Executive Summary
Summary | |
---|---|
Title | firefox security update |
Informations | |||
---|---|---|---|
Name | RHSA-2012:0515 | First vendor Publication | 2012-04-24 |
Vendor | RedHat | Last vendor Modification | 2012-04-24 |
Severity (Vendor) | Critical | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in Sanitiser for OpenType (OTS), used by Firefox to help prevent potential exploits in malformed OpenType fonts. A web page containing malicious content could cause Firefox to crash or, under certain conditions, possibly execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-3062) A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-0467, CVE-2012-0468, CVE-2012-0469) A web page containing a malicious Scalable Vector Graphics (SVG) image file could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-0470) A flaw was found in the way Firefox used its embedded Cairo library to render certain fonts. A web page containing malicious content could cause Firefox to crash or, under certain conditions, possibly execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-0472) A flaw was found in the way Firefox rendered certain images using WebGL. A web page containing malicious content could cause Firefox to crash or, under certain conditions, possibly execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-0478) A cross-site scripting (XSS) flaw was found in the way Firefox handled certain multibyte character sets. A web page containing malicious content could cause Firefox to run JavaScript code with the permissions of a different website. (CVE-2012-0471) A flaw was found in the way Firefox rendered certain graphics using WebGL. A web page containing malicious content could cause Firefox to crash. (CVE-2012-0473) A flaw in Firefox allowed the address bar to display a different website than the one the user was visiting. An attacker could use this flaw to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site, or allowing scripts to be loaded from the attacker's site, possibly leading to cross-site scripting (XSS) attacks. (CVE-2012-0474) A flaw was found in the way Firefox decoded the ISO-2022-KR and ISO-2022-CN character sets. A web page containing malicious content could cause Firefox to run JavaScript code with the permissions of a different website. (CVE-2012-0477) A flaw was found in the way Firefox handled RSS and Atom feeds. Invalid RSS or Atom content loaded over HTTPS caused Firefox to display the address of said content in the location bar, but not the content in the main window. The previous content continued to be displayed. An attacker could use this flaw to perform phishing attacks, or trick users into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker. (CVE-2012-0479) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 10.0.4 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Mateusz Jurczyk of the Google Security Team as the original reporter of CVE-2011-3062; Aki Helin from OUSPG as the original reporter of CVE-2012-0469; Atte Kettunen from OUSPG as the original reporter of CVE-2012-0470; wushi of team509 via iDefense as the original reporter of CVE-2012-0472; Ms2ger as the original reporter of CVE-2012-0478; Anne van Kesteren of Opera Software as the original reporter of CVE-2012-0471; Matias Juntunen as the original reporter of CVE-2012-0473; Jordi Chancel and Eddy Bordi, and Chris McGowen as the original reporters of CVE-2012-0474; Masato Kinugawa as the original reporter of CVE-2012-0477; and Jeroen van der Gun as the original reporter of CVE-2012-0479. 4. Solution: All Firefox users should upgrade to these updated packages, which contain Firefox version 10.0.4 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 815000 - CVE-2012-0467 CVE-2012-0468 Mozilla: Miscellaneous memory safety hazards (rv:12.0/ rv:10.0.4) (MFSA 2012-20) 815019 - CVE-2012-0469 Mozilla: use-after-free in IDBKeyRange (MFSA 2012-22) 815020 - CVE-2012-0470 Mozilla: Invalid frees causes heap corruption in gfxImageSurface (MFSA 2012-23) 815021 - CVE-2012-0471 Mozilla: Potential XSS via multibyte content processing errors (MFSA 2012-24) 815022 - CVE-2012-0472 Mozilla: Potential memory corruption during font rendering using cairo-dwrite (MFSA 2012-25) 815023 - CVE-2012-0473 Mozilla: WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error (MFSA 2012-26) 815024 - CVE-2012-0474 Mozilla: Page load short-circuit can lead to XSS (MFSA 2012-27) 815026 - CVE-2012-0477 Mozilla: Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues (MFSA 2012-29) 815037 - CVE-2012-0478 Mozilla: Crash with WebGL content using textImage2D (MFSA 2012-30) 815042 - CVE-2011-3062 Mozilla: Off-by-one error in OpenType Sanitizer (MFSA 2012-31) 815044 - CVE-2012-0479 Mozilla: Potential site identity spoofing when loading RSS and Atom feeds (MFSA 2012-33) |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2012-0515.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
30 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
30 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
10 % | CWE-682 | Incorrect Calculation |
10 % | CWE-399 | Resource Management Errors |
10 % | CWE-264 | Permissions, Privileges, and Access Controls |
10 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15488 | |||
Oval ID: | oval:org.mitre.oval:def:15488 | ||
Title: | Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 | ||
Description: | Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3062 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Google Chrome |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16107 | |||
Oval ID: | oval:org.mitre.oval:def:16107 | ||
Title: | Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via vectors related to short-circuited page loads, aka "Universal XSS (UXSS)." | ||
Description: | Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via vectors related to short-circuited page loads, aka "Universal XSS (UXSS)." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0474 | Version: | 20 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16113 | |||
Oval ID: | oval:org.mitre.oval:def:16113 | ||
Title: | The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 calls the FindMaxElementInSubArray function with incorrect template arguments, which allows remote attackers to obtain sensitive information from video memory via a crafted WebGL.drawElements call. | ||
Description: | The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 calls the FindMaxElementInSubArray function with incorrect template arguments, which allows remote attackers to obtain sensitive information from video memory via a crafted WebGL.drawElements call. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0473 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16734 | |||
Oval ID: | oval:org.mitre.oval:def:16734 | ||
Title: | Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRange::cycleCollection::Trace function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to execute arbitrary code via vectors related to crafted IndexedDB data. | ||
Description: | Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRange::cycleCollection::Trace function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to execute arbitrary code via vectors related to crafted IndexedDB data. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0469 | Version: | 22 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16771 | |||
Oval ID: | oval:org.mitre.oval:def:16771 | ||
Title: | The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (assertion failure and memory corruption) or possibly execute arbitrary code via vectors related to jsval.h and the js::array_shift function. | ||
Description: | The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (assertion failure and memory corruption) or possibly execute arbitrary code via vectors related to jsval.h and the js::array_shift function. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0468 | Version: | 22 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16889 | |||
Oval ID: | oval:org.mitre.oval:def:16889 | ||
Title: | Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) ISO-2022-KR or (2) ISO-2022-CN character set. | ||
Description: | Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) ISO-2022-KR or (2) ISO-2022-CN character set. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0477 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16893 | |||
Oval ID: | oval:org.mitre.oval:def:16893 | ||
Title: | The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page. | ||
Description: | The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0478 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16961 | |||
Oval ID: | oval:org.mitre.oval:def:16961 | ||
Title: | Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set. | ||
Description: | Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0471 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16989 | |||
Oval ID: | oval:org.mitre.oval:def:16989 | ||
Title: | Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (invalid gfxImageSurface free operation) or possibly execute arbitrary code by leveraging the use of "different number systems." | ||
Description: | Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (invalid gfxImageSurface free operation) or possibly execute arbitrary code by leveraging the use of "different number systems." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0470 | Version: | 22 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17011 | |||
Oval ID: | oval:org.mitre.oval:def:17011 | ||
Title: | Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content. | ||
Description: | Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0479 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17067 | |||
Oval ID: | oval:org.mitre.oval:def:17067 | ||
Title: | The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict font-rendering attempts, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. | ||
Description: | The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict font-rendering attempts, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0472 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17074 | |||
Oval ID: | oval:org.mitre.oval:def:17074 | ||
Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0467 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17321 | |||
Oval ID: | oval:org.mitre.oval:def:17321 | ||
Title: | USN-1430-1 -- Firefox vulnerabilities | ||
Description: | Several security issues were fixed in Firefox. | ||
Family: | unix | Class: | patch |
Reference(s): | usn-1430-1 CVE-2012-0467 CVE-2012-0468 CVE-2012-0469 CVE-2012-0470 CVE-2012-0471 CVE-2012-0473 CVE-2012-0474 CVE-2012-0475 CVE-2012-0477 CVE-2012-0478 CVE-2011-3062 CVE-2011-1187 CVE-2012-0479 | Version: | 7 |
Platform(s): | Ubuntu 12.04 Ubuntu 11.04 Ubuntu 11.10 Ubuntu 10.04 | Product(s): | firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17833 | |||
Oval ID: | oval:org.mitre.oval:def:17833 | ||
Title: | USN-1430-2 -- ubufox update | ||
Description: | This update provides compatible ubufox packages for the latest Firefox. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1430-2 CVE-2012-0467 CVE-2012-0468 CVE-2012-0469 CVE-2012-0470 CVE-2012-0471 CVE-2012-0473 CVE-2012-0474 CVE-2012-0475 CVE-2012-0477 CVE-2012-0478 CVE-2011-3062 CVE-2011-1187 CVE-2012-0479 | Version: | 7 |
Platform(s): | Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 | Product(s): | ubufox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17846 | |||
Oval ID: | oval:org.mitre.oval:def:17846 | ||
Title: | USN-1430-3 -- thunderbird vulnerabilities | ||
Description: | Several security issues were fixed in Thunderbird. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1430-3 CVE-2012-0467 CVE-2012-0468 CVE-2012-0469 CVE-2012-0470 CVE-2012-0471 CVE-2012-0473 CVE-2012-0474 CVE-2012-0475 CVE-2012-0477 CVE-2012-0478 CVE-2011-3062 CVE-2011-1187 CVE-2012-0479 | Version: | 7 |
Platform(s): | Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18494 | |||
Oval ID: | oval:org.mitre.oval:def:18494 | ||
Title: | DSA-2458-1 iceape - several | ||
Description: | Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2458-1 CVE-2012-0455 CVE-2012-0456 CVE-2012-0458 CVE-2012-0461 CVE-2012-0467 CVE-2012-0470 CVE-2012-0471 CVE-2012-0477 CVE-2012-0479 | Version: | 7 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | iceape |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19823 | |||
Oval ID: | oval:org.mitre.oval:def:19823 | ||
Title: | DSA-2464-2 icedove - regression | ||
Description: | Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2464-2 CVE-2012-0467 CVE-2012-0470 CVE-2012-0471 CVE-2012-0477 CVE-2012-0479 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | icedove |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20034 | |||
Oval ID: | oval:org.mitre.oval:def:20034 | ||
Title: | DSA-2464-1 icedove - several | ||
Description: | Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2464-1 CVE-2012-0467 CVE-2012-0470 CVE-2012-0471 CVE-2012-0477 CVE-2012-0479 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | icedove |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20143 | |||
Oval ID: | oval:org.mitre.oval:def:20143 | ||
Title: | DSA-2457-1 iceweasel - several | ||
Description: | Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2457-1 CVE-2012-0467 CVE-2012-0470 CVE-2012-0471 CVE-2012-0477 CVE-2012-0479 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21220 | |||
Oval ID: | oval:org.mitre.oval:def:21220 | ||
Title: | RHSA-2012:0516: thunderbird security update (Critical) | ||
Description: | Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0516-02 CESA-2012:0516 CVE-2011-3062 CVE-2012-0467 CVE-2012-0468 CVE-2012-0469 CVE-2012-0470 CVE-2012-0471 CVE-2012-0472 CVE-2012-0473 CVE-2012-0474 CVE-2012-0477 CVE-2012-0478 CVE-2012-0479 | Version: | 159 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21333 | |||
Oval ID: | oval:org.mitre.oval:def:21333 | ||
Title: | RHSA-2012:0515: firefox security update (Critical) | ||
Description: | Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0515-02 CESA-2012:0515 CVE-2011-3062 CVE-2012-0467 CVE-2012-0468 CVE-2012-0469 CVE-2012-0470 CVE-2012-0471 CVE-2012-0472 CVE-2012-0473 CVE-2012-0474 CVE-2012-0477 CVE-2012-0478 CVE-2012-0479 | Version: | 159 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23019 | |||
Oval ID: | oval:org.mitre.oval:def:23019 | ||
Title: | DEPRECATED: ELSA-2012:0515: firefox security update (Critical) | ||
Description: | Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0515-02 CVE-2011-3062 CVE-2012-0467 CVE-2012-0468 CVE-2012-0469 CVE-2012-0470 CVE-2012-0471 CVE-2012-0472 CVE-2012-0473 CVE-2012-0474 CVE-2012-0477 CVE-2012-0478 CVE-2012-0479 | Version: | 54 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23236 | |||
Oval ID: | oval:org.mitre.oval:def:23236 | ||
Title: | DEPRECATED: ELSA-2012:0516: thunderbird security update (Critical) | ||
Description: | Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0516-02 CVE-2011-3062 CVE-2012-0467 CVE-2012-0468 CVE-2012-0469 CVE-2012-0470 CVE-2012-0471 CVE-2012-0472 CVE-2012-0473 CVE-2012-0474 CVE-2012-0477 CVE-2012-0478 CVE-2012-0479 | Version: | 54 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23660 | |||
Oval ID: | oval:org.mitre.oval:def:23660 | ||
Title: | ELSA-2012:0516: thunderbird security update (Critical) | ||
Description: | Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0516-02 CVE-2011-3062 CVE-2012-0467 CVE-2012-0468 CVE-2012-0469 CVE-2012-0470 CVE-2012-0471 CVE-2012-0472 CVE-2012-0473 CVE-2012-0474 CVE-2012-0477 CVE-2012-0478 CVE-2012-0479 | Version: | 53 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23783 | |||
Oval ID: | oval:org.mitre.oval:def:23783 | ||
Title: | ELSA-2012:0515: firefox security update (Critical) | ||
Description: | Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0515-02 CVE-2011-3062 CVE-2012-0467 CVE-2012-0468 CVE-2012-0469 CVE-2012-0470 CVE-2012-0471 CVE-2012-0472 CVE-2012-0473 CVE-2012-0474 CVE-2012-0477 CVE-2012-0478 CVE-2012-0479 | Version: | 53 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27809 | |||
Oval ID: | oval:org.mitre.oval:def:27809 | ||
Title: | DEPRECATED: ELSA-2012-0515 -- firefox security update (critical) | ||
Description: | firefox: [10.0.4-1.0.1.el6_2] - Replace firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js [10.0.4-1] - Update to 10.0.4 ESR xulrunner: [10.0.4-1.0.1.el6_2] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [10.0.4-1] - Update to 10.0.4 ESR [10.0.3-3] - Fixed mozbz#746112 - ppc(64) freeze [10.0.3-2] - Fixed mozbz#681937 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0515 CVE-2012-0467 CVE-2012-0468 CVE-2012-0469 CVE-2012-0470 CVE-2012-0471 CVE-2012-0472 CVE-2012-0473 CVE-2012-0474 CVE-2012-0477 CVE-2012-0478 CVE-2012-0479 CVE-2011-3062 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27890 | |||
Oval ID: | oval:org.mitre.oval:def:27890 | ||
Title: | DEPRECATED: ELSA-2012-0516 -- thunderbird security update (critical) | ||
Description: | [10.0.4-1.0.1.el6_2] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [10.0.4-1] - Update to 10.0.4 ESR | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0516 CVE-2012-0467 CVE-2012-0468 CVE-2012-0469 CVE-2012-0470 CVE-2012-0471 CVE-2012-0472 CVE-2012-0473 CVE-2012-0474 CVE-2012-0477 CVE-2012-0478 CVE-2012-0479 CVE-2011-3062 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29180 | |||
Oval ID: | oval:org.mitre.oval:def:29180 | ||
Title: | DSA-2457-2 -- iceweasel -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2457-2 CVE-2012-0467 CVE-2012-0470 CVE-2012-0471 CVE-2012-0477 CVE-2012-0479 | Version: | 3 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2013-09-18 | Name : Debian Security Advisory DSA 2458-2 (iceape - several vulnerabilities) File : nvt/deb_2458_2.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2457-2 (iceweasel - several vulnerabilities) File : nvt/deb_2457_2.nasl |
2012-08-03 | Name : Mandriva Update for mozilla MDVSA-2012:066 (mozilla) File : nvt/gb_mandriva_MDVSA_2012_066.nasl |
2012-07-30 | Name : CentOS Update for firefox CESA-2012:0515 centos5 File : nvt/gb_CESA-2012_0515_firefox_centos5.nasl |
2012-07-30 | Name : CentOS Update for firefox CESA-2012:0515 centos6 File : nvt/gb_CESA-2012_0515_firefox_centos6.nasl |
2012-07-30 | Name : CentOS Update for thunderbird CESA-2012:0516 centos5 File : nvt/gb_CESA-2012_0516_thunderbird_centos5.nasl |
2012-07-30 | Name : CentOS Update for thunderbird CESA-2012:0516 centos6 File : nvt/gb_CESA-2012_0516_thunderbird_centos6.nasl |
2012-07-09 | Name : RedHat Update for thunderbird RHSA-2012:0516-01 File : nvt/gb_RHSA-2012_0516-01_thunderbird.nasl |
2012-05-31 | Name : Debian Security Advisory DSA 2464-1 (icedove) File : nvt/deb_2464_1.nasl |
2012-05-08 | Name : Ubuntu Update for thunderbird USN-1430-3 File : nvt/gb_ubuntu_USN_1430_3.nasl |
2012-05-02 | Name : Mozilla Products Multiple Vulnerabilities - May12 (Mac OS X) File : nvt/gb_mozilla_prdts_mult_vuln_may12_macosx.nasl |
2012-05-02 | Name : Mozilla Products Multiple Vulnerabilities - May12 (Windows) File : nvt/gb_mozilla_prdts_mult_vuln_may12_win.nasl |
2012-04-30 | Name : FreeBSD Ports: chromium File : nvt/freebsd_chromium9.nasl |
2012-04-30 | Name : Gentoo Security Advisory GLSA 201203-24 (chromium v8) File : nvt/glsa_201203_24.nasl |
2012-04-30 | Name : Ubuntu Update for ubufox USN-1430-2 File : nvt/gb_ubuntu_USN_1430_2.nasl |
2012-04-30 | Name : Ubuntu Update for firefox USN-1430-1 File : nvt/gb_ubuntu_USN_1430_1.nasl |
2012-04-30 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox65.nasl |
2012-04-26 | Name : RedHat Update for firefox RHSA-2012:0515-01 File : nvt/gb_RHSA-2012_0515-01_firefox.nasl |
2012-04-05 | Name : Google Chrome Multiple Vulnerabilities - April 12 (Windows) File : nvt/gb_google_chrome_mult_vuln_apr12_win.nasl |
2012-04-05 | Name : Google Chrome Multiple Vulnerabilities - April 12 (MAC OS X) File : nvt/gb_google_chrome_mult_vuln_apr12_macosx.nasl |
2012-04-05 | Name : Google Chrome Multiple Vulnerabilities - April 12 (Linux) File : nvt/gb_google_chrome_mult_vuln_apr12_lin.nasl |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Mozilla Firefox IDB use-after-free attempt RuleID : 24574 - Revision : 10 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox IDB use-after-free attempt RuleID : 24573 - Revision : 9 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox IDB use-after-free attempt RuleID : 24572 - Revision : 9 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox IDB use-after-free attempt RuleID : 24571 - Revision : 8 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox IDB use-after-free attempt RuleID : 24570 - Revision : 9 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox IDB use-after-free attempt RuleID : 23212 - Revision : 10 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_thunderbird_20120814.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_firefox_20120918.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-254.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-215.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0515.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2012-0516.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120424_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120424_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-06-21 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201203-24.nasl - Type : ACT_GATHER_INFO |
2012-06-04 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox10-201205-8154.nasl - Type : ACT_GATHER_INFO |
2012-05-07 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1430-3.nasl - Type : ACT_GATHER_INFO |
2012-05-04 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2464.nasl - Type : ACT_GATHER_INFO |
2012-05-03 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-201204-120426.nasl - Type : ACT_GATHER_INFO |
2012-04-30 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1430-2.nasl - Type : ACT_GATHER_INFO |
2012-04-30 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1430-1.nasl - Type : ACT_GATHER_INFO |
2012-04-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-066.nasl - Type : ACT_GATHER_INFO |
2012-04-27 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_29.nasl - Type : ACT_GATHER_INFO |
2012-04-27 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1004.nasl - Type : ACT_GATHER_INFO |
2012-04-27 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_120.nasl - Type : ACT_GATHER_INFO |
2012-04-27 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_120.nasl - Type : ACT_GATHER_INFO |
2012-04-27 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_1004.nasl - Type : ACT_GATHER_INFO |
2012-04-27 | Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_12_0.nasl - Type : ACT_GATHER_INFO |
2012-04-27 | Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_10_0_4.nasl - Type : ACT_GATHER_INFO |
2012-04-27 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_12_0.nasl - Type : ACT_GATHER_INFO |
2012-04-27 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_10_0_4.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0515.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0515.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0516.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_380e8c568e3211e195804061862b8c22.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2458.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2457.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2012-0516.nasl - Type : ACT_GATHER_INFO |
2012-03-30 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_18_0_1025_142.nasl - Type : ACT_GATHER_INFO |
2012-03-29 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_b8f0a391791011e18a4300262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:55:53 |
|