Executive Summary
Summary | |
---|---|
Title | seamonkey security update |
Informations | |||
---|---|---|---|
Name | RHSA-2010:0499 | First vendor Publication | 2010-06-22 |
Vendor | RedHat | Last vendor Modification | 2010-06-22 |
Severity (Vendor) | Critical | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1200) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1198) An integer overflow flaw was found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1199) A flaw was found in the way SeaMonkey processed mail attachments. A specially-crafted mail message could cause SeaMonkey to crash. (CVE-2010-0163) A flaw was found in the way SeaMonkey handled the "Content-Disposition: attachment" HTTP header when the "Content-Type: multipart" HTTP header was also present. A website that allows arbitrary uploads and relies on the "Content-Disposition: attachment" HTTP header to prevent content from being displayed inline, could be used by an attacker to serve malicious content to users. (CVE-2010-1197) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 576391 - CVE-2010-0163 seamonkey/thunderbird: crash when indexing certain messages with attachments 590804 - CVE-2010-1200 Mozilla Crashes with evidence of memory corruption 590828 - CVE-2010-1198 Mozilla Freed object reuse across plugin instances 590833 - CVE-2010-1199 Mozilla Integer Overflow in XSLT Node Sorting 590850 - CVE-2010-1197 Mozilla Content-Disposition: attachment ignored if Content-Type: multipart also present |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2010-0499.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-399 | Resource Management Errors |
33 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
33 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10805 | |||
Oval ID: | oval:org.mitre.oval:def:10805 | ||
Title: | Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing. | ||
Description: | Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0163 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13236 | |||
Oval ID: | oval:org.mitre.oval:def:13236 | ||
Title: | USN-915-1 -- thunderbird vulnerabilities | ||
Description: | Several flaws were discovered in the JavaScript engine of Thunderbird. If a user had JavaScript enabled and were tricked into viewing malicious web content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Josh Soref discovered that the BinHex decoder used in Thunderbird contained a flaw. If a user were tricked into viewing malicious content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that Thunderbird did not properly manage memory when using XUL tree elements. If a user were tricked into viewing malicious content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Jesse Ruderman and Sid Stamm discovered that Thunderbird did not properly display filenames containing right-to-left override characters. If a user were tricked into opening a malicious file with a crafted filename, an attacker could exploit this to trick the user into opening a different file than the user expected. Takehiro Takahashi discovered flaws in the NTLM implementation in Thunderbird. If an NTLM authenticated user opened content containing links to a malicious website, a remote attacker could send requests to other applications, authenticated as the user. Ludovic Hirlimann discovered a flaw in the way Thunderbird indexed certain messages with attachments. A remote attacker could send specially crafted content and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program | ||
Family: | unix | Class: | patch |
Reference(s): | USN-915-1 CVE-2009-0689 CVE-2009-2463 CVE-2009-3075 CVE-2009-3072 CVE-2009-3077 CVE-2009-3376 CVE-2009-3983 CVE-2010-0163 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 8.10 Ubuntu 9.10 Ubuntu 9.04 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13262 | |||
Oval ID: | oval:org.mitre.oval:def:13262 | ||
Title: | DSA-2025-1 icedove -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2408 Dan Kaminsky and Moxie Marlinspike discovered that icedove does not properly handle a "\0" character in a domain name in the subject's Common Name field of an X.509 certificate. CVE-2009-2404 Moxie Marlinspike reported a heap overflow vulnerability in the code that handles regular expressions in certificate names. CVE-2009-2463 monarch2020 discovered an integer overflow n a base64 decoding function. CVE-2009-3072 Josh Soref discovered a crash in the BinHex decoder. CVE-2009-3075 Carsten Book reported a crash in the JavaScript engine. CVE-2010-0163 Ludovic Hirlimann reported a crash indexing some messages with attachments, which could lead to the execution of arbitrary code. For the stable distribution, these problems have been fixed in version 2.0.0.24-0lenny1. Due to a problem with the archive system it is not possible to release all architectures. The missing architectures will be installed into the archive once they become available. For the testing distribution squeeze and the unstable distribution, these problems will be fixed soon. We recommend that you upgrade your icedove packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2025-1 CVE-2009-2408 CVE-2009-2404 CVE-2009-2463 CVE-2009-3072 CVE-2009-3075 CVE-2010-0163 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | icedove |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13287 | |||
Oval ID: | oval:org.mitre.oval:def:13287 | ||
Title: | Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node. | ||
Description: | Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1199 | Version: | 20 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Seamonkey Mozilla Thunderbird Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14176 | |||
Oval ID: | oval:org.mitre.oval:def:14176 | ||
Title: | Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances. | ||
Description: | Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1198 | Version: | 16 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Seamonkey Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14186 | |||
Oval ID: | oval:org.mitre.oval:def:14186 | ||
Title: | Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an uploaded HTML document. | ||
Description: | Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an uploaded HTML document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1197 | Version: | 16 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Seamonkey Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14259 | |||
Oval ID: | oval:org.mitre.oval:def:14259 | ||
Title: | Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing. | ||
Description: | Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0163 | Version: | 15 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Thunderbird Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14326 | |||
Oval ID: | oval:org.mitre.oval:def:14326 | ||
Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1200 | Version: | 20 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Seamonkey Mozilla Thunderbird Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6699 | |||
Oval ID: | oval:org.mitre.oval:def:6699 | ||
Title: | DSA-2025 icedove -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: Dan Kaminsky and Moxie Marlinspike discovered that icedove does not properly handle a "\0" character in a domain name in the subject's Common Name field of an X.509 certificate. Moxie Marlinspike reported a heap overflow vulnerability in the code that handles regular expressions in certificate names. monarch2020 discovered an integer overflow in a base64 decoding function. Josh Soref discovered a crash in the BinHex decoder. Carsten Book reported a crash in the JavaScript engine. Ludovic Hirlimann reported a crash indexing some messages with attachments, which could lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2025 CVE-2009-2408 CVE-2009-2404 CVE-2009-2463 CVE-2009-3072 CVE-2009-3075 CVE-2010-0163 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | icedove |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2010-09-09 | MOAUB #9 - Mozilla Firefox XSLT Sort Remote Code Execution Vulnerability |
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for devhelp CESA-2010:0501 centos5 i386 File : nvt/gb_CESA-2010_0501_devhelp_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for thunderbird CESA-2010:0545 centos5 i386 File : nvt/gb_CESA-2010_0545_thunderbird_centos5_i386.nasl |
2010-08-20 | Name : CentOS Update for seamonkey CESA-2010:0499 centos3 i386 File : nvt/gb_CESA-2010_0499_seamonkey_centos3_i386.nasl |
2010-07-30 | Name : Ubuntu Update for Firefox and Xulrunner vulnerability USN-930-6 File : nvt/gb_ubuntu_USN_930_6.nasl |
2010-07-26 | Name : Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-930-4 File : nvt/gb_ubuntu_USN_930_4.nasl |
2010-07-26 | Name : Ubuntu Update USN-930-5 File : nvt/gb_ubuntu_USN_930_5.nasl |
2010-07-23 | Name : Fedora Update for sunbird FEDORA-2010-11361 File : nvt/gb_fedora_2010_11361_sunbird_fc12.nasl |
2010-07-23 | Name : Fedora Update for thunderbird FEDORA-2010-11361 File : nvt/gb_fedora_2010_11361_thunderbird_fc12.nasl |
2010-07-23 | Name : SuSE Update for MozillaFirefox,mozilla-xulrunner191 SUSE-SA:2010:030 File : nvt/gb_suse_2010_030.nasl |
2010-07-23 | Name : RedHat Update for thunderbird RHSA-2010:0544-01 File : nvt/gb_RHSA-2010_0544-01_thunderbird.nasl |
2010-07-12 | Name : Ubuntu Update for thunderbird vulnerabilities USN-943-1 File : nvt/gb_ubuntu_USN_943_1.nasl |
2010-07-06 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox47.nasl |
2010-07-06 | Name : Debian Security Advisory DSA 2064-1 (xulrunner) File : nvt/deb_2064_1.nasl |
2010-07-02 | Name : Ubuntu Update for firefox regression USN-930-3 File : nvt/gb_ubuntu_USN_930_3.nasl |
2010-07-02 | Name : Ubuntu Update for apturl, Epiphany, gecko-sharp, gnome-python-extras, liferea... File : nvt/gb_ubuntu_USN_930_2.nasl |
2010-07-02 | Name : Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-930-1 File : nvt/gb_ubuntu_USN_930_1.nasl |
2010-07-01 | Name : Mozilla Products Firefox/Seamonkey Multiple Vulnerabilities june-10 (Win) File : nvt/secpod_mozilla_prdts_mult_vuln_win01_jun10.nasl |
2010-07-01 | Name : Mozilla Products Multiple Vulnerabilities june-10 (Windows) File : nvt/secpod_mozilla_prdts_mult_vuln_win_jun10.nasl |
2010-06-28 | Name : RedHat Update for seamonkey RHSA-2010:0499-01 File : nvt/gb_RHSA-2010_0499-01_seamonkey.nasl |
2010-06-28 | Name : RedHat Update for firefox RHSA-2010:0501-01 File : nvt/gb_RHSA-2010_0501-01_firefox.nasl |
2010-06-25 | Name : Fedora Update for firefox FEDORA-2010-10361 File : nvt/gb_fedora_2010_10361_firefox_fc13.nasl |
2010-06-25 | Name : RedHat Update for firefox RHSA-2010:0500-01 File : nvt/gb_RHSA-2010_0500-01_firefox.nasl |
2010-06-25 | Name : Fedora Update for seamonkey FEDORA-2010-10329 File : nvt/gb_fedora_2010_10329_seamonkey_fc12.nasl |
2010-06-25 | Name : Fedora Update for firefox FEDORA-2010-10344 File : nvt/gb_fedora_2010_10344_firefox_fc12.nasl |
2010-06-25 | Name : Fedora Update for galeon FEDORA-2010-10344 File : nvt/gb_fedora_2010_10344_galeon_fc12.nasl |
2010-06-25 | Name : Fedora Update for gnome-python2-extras FEDORA-2010-10344 File : nvt/gb_fedora_2010_10344_gnome-python2-extras_fc12.nasl |
2010-06-25 | Name : Fedora Update for gnome-web-photo FEDORA-2010-10344 File : nvt/gb_fedora_2010_10344_gnome-web-photo_fc12.nasl |
2010-06-25 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2010:126 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2010_126.nasl |
2010-06-25 | Name : Mandriva Update for firefox MDVSA-2010:125 (firefox) File : nvt/gb_mandriva_MDVSA_2010_125.nasl |
2010-06-25 | Name : Fedora Update for xulrunner FEDORA-2010-10344 File : nvt/gb_fedora_2010_10344_xulrunner_fc12.nasl |
2010-06-25 | Name : Fedora Update for galeon FEDORA-2010-10361 File : nvt/gb_fedora_2010_10361_galeon_fc13.nasl |
2010-06-25 | Name : Fedora Update for mozvoikko FEDORA-2010-10344 File : nvt/gb_fedora_2010_10344_mozvoikko_fc12.nasl |
2010-06-25 | Name : Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-10344 File : nvt/gb_fedora_2010_10344_perl-Gtk2-MozEmbed_fc12.nasl |
2010-06-25 | Name : Fedora Update for seamonkey FEDORA-2010-10363 File : nvt/gb_fedora_2010_10363_seamonkey_fc13.nasl |
2010-06-25 | Name : Fedora Update for gnome-python2-extras FEDORA-2010-10361 File : nvt/gb_fedora_2010_10361_gnome-python2-extras_fc13.nasl |
2010-06-25 | Name : Fedora Update for xulrunner FEDORA-2010-10361 File : nvt/gb_fedora_2010_10361_xulrunner_fc13.nasl |
2010-06-25 | Name : Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-10361 File : nvt/gb_fedora_2010_10361_perl-Gtk2-MozEmbed_fc13.nasl |
2010-06-25 | Name : Fedora Update for mozvoikko FEDORA-2010-10361 File : nvt/gb_fedora_2010_10361_mozvoikko_fc13.nasl |
2010-06-25 | Name : Fedora Update for gnome-web-photo FEDORA-2010-10361 File : nvt/gb_fedora_2010_10361_gnome-web-photo_fc13.nasl |
2010-04-29 | Name : Mandriva Update for ldetect-lst MDVA-2010:125 (ldetect-lst) File : nvt/gb_mandriva_MDVA_2010_125.nasl |
2010-04-29 | Name : Mandriva Update for totem MDVA-2010:126 (totem) File : nvt/gb_mandriva_MDVA_2010_126.nasl |
2010-04-29 | Name : Fedora Update for seamonkey FEDORA-2010-7100 File : nvt/gb_fedora_2010_7100_seamonkey_fc11.nasl |
2010-04-06 | Name : Debian Security Advisory DSA 2025-1 (icedove) File : nvt/deb_2025_1.nasl |
2010-03-30 | Name : Mozilla Products Denial Of Service Vulnerability (Linux) File : nvt/secpod_mozilla_prdts_dos_vuln_lin_mar10.nasl |
2010-03-30 | Name : Mozilla Products Denial Of Service Vulnerability (Win) File : nvt/secpod_mozilla_prdts_dos_vuln_win_mar10.nasl |
2010-03-30 | Name : FreeBSD Ports: seamonkey, linux-seamonkey File : nvt/freebsd_seamonkey.nasl |
2010-03-22 | Name : Ubuntu Update for thunderbird vulnerabilities USN-915-1 File : nvt/gb_ubuntu_USN_915_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
65749 | Mozilla Multiple Products Browser Engine Unspecified Remote DoS (2010-1200) |
65744 | Mozilla Multiple Products XSLT Node Sorting Implementation Node Text Value Ov... |
65742 | Mozilla Multiple Products Multiple Plugin Instances Use-after-free Arbitrary ... |
65739 | Mozilla Multiple Products Content-Disposition: attachment / Content-Type: mul... |
63263 | Mozilla Multiple Products Email Attachment Parser Message Indexing DoS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0499.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0154.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0500.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0501.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0544.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0153.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0545.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20100622_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20100720_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20100720_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100622_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100622_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-100628.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-7083.nasl - Type : ACT_GATHER_INFO |
2010-08-09 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0544.nasl - Type : ACT_GATHER_INFO |
2010-08-09 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0500.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0544.nasl - Type : ACT_GATHER_INFO |
2010-07-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-930-6.nasl - Type : ACT_GATHER_INFO |
2010-07-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-930-5.nasl - Type : ACT_GATHER_INFO |
2010-07-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-930-4.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-11361.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0545.nasl - Type : ACT_GATHER_INFO |
2010-07-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0499.nasl - Type : ACT_GATHER_INFO |
2010-07-09 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-100625.nasl - Type : ACT_GATHER_INFO |
2010-07-09 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-100628.nasl - Type : ACT_GATHER_INFO |
2010-07-09 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaFirefox-100625.nasl - Type : ACT_GATHER_INFO |
2010-07-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-943-1.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-930-3.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10329.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-10344.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-10361.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10363.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-7100.nasl - Type : ACT_GATHER_INFO |
2010-06-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-930-2.nasl - Type : ACT_GATHER_INFO |
2010-06-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-930-1.nasl - Type : ACT_GATHER_INFO |
2010-06-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2064.nasl - Type : ACT_GATHER_INFO |
2010-06-25 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_99858b7c7ece11dfa007000f20797ede.nasl - Type : ACT_GATHER_INFO |
2010-06-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0501.nasl - Type : ACT_GATHER_INFO |
2010-06-25 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-125.nasl - Type : ACT_GATHER_INFO |
2010-06-25 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-126.nasl - Type : ACT_GATHER_INFO |
2010-06-23 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_305.nasl - Type : ACT_GATHER_INFO |
2010-06-23 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_205.nasl - Type : ACT_GATHER_INFO |
2010-06-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0501.nasl - Type : ACT_GATHER_INFO |
2010-06-23 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0500.nasl - Type : ACT_GATHER_INFO |
2010-06-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0499.nasl - Type : ACT_GATHER_INFO |
2010-06-23 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_3510.nasl - Type : ACT_GATHER_INFO |
2010-06-23 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_364.nasl - Type : ACT_GATHER_INFO |
2010-05-20 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12616.nasl - Type : ACT_GATHER_INFO |
2010-05-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_seamonkey-100430.nasl - Type : ACT_GATHER_INFO |
2010-05-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_seamonkey-100430.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0154.nasl - Type : ACT_GATHER_INFO |
2010-04-14 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-071.nasl - Type : ACT_GATHER_INFO |
2010-04-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2025.nasl - Type : ACT_GATHER_INFO |
2010-03-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaThunderbird-100324.nasl - Type : ACT_GATHER_INFO |
2010-03-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaThunderbird-100324.nasl - Type : ACT_GATHER_INFO |
2010-03-29 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0153.nasl - Type : ACT_GATHER_INFO |
2010-03-22 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_56cfe192329f11dfabb2000f20797ede.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-915-1.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_1119.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20024.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0154.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:53:35 |
|