Executive Summary
Summary | |
---|---|
Title | firefox security update |
Informations | |||
---|---|---|---|
Name | RHSA-2012:1482 | First vendor Publication | 2012-11-20 |
Vendor | RedHat | Last vendor Modification | 2012-11-20 |
Severity (Vendor) | Critical | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840, CVE-2012-5842) A buffer overflow flaw was found in the way Firefox handled GIF (Graphics Interchange Format) images. A web page containing a malicious GIF image could cause Firefox to crash or, possibly, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-4202) A flaw was found in the way the Style Inspector tool in Firefox handled certain Cascading Style Sheets (CSS). Running the tool (Tools -> Web Developer -> Inspect) on malicious CSS could result in the execution of HTML and CSS content with chrome privileges. (CVE-2012-4210) A flaw was found in the way Firefox decoded the HZ-GB-2312 character encoding. A web page containing malicious content could cause Firefox to run JavaScript code with the permissions of a different website. (CVE-2012-4207) A flaw was found in the location object implementation in Firefox. Malicious content could possibly use this flaw to allow restricted content to be loaded by plug-ins. (CVE-2012-4209) A flaw was found in the way cross-origin wrappers were implemented. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-5841) A flaw was found in the evalInSandbox implementation in Firefox. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-4201) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 10.0.11 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Abhishek Arya, miaubiz, Jesse Ruderman, Andrew McCreight, Bob Clary, Kyle Huey, Atte Kettunen, Mariusz Mlynski, Masato Kinugawa, Bobby Holley, and moz_bug_r_a4 as the original reporters of these issues. All Firefox users should upgrade to these updated packages, which contain Firefox version 10.0.11 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 877614 - CVE-2012-5842 Mozilla: Miscellaneous memory safety hazards (rv:10.0.11) (MFSA 2012-91) 877615 - CVE-2012-4202 Mozilla: Buffer overflow while rendering GIF images (MFSA 2012-92) 877616 - CVE-2012-4201 Mozilla: evalInSanbox location context incorrectly applied (MFSA 2012-93) 877628 - CVE-2012-5841 Mozilla: Improper security filtering for cross-origin wrappers (MFSA 2012-100) 877629 - CVE-2012-4207 Mozilla: Improper character decoding in HZ-GB-2312 charset (MFSA 2012-101) 877632 - CVE-2012-4209 Mozilla: Frames can shadow top.location (MFSA 2012-103) 877633 - CVE-2012-4210 Mozilla: CSS and HTML injection through Style Inspector (MFSA 2012-104) 877634 - CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5839 CVE-2012-5840 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2012-105) 877635 - CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 Mozilla: Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer (MFSA 2012-106) |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2012-1482.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-416 | Use After Free |
27 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
20 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
7 % | CWE-264 | Permissions, Privileges, and Access Controls |
7 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
7 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15995 | |||
Oval ID: | oval:org.mitre.oval:def:15995 | ||
Title: | The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code that sets the location.href property, which allows remote attackers to conduct cross-site scripting (XSS) attacks or read arbitrary files by leveraging a sandboxed add-on. | ||
Description: | The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code that sets the location.href property, which allows remote attackers to conduct cross-site scripting (XSS) attacks or read arbitrary files by leveraging a sandboxed add-on. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4201 | Version: | 18 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16573 | |||
Oval ID: | oval:org.mitre.oval:def:16573 | ||
Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5842 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16590 | |||
Oval ID: | oval:org.mitre.oval:def:16590 | ||
Title: | Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering behavior that does not properly restrict write actions, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site. | ||
Description: | Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering behavior that does not properly restrict write actions, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5841 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16603 | |||
Oval ID: | oval:org.mitre.oval:def:16603 | ||
Title: | Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data. | ||
Description: | Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5835 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16690 | |||
Oval ID: | oval:org.mitre.oval:def:16690 | ||
Title: | Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
Description: | Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4215 | Version: | 22 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16739 | |||
Oval ID: | oval:org.mitre.oval:def:16739 | ||
Title: | Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image. | ||
Description: | Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4202 | Version: | 22 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16748 | |||
Oval ID: | oval:org.mitre.oval:def:16748 | ||
Title: | The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via function calls involving certain values of the level parameter. | ||
Description: | The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via function calls involving certain values of the level parameter. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5833 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16833 | |||
Oval ID: | oval:org.mitre.oval:def:16833 | ||
Title: | The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 does not properly restrict the context of HTML markup and Cascading Style Sheets (CSS) token sequences, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted stylesheet. | ||
Description: | The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 does not properly restrict the context of HTML markup and Cascading Style Sheets (CSS) token sequences, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted stylesheet. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4210 | Version: | 8 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Firefox ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16849 | |||
Oval ID: | oval:org.mitre.oval:def:16849 | ||
Title: | Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors. | ||
Description: | Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5829 | Version: | 19 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16880 | |||
Oval ID: | oval:org.mitre.oval:def:16880 | ||
Title: | Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame name-attribute value to access the location property, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a binary plugin. | ||
Description: | Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame name-attribute value to access the location property, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a binary plugin. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4209 | Version: | 18 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16884 | |||
Oval ID: | oval:org.mitre.oval:def:16884 | ||
Title: | Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-5840. | ||
Description: | Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-5840. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4214 | Version: | 19 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16902 | |||
Oval ID: | oval:org.mitre.oval:def:16902 | ||
Title: | Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
Description: | Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4216 | Version: | 19 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16904 | |||
Oval ID: | oval:org.mitre.oval:def:16904 | ||
Title: | Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4214. | ||
Description: | Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4214. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5840 | Version: | 22 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16905 | |||
Oval ID: | oval:org.mitre.oval:def:16905 | ||
Title: | DEPRECATED: Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document. | ||
Description: | Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5830 | Version: | 5 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16955 | |||
Oval ID: | oval:org.mitre.oval:def:16955 | ||
Title: | The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document. | ||
Description: | The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4207 | Version: | 18 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16968 | |||
Oval ID: | oval:org.mitre.oval:def:16968 | ||
Title: | Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors. | ||
Description: | Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5839 | Version: | 22 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18575 | |||
Oval ID: | oval:org.mitre.oval:def:18575 | ||
Title: | DSA-2583-1 iceweasel - several | ||
Description: | Multiple vulnerabilities have been found in Iceweasel, the Debian web browser based on Mozilla Firefox: | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2583-1 CVE-2012-4201 CVE-2012-4207 CVE-2012-4216 CVE-2012-5829 CVE-2012-5842 | Version: | 7 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19855 | |||
Oval ID: | oval:org.mitre.oval:def:19855 | ||
Title: | DSA-2588-1 icedove - several | ||
Description: | Multiple vulnerabilities have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2588-1 CVE-2012-4201 CVE-2012-4207 CVE-2012-4216 CVE-2012-5829 CVE-2012-5842 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | icedove |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20112 | |||
Oval ID: | oval:org.mitre.oval:def:20112 | ||
Title: | DSA-2584-1 iceape - several | ||
Description: | Multiple vulnerabilities have been found in Iceape, the Debian Internet suite based on Mozilla Seamonkey. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2584-1 CVE-2012-4201 CVE-2012-4207 CVE-2012-4216 CVE-2012-5829 CVE-2012-5842 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | iceape |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21071 | |||
Oval ID: | oval:org.mitre.oval:def:21071 | ||
Title: | RHSA-2012:1482: firefox security update (Critical) | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1482-01 CESA-2012:1482 CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4210 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 | Version: | 211 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21630 | |||
Oval ID: | oval:org.mitre.oval:def:21630 | ||
Title: | RHSA-2012:1483: thunderbird security update (Critical) | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1483-01 CESA-2012:1483 CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 | Version: | 198 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23148 | |||
Oval ID: | oval:org.mitre.oval:def:23148 | ||
Title: | DEPRECATED: ELSA-2012:1483: thunderbird security update (Critical) | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1483-01 CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 | Version: | 66 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23314 | |||
Oval ID: | oval:org.mitre.oval:def:23314 | ||
Title: | ELSA-2012:1483: thunderbird security update (Critical) | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1483-01 CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 | Version: | 65 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23474 | |||
Oval ID: | oval:org.mitre.oval:def:23474 | ||
Title: | DEPRECATED: ELSA-2012:1482: firefox security update (Critical) | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1482-01 CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4210 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 | Version: | 70 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23820 | |||
Oval ID: | oval:org.mitre.oval:def:23820 | ||
Title: | ELSA-2012:1482: firefox security update (Critical) | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1482-01 CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4210 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 | Version: | 69 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26852 | |||
Oval ID: | oval:org.mitre.oval:def:26852 | ||
Title: | DEPRECATED: ELSA-2012-1483 -- thunderbird security update (critical) | ||
Description: | [10.0.11-1.0.1.el6_3] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [10.0.11-1] - Update to 10.0.11 ESR | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1483 CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27829 | |||
Oval ID: | oval:org.mitre.oval:def:27829 | ||
Title: | DEPRECATED: ELSA-2012-1482 -- firefox security update (critical) | ||
Description: | firefox [10.0.11-1.0.1.el6_3] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [10.0.11-1] - Update to 10.0.11 ESR xulrunner [10.0.11-1.0.1.el6_3] - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [10.0.11-1] - Update to 10.0.11 ESR | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1482 CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4210 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2013-09-18 | Name : Debian Security Advisory DSA 2588-1 (icedove - several vulnerabilities) File : nvt/deb_2588_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2584-1 (iceape - several vulnerabilities) File : nvt/deb_2584_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2583-1 (iceweasel - several vulnerabilities) File : nvt/deb_2583_1.nasl |
2013-04-01 | Name : Mozilla Firefox ESR Code Execution Vulnerabilities - November12 (Mac OS X) File : nvt/gb_mozilla_firefox_esr_code_exec_vuln_nov12_macosx.nasl |
2013-04-01 | Name : Mozilla Firefox ESR Code Execution Vulnerabilities - November12 (Windows) File : nvt/gb_mozilla_firefox_esr_code_exec_vuln_nov12_win.nasl |
2012-12-06 | Name : Fedora Update for seamonkey FEDORA-2012-18931 File : nvt/gb_fedora_2012_18931_seamonkey_fc16.nasl |
2012-12-06 | Name : Fedora Update for seamonkey FEDORA-2012-18952 File : nvt/gb_fedora_2012_18952_seamonkey_fc17.nasl |
2012-12-04 | Name : Ubuntu Update for firefox USN-1638-3 File : nvt/gb_ubuntu_USN_1638_3.nasl |
2012-11-26 | Name : Mozilla Firefox ESR Multiple Vulnerabilities-01 November12 (Windows) File : nvt/gb_mozilla_firefox_esr_mult_vuln01_nov12_win.nasl |
2012-11-26 | Name : Mozilla Thunderbird Multiple Vulnerabilities-01 November12 (Windows) File : nvt/gb_mozilla_thunderbird_mult_vuln01_nov12_win.nasl |
2012-11-26 | Name : Mozilla Thunderbird ESR Multiple Vulnerabilities-01 November12 (Windows) File : nvt/gb_mozilla_thunderbird_esr_mult_vuln01_nov12_win.nasl |
2012-11-26 | Name : Mozilla SeaMonkey Multiple Vulnerabilities-01 November12 (Windows) File : nvt/gb_mozilla_seamonkey_mult_vuln01_nov12_win.nasl |
2012-11-26 | Name : Mozilla Firefox Multiple Vulnerabilities-01 November12 (Windows) File : nvt/gb_mozilla_prdts_mult_vuln01_nov12_win.nasl |
2012-11-26 | Name : Mozilla Firefox Multiple Vulnerabilities-01 November12 (Mac OS X) File : nvt/gb_mozilla_prdts_mult_vuln01_nov12_macosx.nasl |
2012-11-26 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox72.nasl |
2012-11-26 | Name : Mozilla Firefox Code Execution Vulnerabilities - November12 (Windows) File : nvt/gb_mozilla_firefox_code_exec_vuln_nov12_win.nasl |
2012-11-26 | Name : Mozilla Firefox Code Execution Vulnerabilities - November12 (Mac OS X) File : nvt/gb_mozilla_firefox_code_exec_vuln_nov12_macosx.nasl |
2012-11-23 | Name : RedHat Update for thunderbird RHSA-2012:1483-01 File : nvt/gb_RHSA-2012_1483-01_thunderbird.nasl |
2012-11-23 | Name : RedHat Update for firefox RHSA-2012:1482-01 File : nvt/gb_RHSA-2012_1482-01_firefox.nasl |
2012-11-23 | Name : Ubuntu Update for thunderbird USN-1636-1 File : nvt/gb_ubuntu_USN_1636_1.nasl |
2012-11-23 | Name : Ubuntu Update for firefox USN-1638-1 File : nvt/gb_ubuntu_USN_1638_1.nasl |
2012-11-23 | Name : Ubuntu Update for ubufox USN-1638-2 File : nvt/gb_ubuntu_USN_1638_2.nasl |
2012-11-23 | Name : CentOS Update for thunderbird CESA-2012:1483 centos6 File : nvt/gb_CESA-2012_1483_thunderbird_centos6.nasl |
2012-11-23 | Name : CentOS Update for thunderbird CESA-2012:1483 centos5 File : nvt/gb_CESA-2012_1483_thunderbird_centos5.nasl |
2012-11-23 | Name : CentOS Update for firefox CESA-2012:1482 centos6 File : nvt/gb_CESA-2012_1482_firefox_centos6.nasl |
2012-11-23 | Name : CentOS Update for firefox CESA-2012:1482 centos5 File : nvt/gb_CESA-2012_1482_firefox_centos5.nasl |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-0306-1.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-817.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-818.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-819.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-820.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-17.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2012-1483.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1482.nasl - Type : ACT_GATHER_INFO |
2013-02-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1681-4.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-201301-130110.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-20121121-121123.nasl - Type : ACT_GATHER_INFO |
2013-01-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1681-3.nasl - Type : ACT_GATHER_INFO |
2013-01-20 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox-201301-8426.nasl - Type : ACT_GATHER_INFO |
2013-01-15 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_18_0.nasl - Type : ACT_GATHER_INFO |
2013-01-15 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_215.nasl - Type : ACT_GATHER_INFO |
2013-01-15 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_180.nasl - Type : ACT_GATHER_INFO |
2013-01-10 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_a4ed66325aa911e28fcbc8600054b392.nasl - Type : ACT_GATHER_INFO |
2013-01-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1681-1.nasl - Type : ACT_GATHER_INFO |
2013-01-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1681-2.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-12-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2588.nasl - Type : ACT_GATHER_INFO |
2012-12-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2584.nasl - Type : ACT_GATHER_INFO |
2012-12-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2583.nasl - Type : ACT_GATHER_INFO |
2012-12-04 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1638-3.nasl - Type : ACT_GATHER_INFO |
2012-12-04 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18894.nasl - Type : ACT_GATHER_INFO |
2012-12-04 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18931.nasl - Type : ACT_GATHER_INFO |
2012-12-04 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18952.nasl - Type : ACT_GATHER_INFO |
2012-11-29 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox-20121121-8381.nasl - Type : ACT_GATHER_INFO |
2012-11-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2012-1483.nasl - Type : ACT_GATHER_INFO |
2012-11-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1638-2.nasl - Type : ACT_GATHER_INFO |
2012-11-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1638-1.nasl - Type : ACT_GATHER_INFO |
2012-11-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1636-1.nasl - Type : ACT_GATHER_INFO |
2012-11-23 | Name : The remote Scientific Linux host is missing a security update. File : sl_20121120_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-11-23 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121120_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-11-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1482.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_214.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1483.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1482.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_170.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_10011.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_170.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_10011.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_10_0_11.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_17_0.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_10_0_11.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_d23119df335d11e2b64cc8600054b392.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:56:33 |
|
2012-11-21 17:24:47 |
|
2012-11-21 00:19:17 |
|