbird, thunderbird vulnerabilities | ||
Description: | Various flaws were discovered in the JavaScript engine. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-605-1 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | mozilla-thunderbird thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17694 | |||
Oval ID: | oval:org.mitre.oval:def:17694 | ||
Title: | USN-592-1 -- firefox vulnerabilities | ||
Description: | Alexey Proskuryakov, Yosuke Hasegawa and Simon Montagu discovered flaws in Firefox's character encoding handling. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-592-1 CVE-2008-0416 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 CVE-2008-1238 CVE-2007-4879 CVE-2008-1195 CVE-2008-1240 CVE-2008-1241 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22699 | |||
Oval ID: | oval:org.mitre.oval:def:22699 | ||
Title: | ELSA-2008:0209: thunderbird security update (Moderate) | ||
Description: | GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0209-01 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 CVE-2008-1238 CVE-2008-1241 | Version: | 33 |
Platform(s): | Oracle Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22714 | |||
Oval ID: | oval:org.mitre.oval:def:22714 | ||
Title: | ELSA-2008:0207: firefox security update (Critical) | ||
Description: | GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0207-01 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 CVE-2008-1238 CVE-2008-1241 | Version: | 33 |
Platform(s): | Oracle Linux 5 | Product(s): | firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9651 | |||
Oval ID: | oval:org.mitre.oval:def:9651 | ||
Title: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the JavaScript engine. | ||
Description: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the JavaScript engine. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1237 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9889 | |||
Oval ID: | oval:org.mitre.oval:def:9889 | ||
Title: | Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely on Referer headers, such as with some Cross-Site Request Forgery (CSRF) mechanisms. | ||
Description: | Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely on Referer headers, such as with some Cross-Site Request Forgery (CSRF) mechanisms. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1238 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-13 | Name : SLES10: Security update for epiphany File : nvt/sles10_mozilla-xulrunn.nasl |
2009-10-10 | Name : SLES9: Security update for Mozilla File : nvt/sles9p5022953.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2008:155-1 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2008_155_1.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2008:155 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2008_155.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-firefox MDVSA-2008:080 (mozilla-firefox) File : nvt/gb_mandriva_MDVSA_2008_080.nasl |
2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-592-1 File : nvt/gb_ubuntu_USN_592_1.nasl |
2009-03-23 | Name : Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-605-1 File : nvt/gb_ubuntu_USN_605_1.nasl |
2009-03-06 | Name : RedHat Update for thunderbird RHSA-2008:0209-01 File : nvt/gb_RHSA-2008_0209-01_thunderbird.nasl |
2009-03-06 | Name : RedHat Update for seamonkey RHSA-2008:0208-01 File : nvt/gb_RHSA-2008_0208-01_seamonkey.nasl |
2009-03-06 | Name : RedHat Update for firefox RHSA-2008:0207-01 File : nvt/gb_RHSA-2008_0207-01_firefox.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0208 centos3 x86_64 File : nvt/gb_CESA-2008_0208_seamonkey_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0209 centos4 x86_64 File : nvt/gb_CESA-2008_0209_thunderbird_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0209 centos4 i386 File : nvt/gb_CESA-2008_0209_thunderbird_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0208 centos4 x86_64 File : nvt/gb_CESA-2008_0208_seamonkey_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0208 centos4 i386 File : nvt/gb_CESA-2008_0208_seamonkey_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0208 centos3 i386 File : nvt/gb_CESA-2008_0208_seamonkey_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0208-01 centos2 i386 File : nvt/gb_CESA-2008_0208-01_seamonkey_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0207 centos4 x86_64 File : nvt/gb_CESA-2008_0207_firefox_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0207 centos4 i386 File : nvt/gb_CESA-2008_0207_firefox_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0207 centos3 x86_64 File : nvt/gb_CESA-2008_0207_firefox_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0207 centos3 i386 File : nvt/gb_CESA-2008_0207_firefox_centos3_i386.nasl |
2009-02-17 | Name : Fedora Update for thunderbird FEDORA-2008-3557 File : nvt/gb_fedora_2008_3557_thunderbird_fc8.nasl |
2009-02-17 | Name : Fedora Update for thunderbird FEDORA-2008-3519 File : nvt/gb_fedora_2008_3519_thunderbird_fc7.nasl |
2009-02-16 | Name : Fedora Update for devhelp FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_devhelp_fc7.nasl |
2009-02-16 | Name : Fedora Update for Miro FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_Miro_fc7.nasl |
2009-02-16 | Name : Fedora Update for yelp FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_yelp_fc8.nasl |
2009-02-16 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_ruby-gnome2_fc8.nasl |
2009-02-16 | Name : Fedora Update for openvrml FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_openvrml_fc8.nasl |
2009-02-16 | Name : Fedora Update for liferea FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_liferea_fc8.nasl |
2009-02-16 | Name : Fedora Update for kazehakase FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_kazehakase_fc8.nasl |
2009-02-16 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_gtkmozembedmm_fc8.nasl |
2009-02-16 | Name : Fedora Update for gnome-web-photo FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_gnome-web-photo_fc8.nasl |
2009-02-16 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_gnome-python2-extras_fc8.nasl |
2009-02-16 | Name : Fedora Update for galeon FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_galeon_fc8.nasl |
2009-02-16 | Name : Fedora Update for firefox FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_firefox_fc8.nasl |
2009-02-16 | Name : Fedora Update for epiphany FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_epiphany_fc8.nasl |
2009-02-16 | Name : Fedora Update for epiphany-extensions FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_epiphany-extensions_fc8.nasl |
2009-02-16 | Name : Fedora Update for devhelp FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_devhelp_fc8.nasl |
2009-02-16 | Name : Fedora Update for chmsee FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_chmsee_fc8.nasl |
2009-02-16 | Name : Fedora Update for blam FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_blam_fc8.nasl |
2009-02-16 | Name : Fedora Update for Miro FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_Miro_fc8.nasl |
2009-02-16 | Name : Fedora Update for yelp FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_yelp_fc7.nasl |
2009-02-16 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_ruby-gnome2_fc7.nasl |
2009-02-16 | Name : Fedora Update for openvrml FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_openvrml_fc7.nasl |
2009-02-16 | Name : Fedora Update for liferea FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_liferea_fc7.nasl |
2009-02-16 | Name : Fedora Update for kazehakase FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_kazehakase_fc7.nasl |
2009-02-16 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_gtkmozembedmm_fc7.nasl |
2009-02-16 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_gnome-python2-extras_fc7.nasl |
2009-02-16 | Name : Fedora Update for galeon FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_galeon_fc7.nasl |
2009-02-16 | Name : Fedora Update for firefox FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_firefox_fc7.nasl |
2009-02-16 | Name : Fedora Update for epiphany FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_epiphany_fc7.nasl |
2009-02-16 | Name : Fedora Update for epiphany-extensions FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_epiphany-extensions_fc7.nasl |
2009-02-16 | Name : Fedora Update for chmsee FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_chmsee_fc7.nasl |
2009-01-23 | Name : SuSE Update for MozillaFirefox SUSE-SA:2008:019 File : nvt/gb_suse_2008_019.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200805-18 (mozilla ...) File : nvt/glsa_200805_18.nasl |
2008-09-04 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox33.nasl |
2008-09-04 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox32.nasl |
2008-06-17 | Name : Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Lin) File : nvt/mozilla_CB-A08-0017.nasl |
2008-06-17 | Name : Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Win) File : nvt/smbcl_mozilla.nasl |
2008-05-27 | Name : Debian Security Advisory DSA 1574-1 (icedove) File : nvt/deb_1574_1.nasl |
2008-04-30 | Name : Debian Security Advisory DSA 1534-2 (iceape) File : nvt/deb_1534_2.nasl |
2008-04-07 | Name : Debian Security Advisory DSA 1535-1 (iceweasel) File : nvt/deb_1535_1.nasl |
2008-04-07 | Name : Debian Security Advisory DSA 1534-1 (iceape) File : nvt/deb_1534_1.nasl |
2008-04-07 | Name : Debian Security Advisory DSA 1532-1 (xulrunner) File : nvt/deb_1532_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-128-02 mozilla-thunderbird File : nvt/esoft_slk_ssa_2008_128_02.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
43878 | Mozilla Multiple Products pref_DoCallback nsPref:changed Notification Observ... |
43877 | Mozilla Multiple Products on Mac OS X Quartz Drawing Code Malformed Image Di... |
43876 | Mozilla Multiple Products ARGB32_image_ARGB32() GIF Handling DoS |
43875 | Mozilla Multiple Products Window Zooming Unspecified DoS |
43874 | Mozilla Multiple Products DocumentViewerImpl::Destroy Popup DoS |
43873 | Mozilla Multiple Products GetNearestCapturingView iframe Style Editing DoS |
43872 | Mozilla Multiple Products JS_ValueToId Null String Handling DoS |
43871 | Mozilla Multiple Products js_FilterXMLList Block Object Handling DoS |
43870 | Mozilla Multiple Products JSOP_NEG js_NewNumberValue SAVE_SP_AND_PC Unspecif... |
43869 | Mozilla Multiple Products jsobj.c fp Assertion Failure Unspecified DoS |
43868 | Mozilla Multiple Products jsinterp.c Multiple Macros SAVE_SP_AND_PC Privileg... |
43867 | Mozilla Multiple Products JS_CompileUCFunctionForPrincipals js_NewFunction P... |
43866 | Mozilla Multiple Products JSOP_YIELD / JSOP_ARRAYPUSH SAVE_SP_AND_PC Privile... |
43865 | Mozilla Multiple Products XPCNativeWrapper Chrome XBL Method Bypass |
43864 | Mozilla Multiple Products XPCNativeWrapper tabbrowser.xml Multiple Function ... |
43863 | Mozilla Multiple Products XPCNativeWrapper Function Constructor Arbitrary Co... |
43862 | Mozilla Multiple Products XPCNativeWrapper setTimeout() Arbitrary Code Execu... |
43861 | Mozilla Multiple Products XMLHttpRequest Event Handler XSS |
43860 | Mozilla Multiple Products XMLDocument.load() Event Handler XSS |
43859 | Mozilla Multiple Products Indirect Eval Cross Principal Code Execution |
43858 | Mozilla Multiple Products js_ValueToFunctionObject Cloned Function Privilege... |
43857 | Mozilla Multiple Products Mixed Principal Overlay Privilege Escalation |
43849 | Mozilla Multiple Browsers Basic Authentication Referrer Header Spoofing |
43846 | Mozilla Multiple Browsers Cross-tab XUL Pop-up Spoofing |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Mozilla Firefox IFRAME style change handling code execution RuleID : 17570 - Revision : 5 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox IFRAME style change handling code execution RuleID : 13838 - Revision : 12 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0209.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0208.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0207.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20080403_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080327_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080326_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-155.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-080.nasl - Type : ACT_GATHER_INFO |
2008-06-09 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-5329.nasl - Type : ACT_GATHER_INFO |
2008-05-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-128-02.nasl - Type : ACT_GATHER_INFO |
2008-05-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200805-18.nasl - Type : ACT_GATHER_INFO |
2008-05-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1574.nasl - Type : ACT_GATHER_INFO |
2008-05-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3519.nasl - Type : ACT_GATHER_INFO |
2008-05-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3557.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-605-1.nasl - Type : ACT_GATHER_INFO |
2008-05-06 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20014.nasl - Type : ACT_GATHER_INFO |
2008-05-01 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-5219.nasl - Type : ACT_GATHER_INFO |
2008-05-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5218.nasl - Type : ACT_GATHER_INFO |
2008-04-28 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_67bd39ba12b511ddbab70016179b2dd5.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5167.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote openSUSE host is missing a security update. File : suse_mozilla-xulrunner181-5158.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote openSUSE host is missing a security update. File : suse_mozilla-xulrunner-5163.nasl - Type : ACT_GATHER_INFO |
2008-04-18 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mozilla-xulrunner-5164.nasl - Type : ACT_GATHER_INFO |
2008-04-17 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0209.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5153.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1535.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0209.nasl - Type : ACT_GATHER_INFO |
2008-04-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5134.nasl - Type : ACT_GATHER_INFO |
2008-03-31 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_12b336c6fe3611dcb09c001c2514716c.nasl - Type : ACT_GATHER_INFO |
2008-03-31 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-5135.nasl - Type : ACT_GATHER_INFO |
2008-03-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1532.nasl - Type : ACT_GATHER_INFO |
2008-03-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1534.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0208.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0208.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0207.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-2662.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-2682.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-592-1.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0207.nasl - Type : ACT_GATHER_INFO |
2008-03-26 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_119.nasl - Type : ACT_GATHER_INFO |
2008-03-26 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_20013.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:51:33 |
|