Executive Summary
Summary | |
---|---|
Title | thunderbird security update |
Informations | |||
---|---|---|---|
Name | RHSA-2009:0258 | First vendor Publication | 2009-03-24 |
Vendor | RedHat | Last vendor Modification | 2009-03-24 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird. (CVE-2009-0352, CVE-2009-0353, CVE-2009-0772, CVE-2009-0774, CVE-2009-0775) Several flaws were found in the way malformed content was processed. An HTML mail message containing specially-crafted content could potentially trick a Thunderbird user into surrendering sensitive information. (CVE-2009-0355, CVE-2009-0776) Note: JavaScript support is disabled by default in Thunderbird. None of the above issues are exploitable unless JavaScript is enabled. All Thunderbird users should upgrade to this updated package, which resolves these issues. All running instances of Thunderbird must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 483139 - CVE-2009-0352 Firefox layout crashes with evidence of memory corruption 483141 - CVE-2009-0353 Firefox javascript crashes with evidence of memory corruption 483143 - CVE-2009-0355 Firefox local file stealing with SessionStore 488273 - CVE-2009-0772 Firefox 2 and 3 - Layout engine crashes 488283 - CVE-2009-0774 Firefox 2 and 3 crashes in the JavaScript engine 488287 - CVE-2009-0775 Firefox XUL Linked Clones Double Free Vulnerability 488290 - CVE-2009-0776 Firefox XML data theft via RDFXMLDataSource and cross-domain redirect |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2009-0258.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
71 % | CWE-399 | Resource Management Errors |
14 % | CWE-264 | Permissions, Privileges, and Access Controls |
14 % | CWE-200 | Information Exposure |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11138 | |||
Oval ID: | oval:org.mitre.oval:def:11138 | ||
Title: | The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773. | ||
Description: | The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0774 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13664 | |||
Oval ID: | oval:org.mitre.oval:def:13664 | ||
Title: | USN-741-1 -- mozilla-thunderbird, thunderbird vulnerabilities | ||
Description: | Several flaws were discovered in the browser engine. If Javascript were enabled, an attacker could exploit these flaws to crash Thunderbird and possibly execute arbitrary code with user privileges. Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user had Javascript enabled, these problems could allow a remote attacker to cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Georgi Guninski discovered a flaw when Thunderbird performed a cross-domain redirect. If a user had Javascript enabled, an attacker could bypass the same-origin policy in Thunderbird by utilizing nsIRDFService and steal private data from users authenticated to the redirected website | ||
Family: | unix | Class: | patch |
Reference(s): | USN-741-1 CVE-2009-0352 CVE-2009-0772 CVE-2009-0774 CVE-2009-0776 | Version: | 5 |
Platform(s): | Ubuntu 7.10 Ubuntu 8.04 Ubuntu 6.06 Ubuntu 8.10 | Product(s): | mozilla-thunderbird thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13848 | |||
Oval ID: | oval:org.mitre.oval:def:13848 | ||
Title: | USN-728-3 -- firefox vulnerabilities | ||
Description: | Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Georgi Guninski discovered a flaw when Firefox performed a cross-domain redirect. An attacker could bypass the same-origin policy in Firefox by utilizing nsIRDFService and steal private data from users authenticated to the redirected website | ||
Family: | unix | Class: | patch |
Reference(s): | USN-728-3 CVE-2009-0772 CVE-2009-0774 CVE-2009-0776 | Version: | 5 |
Platform(s): | Ubuntu 6.06 | Product(s): | firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13894 | |||
Oval ID: | oval:org.mitre.oval:def:13894 | ||
Title: | USN-728-2 -- firefox vulnerabilities | ||
Description: | Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Georgi Guninski discovered a flaw when Firefox performed a cross-domain redirect. An attacker could bypass the same-origin policy in Firefox by utilizing nsIRDFService and steal private data from users authenticated to the redirected website | ||
Family: | unix | Class: | patch |
Reference(s): | USN-728-2 CVE-2009-0772 CVE-2009-0774 CVE-2009-0776 | Version: | 5 |
Platform(s): | Ubuntu 7.10 | Product(s): | firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20238 | |||
Oval ID: | oval:org.mitre.oval:def:20238 | ||
Title: | DSA-1751-1 xulrunner - several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1751-1 CVE-2009-0771 CVE-2009-0772 CVE-2009-0773 CVE-2009-0774 CVE-2009-0775 CVE-2009-0776 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22778 | |||
Oval ID: | oval:org.mitre.oval:def:22778 | ||
Title: | ELSA-2009:0258: thunderbird security update (Moderate) | ||
Description: | nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:0258-01 CVE-2009-0352 CVE-2009-0353 CVE-2009-0355 CVE-2009-0772 CVE-2009-0774 CVE-2009-0775 CVE-2009-0776 | Version: | 33 |
Platform(s): | Oracle Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29166 | |||
Oval ID: | oval:org.mitre.oval:def:29166 | ||
Title: | RHSA-2009:0258 -- thunderbird security update (Moderate) | ||
Description: | An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird. (CVE-2009-0352, CVE-2009-0353, CVE-2009-0772, CVE-2009-0774, CVE-2009-0775) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:0258 CESA-2009:0258-CentOS 5 CVE-2009-0352 CVE-2009-0353 CVE-2009-0355 CVE-2009-0772 CVE-2009-0774 CVE-2009-0775 CVE-2009-0776 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5703 | |||
Oval ID: | oval:org.mitre.oval:def:5703 | ||
Title: | Mozilla Thunderbird Denial of Service Vulnerability | ||
Description: | The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0772 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5806 | |||
Oval ID: | oval:org.mitre.oval:def:5806 | ||
Title: | Mozilla Seamonkey remote code execution Vulnerability | ||
Description: | Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0775 | Version: | 2 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5816 | |||
Oval ID: | oval:org.mitre.oval:def:5816 | ||
Title: | Mozilla Thunderbird remote code execution Vulnerability | ||
Description: | Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0775 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5945 | |||
Oval ID: | oval:org.mitre.oval:def:5945 | ||
Title: | Mozilla Seamonkey Denial of Service Vulnerability | ||
Description: | The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0772 | Version: | 2 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5947 | |||
Oval ID: | oval:org.mitre.oval:def:5947 | ||
Title: | Mozilla Firefox gczeal (vector) Denial of Service Vulnerability | ||
Description: | The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0774 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5956 | |||
Oval ID: | oval:org.mitre.oval:def:5956 | ||
Title: | Mozilla Firefox security bypass Vulnerability | ||
Description: | nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0776 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6017 | |||
Oval ID: | oval:org.mitre.oval:def:6017 | ||
Title: | Mozilla Seamonkey security bypass Vulnerability | ||
Description: | nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0776 | Version: | 2 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6057 | |||
Oval ID: | oval:org.mitre.oval:def:6057 | ||
Title: | Mozilla Seamonkey gczeal (vector) Denial of Service Vulnerability | ||
Description: | The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0774 | Version: | 2 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6097 | |||
Oval ID: | oval:org.mitre.oval:def:6097 | ||
Title: | Mozilla Firefox Denial of Service Vulnerability | ||
Description: | The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0772 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6121 | |||
Oval ID: | oval:org.mitre.oval:def:6121 | ||
Title: | Mozilla Thunderbird gczeal (vector) Denial of Service Vulnerability | ||
Description: | The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0774 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6191 | |||
Oval ID: | oval:org.mitre.oval:def:6191 | ||
Title: | Mozilla Thunderbird security bypass Vulnerability | ||
Description: | nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0776 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6207 | |||
Oval ID: | oval:org.mitre.oval:def:6207 | ||
Title: | Mozilla Firefox remote code execution Vulnerability | ||
Description: | Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0775 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6811 | |||
Oval ID: | oval:org.mitre.oval:def:6811 | ||
Title: | Mozilla Firefox, Thunderbird and Seamonkey Denial of Service Vulnerability | ||
Description: | The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0772 | Version: | 19 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6945 | |||
Oval ID: | oval:org.mitre.oval:def:6945 | ||
Title: | Mozilla Firefox, Thunderbird and Seamonkey gczeal (vector) Denial of Service Vulnerability | ||
Description: | The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0774 | Version: | 19 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7390 | |||
Oval ID: | oval:org.mitre.oval:def:7390 | ||
Title: | Mozilla Firefox, Thunderbird and Seamonkey security bypass Vulnerability | ||
Description: | nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0776 | Version: | 19 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7584 | |||
Oval ID: | oval:org.mitre.oval:def:7584 | ||
Title: | Mozilla Firefox, Thunderbird and Seamonkey remote code execution Vulnerability | ||
Description: | Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0775 | Version: | 19 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7990 | |||
Oval ID: | oval:org.mitre.oval:def:7990 | ||
Title: | DSA-1751 xulrunner -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: Martijn Wargers, Jesse Ruderman and Josh Soref discovered crashes in the layout engine, which might allow the execution of arbitrary code. Jesse Ruderman discovered crashes in the layout engine, which might allow the execution of arbitrary code. Gary Kwong, and Timothee Groleau discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. Gary Kwong discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. It was discovered that incorrect memory management in the DOM element handling may lead to the execution of arbitrary code. Georgi Guninski discovered a violation of the same-origin policy through RDFXMLDataSource and cross-domain redirects. As indicated in the Etch release notes, security support for the Mozilla products in the oldstable distribution needed to be stopped before the end of the regular Etch security maintenance life cycle. You are strongly encouraged to upgrade to stable or switch to a still supported browser. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1751 CVE-2009-0771 CVE-2009-0772 CVE-2009-0773 CVE-2009-0774 CVE-2009-0775 CVE-2009-0776 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9241 | |||
Oval ID: | oval:org.mitre.oval:def:9241 | ||
Title: | nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect. | ||
Description: | nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0776 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9609 | |||
Oval ID: | oval:org.mitre.oval:def:9609 | ||
Title: | The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption. | ||
Description: | The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0772 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9681 | |||
Oval ID: | oval:org.mitre.oval:def:9681 | ||
Title: | Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection. | ||
Description: | Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0775 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:0325 centos4 i386 File : nvt/gb_CESA-2009_0325_seamonkey_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:0325 centos3 i386 File : nvt/gb_CESA-2009_0325_seamonkey_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:0325-01 centos2 i386 File : nvt/gb_CESA-2009_0325-01_seamonkey_centos2_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2009:0315 centos5 i386 File : nvt/gb_CESA-2009_0315_firefox_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2009:0315 centos4 i386 File : nvt/gb_CESA-2009_0315_firefox_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for thunderbird CESA-2009:0258 centos5 i386 File : nvt/gb_CESA-2009_0258_thunderbird_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for thunderbird CESA-2009:0258 centos4 i386 File : nvt/gb_CESA-2009_0258_thunderbird_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:0257 centos4 i386 File : nvt/gb_CESA-2009_0257_seamonkey_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:0257 centos3 i386 File : nvt/gb_CESA-2009_0257_seamonkey_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:0257-01 centos2 i386 File : nvt/gb_CESA-2009_0257-01_seamonkey_centos2_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2009:0256 centos5 i386 File : nvt/gb_CESA-2009_0256_firefox_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2009:0256 centos4 i386 File : nvt/gb_CESA-2009_0256_firefox_centos4_i386.nasl |
2009-10-13 | Name : SLES10: Security update for MozillaFirefox File : nvt/sles10_MozillaFirefox3.nasl |
2009-10-11 | Name : SLES11: Security update for MozillaFirefox File : nvt/sles11_MozillaFirefox.nasl |
2009-07-29 | Name : Ubuntu USN-802-1 (apache2) File : nvt/ubuntu_802_1.nasl |
2009-07-29 | Name : Debian Security Advisory DSA 1830-1 (icedove) File : nvt/deb_1830_1.nasl |
2009-07-29 | Name : Ubuntu USN-801-1 (tiff) File : nvt/ubuntu_801_1.nasl |
2009-07-29 | Name : Ubuntu USN-799-1 (dbus) File : nvt/ubuntu_799_1.nasl |
2009-06-05 | Name : Ubuntu USN-723-1 (git-core) File : nvt/ubuntu_723_1.nasl |
2009-05-20 | Name : CentOS Security Advisory CESA-2009:0258 (thunderbird) File : nvt/ovcesa2009_0258.nasl |
2009-04-20 | Name : SuSE Security Advisory SUSE-SA:2009:023 (MozillaFirefox) File : nvt/suse_sa_2009_023.nasl |
2009-04-06 | Name : Fedora Core 9 FEDORA-2009-3101 (seamonkey) File : nvt/fcore_2009_3101.nasl |
2009-04-06 | Name : Mandrake Security Advisory MDVSA-2009:083 (mozilla-thunderbird) File : nvt/mdksa_2009_083.nasl |
2009-04-06 | Name : Fedora Core 10 FEDORA-2009-3161 (seamonkey) File : nvt/fcore_2009_3161.nasl |
2009-03-31 | Name : Ubuntu USN-742-1 (jasper) File : nvt/ubuntu_742_1.nasl |
2009-03-31 | Name : Ubuntu USN-741-1 (thunderbird) File : nvt/ubuntu_741_1.nasl |
2009-03-31 | Name : RedHat Security Advisory RHSA-2009:0258 File : nvt/RHSA_2009_0258.nasl |
2009-03-31 | Name : Fedora Core 10 FEDORA-2009-2882 (thunderbird) File : nvt/fcore_2009_2882.nasl |
2009-03-31 | Name : Fedora Core 9 FEDORA-2009-2884 (thunderbird) File : nvt/fcore_2009_2884.nasl |
2009-03-20 | Name : SuSE Security Advisory SUSE-SA:2009:012 (MozillaFirefox) File : nvt/suse_sa_2009_012.nasl |
2009-03-20 | Name : Mandrake Security Advisory MDVSA-2009:075 (firefox) File : nvt/mdksa_2009_075.nasl |
2009-03-13 | Name : Fedora Core 9 FEDORA-2009-2421 (firefox) File : nvt/fcore_2009_2421.nasl |
2009-03-13 | Name : Fedora Core 10 FEDORA-2009-2422 (firefox) File : nvt/fcore_2009_2422.nasl |
2009-03-13 | Name : CentOS Security Advisory CESA-2009:0325-01 (seamonkey) File : nvt/ovcesa2009_0325_01.nasl |
2009-03-13 | Name : CentOS Security Advisory CESA-2009:0315 (firefox) File : nvt/ovcesa2009_0315.nasl |
2009-03-10 | Name : Mozilla Seamonkey Multiple Vulnerabilities Mar-09 (Win) File : nvt/gb_seamonkey_mult_vuln_mar09_win.nasl |
2009-03-10 | Name : Mozilla Thunderbird Multiple Vulnerabilities Mar-09 (Win) File : nvt/gb_thunderbird_mult_vuln_mar09_win.nasl |
2009-03-10 | Name : Mozilla Thunderbird Multiple Vulnerabilities Mar-09 (Linux) File : nvt/gb_thunderbird_mult_vuln_mar09_lin.nasl |
2009-03-10 | Name : Mozilla Seamonkey Multiple Vulnerabilities Mar-09 (Linux) File : nvt/gb_seamonkey_mult_vuln_mar09_lin.nasl |
2009-03-10 | Name : Mozilla Firefox Multiple Vulnerabilities Mar-09 (Win) File : nvt/gb_firefox_mult_vuln_mar09_win.nasl |
2009-03-10 | Name : Mozilla Firefox Multiple Vulnerabilities Mar-09 (Linux) File : nvt/gb_firefox_mult_vuln_mar09_lin.nasl |
2009-03-07 | Name : Ubuntu USN-728-2 (firefox) File : nvt/ubuntu_728_2.nasl |
2009-03-07 | Name : Ubuntu USN-728-1 (xulrunner-1.9) File : nvt/ubuntu_728_1.nasl |
2009-03-07 | Name : Ubuntu USN-727-2 (network-manager) File : nvt/ubuntu_727_2.nasl |
2009-03-07 | Name : Ubuntu USN-727-1 (network-manager-applet) File : nvt/ubuntu_727_1.nasl |
2009-03-07 | Name : CentOS Security Advisory CESA-2009:0325 (seamonkey) File : nvt/ovcesa2009_0325.nasl |
2009-03-07 | Name : Ubuntu USN-726-2 (curl) File : nvt/ubuntu_726_2.nasl |
2009-03-07 | Name : Ubuntu USN-726-1 (curl) File : nvt/ubuntu_726_1.nasl |
2009-03-07 | Name : RedHat Security Advisory RHSA-2009:0315 File : nvt/RHSA_2009_0315.nasl |
2009-03-07 | Name : RedHat Security Advisory RHSA-2009:0325 File : nvt/RHSA_2009_0325.nasl |
2009-03-07 | Name : Ubuntu USN-728-3 (firefox) File : nvt/ubuntu_728_3.nasl |
2009-02-23 | Name : Mandrake Security Advisory MDVSA-2009:044 (firefox) File : nvt/mdksa_2009_044.nasl |
2009-02-20 | Name : Mozilla Thunderbird Multiple Vulnerabilities Feb-09 (Linux) File : nvt/secpod_thunderbird_mult_vuln_feb09_lin.nasl |
2009-02-20 | Name : Mozilla Seamonkey Multiple Vulnerabilities Feb-09 (Win) File : nvt/secpod_seamonkey_mult_vuln_feb09_win.nasl |
2009-02-20 | Name : Mozilla Seamonkey Multiple Vulnerabilities Feb-09 (Linux) File : nvt/secpod_seamonkey_mult_vuln_feb09_lin.nasl |
2009-02-20 | Name : Mozilla Firefox Multiple Vulnerabilities Feb-09 (Win) File : nvt/secpod_firefox_mult_vuln_feb09_win.nasl |
2009-02-20 | Name : Mozilla Firefox Multiple Vulnerabilities Feb-09 (Linux) File : nvt/secpod_firefox_mult_vuln_feb09_lin.nasl |
2009-02-20 | Name : Mozilla Thunderbird Multiple Vulnerabilities Feb-09 (Win) File : nvt/secpod_thunderbird_mult_vuln_feb09_win.nasl |
2009-02-18 | Name : SuSE Security Advisory SUSE-SA:2009:009 (MozillaFirefox) File : nvt/suse_sa_2009_009.nasl |
2009-02-13 | Name : Ubuntu USN-717-1 (xulrunner-1.9) File : nvt/ubuntu_717_1.nasl |
2009-02-13 | Name : Ubuntu USN-717-2 (firefox-3.0) File : nvt/ubuntu_717_2.nasl |
2009-02-13 | Name : Fedora Core 10 FEDORA-2009-1398 (xulrunner) File : nvt/fcore_2009_1398.nasl |
2009-02-13 | Name : Fedora Core 9 FEDORA-2009-1399 (xulrunner) File : nvt/fcore_2009_1399.nasl |
2009-02-13 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox37.nasl |
2009-02-10 | Name : RedHat Security Advisory RHSA-2009:0257 File : nvt/RHSA_2009_0257.nasl |
2009-02-10 | Name : RedHat Security Advisory RHSA-2009:0256 File : nvt/RHSA_2009_0256.nasl |
2009-02-10 | Name : CentOS Security Advisory CESA-2009:0256 (firefox) File : nvt/ovcesa2009_0256.nasl |
2009-02-10 | Name : CentOS Security Advisory CESA-2009:0257 (seamonkey) File : nvt/ovcesa2009_0257.nasl |
2009-02-10 | Name : CentOS Security Advisory CESA-2009:0257-01 (seamonkey) File : nvt/ovcesa2009_0257_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-083-03 mozilla-thunderbird File : nvt/esoft_slk_ssa_2009_083_03.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-083-02 seamonkey File : nvt/esoft_slk_ssa_2009_083_02.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
52451 | Mozilla Multiple Products nsIRDFService Cross-domain Redirect Same-origin Pol... Multiple Mozilla products contain a flaw that may allow a malicious website operator to access private data from users redirected to another website. The issue is triggered by nsIRDFService allowing a malicious website operator to use a cross-domain redirect to steal arbitrary XML data from another domain, resulting in a loss of confidentiality. |
52450 | Mozilla Multiple Products Crafted Cloned XUL DOM Elements Arbitrary Code Exec... |
52446 | Mozilla Multiple Products Layout Engine gczeal Unspecified Code Execution |
52445 | Mozilla Multiple Products Layout Engine nsCSSStyleSheet::GetOwnerNode Functio... |
51940 | Mozilla Multiple Products Layout Engine nsStyleContext::Destroy Multiple Meth... |
51939 | Mozilla Multiple Products Layout Engine nsOverflowContinuationTracker::Insert... |
51938 | Mozilla Multiple Products Layout Engine nsContainerFrame::ReflowOverflowConta... |
51937 | Mozilla Multiple Products Layout Engine nsViewManager::Composite() Layout Obj... |
51936 | Mozilla Multiple Products Layout Engine nsTransactionItem.cpp PlaceholderTxn:... |
51935 | Mozilla Multiple Products Layout Engine nsAttributeTextNode GetStrokeDash* Me... |
51934 | Mozilla Multiple Products Layout Engine nsStyleContext::Release Memory Corrup... |
51933 | Mozilla Multiple Products Layout Engine nsContainerFrame.cpp Frame Tree Handl... |
51932 | Mozilla Multiple Products Layout Engine nsContentUtils::ComparePosition Memor... |
51931 | Mozilla Multiple Products Layout Engine File Open Dialog input type Manipulat... |
51930 | Mozilla Firefox components/sessionstore/src/nsSessionStore.js file INPUT Elem... |
51929 | Mozilla Multiple Products JavaScript Engine Unspecified Memory Corruption |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2009-0258.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0257.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0256.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0315.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0325.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-728-3.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-728-2.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-717-2.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20090324_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090304_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090304_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090204_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090204_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1830.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-6187.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-090319.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_seamonkey-090617.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-090312.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-090206.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_seamonkey-090617.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-090312.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-090206.nasl - Type : ACT_GATHER_INFO |
2009-06-19 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-6310.nasl - Type : ACT_GATHER_INFO |
2009-05-26 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2009-0258.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-728-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-717-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-741-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-1398.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-2422.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-2882.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-3161.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-044.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-083.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-075.nasl - Type : ACT_GATHER_INFO |
2009-04-21 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-6194.nasl - Type : ACT_GATHER_INFO |
2009-03-31 | Name : The remote Fedora host is missing a security update. File : fedora_2009-3101.nasl - Type : ACT_GATHER_INFO |
2009-03-25 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-083-02.nasl - Type : ACT_GATHER_INFO |
2009-03-25 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-083-03.nasl - Type : ACT_GATHER_INFO |
2009-03-25 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2009-0258.nasl - Type : ACT_GATHER_INFO |
2009-03-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1751.nasl - Type : ACT_GATHER_INFO |
2009-03-22 | Name : The remote Fedora host is missing a security update. File : fedora_2009-2884.nasl - Type : ACT_GATHER_INFO |
2009-03-20 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20021.nasl - Type : ACT_GATHER_INFO |
2009-03-20 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_1115.nasl - Type : ACT_GATHER_INFO |
2009-03-09 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-2421.nasl - Type : ACT_GATHER_INFO |
2009-03-08 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0315.nasl - Type : ACT_GATHER_INFO |
2009-03-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0325.nasl - Type : ACT_GATHER_INFO |
2009-03-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0325.nasl - Type : ACT_GATHER_INFO |
2009-03-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0315.nasl - Type : ACT_GATHER_INFO |
2009-03-05 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_307.nasl - Type : ACT_GATHER_INFO |
2009-02-12 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_8b491182f84211dd94d90030843d3802.nasl - Type : ACT_GATHER_INFO |
2009-02-06 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-1399.nasl - Type : ACT_GATHER_INFO |
2009-02-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0257.nasl - Type : ACT_GATHER_INFO |
2009-02-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0256.nasl - Type : ACT_GATHER_INFO |
2009-02-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0256.nasl - Type : ACT_GATHER_INFO |
2009-02-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0257.nasl - Type : ACT_GATHER_INFO |
2009-02-04 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_306.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:52:14 |
|