Executive Summary
Summary | |
---|---|
Title | firefox security update |
Informations | |||
---|---|---|---|
Name | RHSA-2009:1430 | First vendor Publication | 2009-09-09 |
Vendor | RedHat | Last vendor Modification | 2009-09-09 |
Severity (Vendor) | Critical | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. nspr provides the Netscape Portable Runtime (NSPR). Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2009-3070, CVE-2009-3071, CVE-2009-3072, CVE-2009-3074, CVE-2009-3075) A use-after-free flaw was found in Firefox. An attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2009-3077) A flaw was found in the way Firefox handles malformed JavaScript. A website with an object containing malicious JavaScript could execute that JavaScript with the privileges of the user running Firefox. (CVE-2009-3079) Descriptions in the dialogs when adding and removing PKCS #11 modules were not informative. An attacker able to trick a user into installing a malicious PKCS #11 module could use this flaw to install their own Certificate Authority certificates on a user's machine, making it possible to trick the user into believing they are viewing a trusted site or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2009-3076) A flaw was found in the way Firefox displays the address bar when window.open() is called in a certain way. An attacker could use this flaw to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site. (CVE-2009-2654) A flaw was found in the way Firefox displays certain Unicode characters. An attacker could use this flaw to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site. (CVE-2009-3078) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.14. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.14, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 521311 - CVE-2009-2654 firefox: URL bar spoofing vulnerability 521686 - CVE-2009-3070 Firefox 3.5 3.0.14 browser engine crashes 521687 - CVE-2009-3071 Firefox 3.5.2 3.0.14 browser engine crashes 521688 - CVE-2009-3072 Firefox 3.5.3 3.0.14 browser engine crashes 521690 - CVE-2009-3074 Firefox 3.5 3.0.14 JavaScript engine crashes 521691 - CVE-2009-3075 Firefox 3.5.2 3.0.14 JavaScript engine crashes 521692 - CVE-2009-3076 Firefox 3.0.14 Insufficient warning for PKCS11 module installation and removal 521693 - CVE-2009-3077 Firefox 3.5.3 3.0.14 TreeColumns dangling pointer vulnerability 521694 - CVE-2009-3078 Firefox 3.5.3 3.0.14 Location bar spoofing via tall line-height Unicode characters 521695 - CVE-2009-3079 Firefox 3.5.3 3.0.14 Chrome privilege escalation with FeedWriter |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2009-1430.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
50 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10349 | |||
Oval ID: | oval:org.mitre.oval:def:10349 | ||
Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors. | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3072 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10390 | |||
Oval ID: | oval:org.mitre.oval:def:10390 | ||
Title: | Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter. | ||
Description: | Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3079 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10698 | |||
Oval ID: | oval:org.mitre.oval:def:10698 | ||
Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3071 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10871 | |||
Oval ID: | oval:org.mitre.oval:def:10871 | ||
Title: | Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property. | ||
Description: | Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3078 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11365 | |||
Oval ID: | oval:org.mitre.oval:def:11365 | ||
Title: | Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper function in js/src/jsstr.cpp, and unknown vectors. | ||
Description: | Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper function in js/src/jsstr.cpp, and unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3075 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11702 | |||
Oval ID: | oval:org.mitre.oval:def:11702 | ||
Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3070 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13601 | |||
Oval ID: | oval:org.mitre.oval:def:13601 | ||
Title: | DSA-1886-1 iceweasel -- several | ||
Description: | Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3079 "moz_bug_r_a4" discovered that a programming error in the FeedWriter module could lead to the execution of Javascript code with elevated privileges. CVE-2009-1310 Prateek Saxena discovered a cross-site scripting vulnerability in the MozSearch plugin interface. For the stable distribution, these problems have been fixed in version 3.0.6-3. As indicated in the Etch release notes, security support for the Mozilla products in the oldstable distribution needed to be stopped before the end of the regular Etch security maintenance life cycle. You are strongly encouraged to upgrade to stable or switch to a still supported browser. For the unstable distribution, these problems have been fixed in version 3.0.14-1. For the experimental distribution, these problems have been fixed in version 3.5.3-1. We recommend that you upgrade your iceweasel packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1886-1 CVE-2009-1310 CVE-2009-3079 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13610 | |||
Oval ID: | oval:org.mitre.oval:def:13610 | ||
Title: | DSA-1885-1 xulrunner -- several | ||
Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3070 Jesse Ruderman discovered crashes in the layout engine, which might allow the execution of arbitrary code. CVE-2009-3071 Daniel Holbert, Jesse Ruderman, Olli Pettay and "toshi" discovered crashes in the layout engine, which might allow the execution of arbitrary code. CVE-2009-3072 Josh Soref, Jesse Ruderman and Martin Wargers discovered crashes in the layout engine, which might allow the execution of arbitrary code. CVE-2009-3074 Jesse Ruderman discovered a crash in the Javascript engine, which might allow the execution of arbitrary code. CVE-2009-3075 Carsten Book and "Taral" discovered crashes in the layout engine, which might allow the execution of arbitrary code. CVE-2009-3076 Jesse Ruderman discovered that the user interface for installing/ removing PCKS #11 securiy modules wasn’t informative enough, which might allow social engineering attacks. CVE-2009-3077 It was discovered that incorrect pointer handling in the XUL parser could lead to the execution of arbitrary code. CVE-2009-3078 Juan Pablo Lopez Yacubian discovered that incorrent rendering of some Unicode font characters could lead to spoofing attacks on the location bar. For the stable distribution, these problems have been fixed in version 1.9.0.14-0lenny1. As indicated in the Etch release notes, security support for the Mozilla products in the oldstable distribution needed to be stopped before the end of the regular Etch security maintenance life cycle. You are strongly encouraged to upgrade to stable or switch to a still supported browser. For the unstable distribution, these problems have been fixed in version 1.9.0.14-1. For the experimental distribution, these problems have been fixed in version 1.9.1.3-1. We recommend that you upgrade your xulrunner package. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1885-1 CVE-2009-3070 CVE-2009-3071 CVE-2009-3072 CVE-2009-3074 CVE-2009-3075 CVE-2009-3076 CVE-2009-3077 CVE-2009-3078 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22775 | |||
Oval ID: | oval:org.mitre.oval:def:22775 | ||
Title: | ELSA-2009:1430: firefox security update (Critical) | ||
Description: | Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1430-01 CVE-2009-2654 CVE-2009-3070 CVE-2009-3071 CVE-2009-3072 CVE-2009-3074 CVE-2009-3075 CVE-2009-3076 CVE-2009-3077 CVE-2009-3078 CVE-2009-3079 | Version: | 45 |
Platform(s): | Oracle Linux 5 | Product(s): | firefox nspr xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29334 | |||
Oval ID: | oval:org.mitre.oval:def:29334 | ||
Title: | RHSA-2009:1430 -- firefox security update (Critical) | ||
Description: | Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. nspr provides the Netscape Portable Runtime (NSPR). | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1430 CESA-2009:1430-CentOS 5 CVE-2009-2654 CVE-2009-3070 CVE-2009-3071 CVE-2009-3072 CVE-2009-3074 CVE-2009-3075 CVE-2009-3076 CVE-2009-3077 CVE-2009-3078 CVE-2009-3079 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 CentOS Linux 5 | Product(s): | firefox nspr xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5418 | |||
Oval ID: | oval:org.mitre.oval:def:5418 | ||
Title: | Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3 allow Visual truncation vulnerability | ||
Description: | Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3078 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5606 | |||
Oval ID: | oval:org.mitre.oval:def:5606 | ||
Title: | Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3 allow dangling pointer vulnerability | ||
Description: | Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns (aka TreeColumns) of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a "dangling pointer vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3077 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5717 | |||
Oval ID: | oval:org.mitre.oval:def:5717 | ||
Title: | Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2 allow multiple DOS Vulnerabilities | ||
Description: | Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper function in js/src/jsstr.cpp, and unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3075 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5905 | |||
Oval ID: | oval:org.mitre.oval:def:5905 | ||
Title: | Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2 allow Denial of Service Vulnerability | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3071 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6053 | |||
Oval ID: | oval:org.mitre.oval:def:6053 | ||
Title: | Mozilla Firefox before 3.0.14 JavaScript engine allow denial of service Vulnerability | ||
Description: | Unspecified vulnerability in the JavaScript engine in Mozilla Firefox before 3.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3074 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6073 | |||
Oval ID: | oval:org.mitre.oval:def:6073 | ||
Title: | Mozilla Firefox before 3.0.14 allow Denial of Service Vulnerability | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3070 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6140 | |||
Oval ID: | oval:org.mitre.oval:def:6140 | ||
Title: | Mozilla Firefox before 3.0.14 allow remote arbitrary code execution Vulnerability | ||
Description: | Mozilla Firefox before 3.0.14 does not properly implement certain dialogs associated with the (1) pkcs11.addmodule and (2) pkcs11.deletemodule operations, which makes it easier for remote attackers to trick a user into installing or removing an arbitrary PKCS11 module. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3076 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6250 | |||
Oval ID: | oval:org.mitre.oval:def:6250 | ||
Title: | Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3 allow remote arbitrary code Vulnerability | ||
Description: | Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3079 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6315 | |||
Oval ID: | oval:org.mitre.oval:def:6315 | ||
Title: | Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3 allow denial of service Vulnerability | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3072 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7766 | |||
Oval ID: | oval:org.mitre.oval:def:7766 | ||
Title: | DSA-1885 xulrunner -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: Jesse Ruderman discovered crashes in the layout engine, which might allow the execution of arbitrary code. Daniel Holbert, Jesse Ruderman, Olli Pettay and "toshi" discovered crashes in the layout engine, which might allow the execution of arbitrary code. Josh Soref, Jesse Ruderman and Martin Wargers discovered crashes in the layout engine, which might allow the execution of arbitrary code. Jesse Ruderman discovered a crash in the Javascript engine, which might allow the execution of arbitrary code. Carsten Book and "Taral" discovered crashes in the layout engine, which might allow the execution of arbitrary code. Jesse Ruderman discovered that the user interface for installing/ removing PCKS #11 securiy modules wasn't informative enough, which might allow social engineering attacks. It was discovered that incorrect pointer handling in the XUL parser could lead to the execution of arbitrary code. Juan Pablo Lopez Yacubian discovered that incorrent rendering of some Unicode font characters could lead to spoofing attacks on the location bar. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1885 CVE-2009-3070 CVE-2009-3071 CVE-2009-3072 CVE-2009-3074 CVE-2009-3075 CVE-2009-3076 CVE-2009-3077 CVE-2009-3078 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8008 | |||
Oval ID: | oval:org.mitre.oval:def:8008 | ||
Title: | DSA-1886 iceweasel -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems: "moz_bug_r_a4" discovered that a programming error in the FeedWriter module could lead to the execution of Javascript code with elevated privileges. Prateek Saxena discovered a cross-site scripting vulnerability in the MozSearch plugin interface. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1886 CVE-2009-1310 CVE-2009-3079 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9444 | |||
Oval ID: | oval:org.mitre.oval:def:9444 | ||
Title: | Unspecified vulnerability in the JavaScript engine in Mozilla Firefox before 3.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Description: | Unspecified vulnerability in the JavaScript engine in Mozilla Firefox before 3.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3074 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9686 | |||
Oval ID: | oval:org.mitre.oval:def:9686 | ||
Title: | Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page. | ||
Description: | Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2654 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Mozilla Firefox PKCS11 Module Installation Code Execution | More info here |
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for thunderbird CESA-2010:0153 centos5 i386 File : nvt/gb_CESA-2010_0153_thunderbird_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:1432 centos3 i386 File : nvt/gb_CESA-2009_1432_seamonkey_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:1431 centos4 i386 File : nvt/gb_CESA-2009_1431_seamonkey_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2009:1430 centos5 i386 File : nvt/gb_CESA-2009_1430_firefox_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2009:1430 centos4 i386 File : nvt/gb_CESA-2009_1430_firefox_centos4_i386.nasl |
2010-04-29 | Name : Fedora Update for seamonkey FEDORA-2010-7100 File : nvt/gb_fedora_2010_7100_seamonkey_fc11.nasl |
2010-04-06 | Name : Debian Security Advisory DSA 2025-1 (icedove) File : nvt/deb_2025_1.nasl |
2010-03-30 | Name : FreeBSD Ports: seamonkey, linux-seamonkey File : nvt/freebsd_seamonkey.nasl |
2010-03-22 | Name : Ubuntu Update for thunderbird vulnerabilities USN-915-1 File : nvt/gb_ubuntu_USN_915_1.nasl |
2010-03-22 | Name : RedHat Update for thunderbird RHSA-2010:0154-02 File : nvt/gb_RHSA-2010_0154-02_thunderbird.nasl |
2010-03-22 | Name : CentOS Update for thunderbird CESA-2010:0154 centos4 i386 File : nvt/gb_CESA-2010_0154_thunderbird_centos4_i386.nasl |
2009-12-30 | Name : Mandriva Security Advisory MDVSA-2009:339 (firefox) File : nvt/mdksa_2009_339.nasl |
2009-10-27 | Name : SLES10: Security update for Mozilla Firefox File : nvt/sles10_firefox35upgrad.nasl |
2009-10-27 | Name : SuSE Security Advisory SUSE-SA:2009:048 (MozillaFirefox) File : nvt/suse_sa_2009_048.nasl |
2009-10-13 | Name : SLES10: Security update for Mozilla Firefox File : nvt/sles10_MozillaFirefox2.nasl |
2009-10-11 | Name : SLES11: Security update for Mozilla Firefox File : nvt/sles11_MozillaFirefox5.nasl |
2009-10-11 | Name : SLES11: Security update for Firefox File : nvt/sles11_MozillaFirefox6.nasl |
2009-10-11 | Name : SLES11: Security update for Mozilla File : nvt/sles11_mozilla-xulrunn0.nasl |
2009-09-21 | Name : Mandrake Security Advisory MDVSA-2009:236 (firefox) File : nvt/mdksa_2009_236.nasl |
2009-09-15 | Name : CentOS Security Advisory CESA-2009:1430 (seamonkey) File : nvt/ovcesa2009_1430.nasl |
2009-09-15 | Name : CentOS Security Advisory CESA-2009:1431 (seamonkey) File : nvt/ovcesa2009_1431.nasl |
2009-09-15 | Name : CentOS Security Advisory CESA-2009:1432 (seamonkey) File : nvt/ovcesa2009_1432.nasl |
2009-09-15 | Name : Ubuntu USN-821-1 (xulrunner-1.9) File : nvt/ubuntu_821_1.nasl |
2009-09-15 | Name : RedHat Security Advisory RHSA-2009:1431 File : nvt/RHSA_2009_1431.nasl |
2009-09-15 | Name : RedHat Security Advisory RHSA-2009:1430 File : nvt/RHSA_2009_1430.nasl |
2009-09-15 | Name : RedHat Security Advisory RHSA-2009:1432 File : nvt/RHSA_2009_1432.nasl |
2009-09-15 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox41.nasl |
2009-09-15 | Name : Fedora Core 11 FEDORA-2009-9505 (epiphany-extensions) File : nvt/fcore_2009_9505.nasl |
2009-09-15 | Name : Fedora Core 10 FEDORA-2009-9494 (epiphany) File : nvt/fcore_2009_9494.nasl |
2009-09-15 | Name : Debian Security Advisory DSA 1885-1 (xulrunner) File : nvt/deb_1885_1.nasl |
2009-09-15 | Name : Debian Security Advisory DSA 1886-1 (iceweasel) File : nvt/deb_1886_1.nasl |
2009-09-11 | Name : Mozilla Firefox Multiple Vulnerabilities - Sep09 (Linux) File : nvt/secpod_firefox_mult_vuln_sep09_lin.nasl |
2009-09-11 | Name : Mozilla Firefox Multiple Vulnerabilities - Sep09 (Win) File : nvt/secpod_firefox_mult_vuln_sep09_win.nasl |
2009-09-11 | Name : Mozilla Firefox Multiple Denial Of Service Vulnerabilities - Sep09 (Win) File : nvt/secpod_firefox_mult_dos_vuln_sep09_win.nasl |
2009-09-11 | Name : Mozilla Firefox Multiple Denial Of Service Vulnerabilities - Sep09 (Linux) File : nvt/secpod_firefox_mult_dos_vuln_sep09_lin.nasl |
2009-09-11 | Name : Mozilla Firefox 'JavaScript' DoS Vulnerabilities - Sep09 (Win) File : nvt/secpod_firefox_js_dos_vuln_sep09_win.nasl |
2009-09-11 | Name : Mozilla Firefox 'JavaScript' DoS Vulnerabilities - Sep09 (Linux) File : nvt/secpod_firefox_js_dos_vuln_sep09_lin.nasl |
2009-09-02 | Name : Debian Security Advisory DSA 1873-1 (xulrunner) File : nvt/deb_1873_1.nasl |
2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:198 (firefox) File : nvt/mdksa_2009_198.nasl |
2009-08-17 | Name : Fedora Core 10 FEDORA-2009-8288 (perl-Gtk2-MozEmbed) File : nvt/fcore_2009_8288.nasl |
2009-08-17 | Name : Fedora Core 11 FEDORA-2009-8279 (xulrunner) File : nvt/fcore_2009_8279.nasl |
2009-08-17 | Name : Ubuntu USN-811-1 (xulrunner-1.9) File : nvt/ubuntu_811_1.nasl |
2009-08-07 | Name : Mozilla Firefox Multiple Memory Corruption Vulnerabilities Aug-09 (Linux) File : nvt/gb_firefox_mult_mem_crptn_vuln_aug09_lin.nasl |
2009-08-07 | Name : Mozilla Firefox Multiple Memory Corruption Vulnerabilities Aug-09 (Win) File : nvt/gb_firefox_mult_mem_crptn_vuln_aug09_win.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
57980 | Mozilla Firefox FeedWriter Privileged JavaScript Execution |
57979 | Mozilla Firefox Tall Line-height Unicode Character Handling Address Bar Spoofing |
57978 | Mozilla Firefox XUL Document TreeColumn Rendering Arbitrary Code Execution |
57977 | Mozilla Firefox PKCS11 Module Installation Warning Dialogue Weakness |
57976 | Mozilla Firefox JavaScript Engine Multiple Unspecified Memory Corruption Firefox contains a flaw related to the JavaScript engine that may allow an attacker to execute arbitrary code via memory corruption. No further details have been provided. |
57975 | Mozilla Firefox JavaScript Engine Unspecified Remote Memory Corruption (2009-... |
57973 | Mozilla Firefox Browser Engine Multiple Unspecified Memory Corruption (2009-3... |
57972 | Mozilla Firefox Browser Engine Multiple Unspecified Memory Corruption (2009-3... |
57971 | Mozilla Firefox Browser Engine Multiple Unspecified Memory Corruption (2009-3... Firefox contains an unspecified memory corruption flaw in the browser engine that may allow a malicious user to crash the browser or execute arbitrary code, leading to a loss of integrity and/or availability. |
56717 | Mozilla Firefox window.open() Invalid URL Document Content / SSL Status Spoofing |
Snort® IPS/IDS
Date | Description |
---|---|
2018-07-10 | Mozilla multiple products JavaScript string replace buffer overflow attempt RuleID : 46913 - Revision : 1 - Type : BROWSER-FIREFOX |
2018-07-10 | Mozilla multiple products JavaScript string replace buffer overflow attempt RuleID : 46912 - Revision : 1 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox nsPropertyTable PropertyList memory corruption attempt RuleID : 17236 - Revision : 12 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla multiple products JavaScript string replace buffer overflow attempt RuleID : 17166 - Revision : 10 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox PKCS11 module installation code execution attempt RuleID : 16142 - Revision : 9 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox location spoofing attempt via invalid window.open characters RuleID : 15873 - Revision : 12 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1430.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1431.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1432.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0154.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0153.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20100317_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090909_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090909_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2011-03-17 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_mozilla-xulrunner190-090922.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox35upgrade-6563.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-338.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-7100.nasl - Type : ACT_GATHER_INFO |
2010-05-20 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12616.nasl - Type : ACT_GATHER_INFO |
2010-05-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_seamonkey-100430.nasl - Type : ACT_GATHER_INFO |
2010-05-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_seamonkey-100430.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0154.nasl - Type : ACT_GATHER_INFO |
2010-04-14 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-071.nasl - Type : ACT_GATHER_INFO |
2010-04-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2025.nasl - Type : ACT_GATHER_INFO |
2010-03-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaThunderbird-100324.nasl - Type : ACT_GATHER_INFO |
2010-03-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaThunderbird-100324.nasl - Type : ACT_GATHER_INFO |
2010-03-29 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0153.nasl - Type : ACT_GATHER_INFO |
2010-03-22 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_56cfe192329f11dfabb2000f20797ede.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-915-1.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_1119.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20024.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0154.nasl - Type : ACT_GATHER_INFO |
2010-03-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-6562.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1873.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1885.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1886.nasl - Type : ACT_GATHER_INFO |
2009-12-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-339.nasl - Type : ACT_GATHER_INFO |
2009-10-20 | Name : The remote SuSE system is missing the security patch firefox35upgrade-6562 File : suse_firefox35upgrade-6562.nasl - Type : ACT_GATHER_INFO |
2009-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-6495.nasl - Type : ACT_GATHER_INFO |
2009-10-01 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_mozilla-xulrunner190-090917.nasl - Type : ACT_GATHER_INFO |
2009-10-01 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-090924.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-6433.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-090812.nasl - Type : ACT_GATHER_INFO |
2009-09-22 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-090916.nasl - Type : ACT_GATHER_INFO |
2009-09-22 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-090916.nasl - Type : ACT_GATHER_INFO |
2009-09-21 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-236.nasl - Type : ACT_GATHER_INFO |
2009-09-14 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-9494.nasl - Type : ACT_GATHER_INFO |
2009-09-14 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-9505.nasl - Type : ACT_GATHER_INFO |
2009-09-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1432.nasl - Type : ACT_GATHER_INFO |
2009-09-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1431.nasl - Type : ACT_GATHER_INFO |
2009-09-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-821-1.nasl - Type : ACT_GATHER_INFO |
2009-09-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1430.nasl - Type : ACT_GATHER_INFO |
2009-09-11 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_922d23989e2d11dea9980030843d3802.nasl - Type : ACT_GATHER_INFO |
2009-09-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1432.nasl - Type : ACT_GATHER_INFO |
2009-09-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1431.nasl - Type : ACT_GATHER_INFO |
2009-09-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1430.nasl - Type : ACT_GATHER_INFO |
2009-09-10 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_3014.nasl - Type : ACT_GATHER_INFO |
2009-09-10 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_353.nasl - Type : ACT_GATHER_INFO |
2009-08-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-090812.nasl - Type : ACT_GATHER_INFO |
2009-08-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-090812.nasl - Type : ACT_GATHER_INFO |
2009-08-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-198.nasl - Type : ACT_GATHER_INFO |
2009-08-05 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-8279.nasl - Type : ACT_GATHER_INFO |
2009-08-05 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-8288.nasl - Type : ACT_GATHER_INFO |
2009-08-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-811-1.nasl - Type : ACT_GATHER_INFO |
2009-08-04 | Name : The remote Windows host contains a web browser that is affected by multiple f... File : mozilla_firefox_3013.nasl - Type : ACT_GATHER_INFO |
2009-08-04 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_352.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:52:52 |
|