Executive Summary
Summary | |
---|---|
Title | Firefox regression |
Informations | |||
---|---|---|---|
Name | USN-1149-2 | First vendor Publication | 2011-06-29 |
Vendor | Ubuntu | Last vendor Modification | 2011-06-29 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 10.10 - Ubuntu 10.04 LTS Summary: In rare instances, Firefox could have trouble accessing some websites. Software Description: - firefox: safe and easy web browser from Mozilla Details: USN-1149-1 fixed vulnerabilities in Firefox. Unfortunately, a regression was introduced that prevented cookies from being stored properly when the hostname was a single character. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple memory vulnerabilities were discovered in the browser rendering Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.10: Ubuntu 10.04 LTS: After a standard system update you need to restart Firefox to make all the necessary changes. References: Package Information: |
Original Source
Url : http://www.ubuntu.com/usn/USN-1149-2 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
57 % | CWE-399 | Resource Management Errors |
14 % | CWE-264 | Permissions, Privileges, and Access Controls |
14 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
14 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12781 | |||
Oval ID: | oval:org.mitre.oval:def:12781 | ||
Title: | DSA-2269-1 iceape -- several | ||
Description: | Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey: CVE-2011-0083 / CVE-2011-2363 "regenrecht" discovered two use-after-frees in SVG processing, which could lead to the execution of arbitrary code. CVE-2011-0085 "regenrecht" discovered a use-after-free in XUL processing, which could lead to the execution of arbitrary code. CVE-2011-2362 David Chan discovered that cookies were insufficiently isolated. CVE-2011-2371 Chris Rohlf and Yan Ivnitskiy discovered an integer overflow in the Javascript engine, which could lead to the execution of arbitrary code. CVE-2011-2373 Martin Barbella discovered a use-after-free in XUL processing, which could lead to the execution of arbitrary code. CVE-2011-2374 Bob Clary, Kevin Brosnan, Nils, Gary Kwong, Jesse Ruderman and Christian Biesinger discovered memory corruption bugs, which may lead to the execution of arbitrary code. CVE-2011-2376 Luke Wagner and Gary Kwong discovered memory corruption bugs, which may lead to the execution of arbitrary code. The oldstable distribution is not affected. The iceape package only provides the XPCOM code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2269-1 CVE-2011-0083 CVE-2011-0085 CVE-2011-2362 CVE-2011-2363 CVE-2011-2365 CVE-2011-2371 CVE-2011-2373 CVE-2011-2374 CVE-2011-2376 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | iceape |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13034 | |||
Oval ID: | oval:org.mitre.oval:def:13034 | ||
Title: | DSA-2268-1 iceweasel -- several | ||
Description: | Several vulnerabilities have been found in Iceweasel, a web browser based on Firefox: CVE-2011-0083 / CVE-2011-2363 "regenrecht" discovered two use-after-frees in SVG processing, which could lead to the execution of arbitrary code. CVE-2011-0085 "regenrecht" discovered a use-after-free in XUL processing, which could lead to the execution of arbitrary code. CVE-2011-2362 David Chan discovered that cookies were insufficiently isolated. CVE-2011-2371 Chris Rohlf and Yan Ivnitskiy discovered an integer overflow in the Javascript engine, which could lead to the execution of arbitrary code. CVE-2011-2373 Martin Barbella discovered a use-after-free in XUL processing, which could lead to the execution of arbitrary code. CVE-2011-2374 Bob Clary, Kevin Brosnan, Nils, Gary Kwong, Jesse Ruderman and Christian Biesinger discovered memory corruption bugs, which may lead to the execution of arbitrary code. CVE-2011-2376 Luke Wagner and Gary Kwong discovered memory corruption bugs, which may lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2268-1 CVE-2011-0083 CVE-2011-0085 CVE-2011-2362 CVE-2011-2363 CVE-2011-2365 CVE-2011-2371 CVE-2011-2373 CVE-2011-2374 CVE-2011-2376 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13318 | |||
Oval ID: | oval:org.mitre.oval:def:13318 | ||
Title: | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2365. | ||
Description: | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2365. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2364 | Version: | 17 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Thunderbird Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13543 | |||
Oval ID: | oval:org.mitre.oval:def:13543 | ||
Title: | Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback. | ||
Description: | Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0083 | Version: | 20 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Thunderbird Mozilla Firefox Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13635 | |||
Oval ID: | oval:org.mitre.oval:def:13635 | ||
Title: | USN-1150-1 -- thunderbird vulnerabilities | ||
Description: | thunderbird: Mozilla Open Source mail and newsgroup client Multiple vulnerabilities were fixed in Thunderbird. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1150-1 CVE-2011-2364 CVE-2011-2365 CVE-2011-2374 CVE-2011-2376 CVE-2011-2373 CVE-2011-2377 CVE-2011-2371 CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 CVE-2011-2362 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13693 | |||
Oval ID: | oval:org.mitre.oval:def:13693 | ||
Title: | Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Set-Cookie headers. | ||
Description: | Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Set-Cookie headers. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2362 | Version: | 20 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Thunderbird Mozilla Firefox Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13872 | |||
Oval ID: | oval:org.mitre.oval:def:13872 | ||
Title: | Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace image. | ||
Description: | Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace image. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2377 | Version: | 20 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Thunderbird Mozilla Firefox Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13980 | |||
Oval ID: | oval:org.mitre.oval:def:13980 | ||
Title: | USN-1149-2 -- firefox regression | ||
Description: | firefox: safe and easy web browser from Mozilla Details: USN-1149-1 fixed vulnerabilities in Firefox. Unfortunately, a regression was introduced that prevented cookies from being stored properly when the hostname was a single character. This update fixes the problem. We apologize for the inconvenience. Original advisory In rare instances, Firefox could have trouble accessing some websites. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1149-2 CVE-2011-2364 CVE-2011-2365 CVE-2011-2374 CVE-2011-2376 CVE-2011-2373 CVE-2011-2377 CVE-2011-2371 CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 CVE-2011-2362 | Version: | 5 |
Platform(s): | Ubuntu 10.10 Ubuntu 10.04 | Product(s): | firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13987 | |||
Oval ID: | oval:org.mitre.oval:def:13987 | ||
Title: | Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object. | ||
Description: | Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2371 | Version: | 20 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Thunderbird Mozilla Firefox Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14046 | |||
Oval ID: | oval:org.mitre.oval:def:14046 | ||
Title: | Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback. | ||
Description: | Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2363 | Version: | 20 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Thunderbird Mozilla Firefox Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14123 | |||
Oval ID: | oval:org.mitre.oval:def:14123 | ||
Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2374 | Version: | 17 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14152 | |||
Oval ID: | oval:org.mitre.oval:def:14152 | ||
Title: | USN-1149-1 -- firefox, xulrunner-1.9.2 vulnerabilities | ||
Description: | firefox: safe and easy web browser from Mozilla - xulrunner-1.9.2: XUL + XPCOM application runner Multiple Vulnerabilities were fixed in Firefox and Xulrunner | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1149-1 CVE-2011-2364 CVE-2011-2365 CVE-2011-2374 CVE-2011-2376 CVE-2011-2373 CVE-2011-2377 CVE-2011-2371 CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 CVE-2011-2362 | Version: | 5 |
Platform(s): | Ubuntu 10.10 Ubuntu 10.04 | Product(s): | firefox xulrunner-1.9.2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14178 | |||
Oval ID: | oval:org.mitre.oval:def:14178 | ||
Title: | Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document. | ||
Description: | Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2373 | Version: | 20 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Thunderbird Mozilla Firefox Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14184 | |||
Oval ID: | oval:org.mitre.oval:def:14184 | ||
Title: | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2364. | ||
Description: | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2364. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2365 | Version: | 17 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Thunderbird Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14396 | |||
Oval ID: | oval:org.mitre.oval:def:14396 | ||
Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and Thunderbird before 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and Thunderbird before 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2376 | Version: | 17 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Thunderbird Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14432 | |||
Oval ID: | oval:org.mitre.oval:def:14432 | ||
Title: | Use-after-free vulnerability in the nsXULCommandDispatcher function in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via a crafted XUL document that dequeues the current command updater. | ||
Description: | Use-after-free vulnerability in the nsXULCommandDispatcher function in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via a crafted XUL document that dequeues the current command updater. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0085 | Version: | 20 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Thunderbird Mozilla Firefox Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20220 | |||
Oval ID: | oval:org.mitre.oval:def:20220 | ||
Title: | DSA-2273-3 icedove - multiple issues | ||
Description: | Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2273-3 CVE-2011-0083 CVE-2011-0085 CVE-2011-2362 CVE-2011-2363 CVE-2011-2365 CVE-2011-2371 CVE-2011-2373 CVE-2011-2374 CVE-2011-2376 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | icedove |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28788 | |||
Oval ID: | oval:org.mitre.oval:def:28788 | ||
Title: | DSA-2273-1 -- icedove -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2273-1 CVE-2011-0083 CVE-2011-0085 CVE-2011-2362 CVE-2011-2363 CVE-2011-2365 CVE-2011-2371 CVE-2011-2373 CVE-2011-2374 CVE-2011-2376 | Version: | 3 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | icedove |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2012-02-27 | Mozilla Firefox Firefox 4.0.1 Array.reduceRight() Exploit |
2011-10-12 | Mozilla Firefox Array.reduceRight() Integer Overflow Exploit |
OpenVAS Exploits
Date | Description |
---|---|
2012-07-30 | Name : CentOS Update for seamonkey CESA-2011:0888 centos4 x86_64 File : nvt/gb_CESA-2011_0888_seamonkey_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for firefox CESA-2011:0885 centos4 x86_64 File : nvt/gb_CESA-2011_0885_firefox_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for firefox CESA-2011:0885 centos5 x86_64 File : nvt/gb_CESA-2011_0885_firefox_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for thunderbird CESA-2011:0887 centos4 x86_64 File : nvt/gb_CESA-2011_0887_thunderbird_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for thunderbird CESA-2011:0887 centos5 x86_64 File : nvt/gb_CESA-2011_0887_thunderbird_centos5_x86_64.nasl |
2012-06-06 | Name : RedHat Update for thunderbird RHSA-2011:0886-01 File : nvt/gb_RHSA-2011_0886-01_thunderbird.nasl |
2011-08-18 | Name : SuSE Update for MozillaFirefox,MozillaThunderbird SUSE-SA:2011:028 File : nvt/gb_suse_2011_028.nasl |
2011-08-18 | Name : CentOS Update for firefox CESA-2011:0885 centos4 i386 File : nvt/gb_CESA-2011_0885_firefox_centos4_i386.nasl |
2011-08-18 | Name : CentOS Update for thunderbird CESA-2011:0887 centos4 i386 File : nvt/gb_CESA-2011_0887_thunderbird_centos4_i386.nasl |
2011-08-18 | Name : CentOS Update for seamonkey CESA-2011:0888 centos4 i386 File : nvt/gb_CESA-2011_0888_seamonkey_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2011:0885 centos5 i386 File : nvt/gb_CESA-2011_0885_firefox_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for thunderbird CESA-2011:0887 centos5 i386 File : nvt/gb_CESA-2011_0887_thunderbird_centos5_i386.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2269-1 (iceape) File : nvt/deb_2269_1.nasl |
2011-08-03 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox57.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2273-1 (icedove) File : nvt/deb_2273_1.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2268-1 (iceweasel) File : nvt/deb_2268_1.nasl |
2011-07-18 | Name : Ubuntu Update for thunderbird USN-1150-1 File : nvt/gb_ubuntu_USN_1150_1.nasl |
2011-07-08 | Name : Ubuntu Update for firefox USN-1149-2 File : nvt/gb_ubuntu_USN_1149_2.nasl |
2011-07-07 | Name : Mozilla Products Multiple Denial of Service Vulnerabilities July-11 (Windows) File : nvt/gb_mozilla_prdts_mult_dos_vuln_win_jul11.nasl |
2011-07-07 | Name : Mozilla Products Multiple Vulnerabilities July-11 (Windows) - 01 File : nvt/gb_mozilla_prdts_mult_vuln_win01_jul11.nasl |
2011-07-07 | Name : Mozilla Products Multiple Vulnerabilities July-11 (Windows) - 02 File : nvt/gb_mozilla_prdts_mult_vuln_win02_jul11.nasl |
2011-07-07 | Name : Mozilla Products Multiple Vulnerabilities July-11 (Windows) - 04 File : nvt/gb_mozilla_prdts_mult_vuln_win04_jul11.nasl |
2011-07-07 | Name : Mozilla Products Multiple Vulnerabilities July-11 (Windows) File : nvt/gb_mozilla_prdts_mult_vuln_win_jul11.nasl |
2011-06-24 | Name : Ubuntu Update for firefox USN-1157-3 File : nvt/gb_ubuntu_USN_1157_3.nasl |
2011-06-24 | Name : Ubuntu Update for mozvoikko USN-1157-2 File : nvt/gb_ubuntu_USN_1157_2.nasl |
2011-06-24 | Name : Ubuntu Update for firefox USN-1157-1 File : nvt/gb_ubuntu_USN_1157_1.nasl |
2011-06-24 | Name : Ubuntu Update for firefox USN-1149-1 File : nvt/gb_ubuntu_USN_1149_1.nasl |
2011-06-24 | Name : Mandriva Update for mozilla MDVSA-2011:111 (mozilla) File : nvt/gb_mandriva_MDVSA_2011_111.nasl |
2011-06-24 | Name : RedHat Update for seamonkey RHSA-2011:0888-01 File : nvt/gb_RHSA-2011_0888-01_seamonkey.nasl |
2011-06-24 | Name : RedHat Update for thunderbird RHSA-2011:0887-01 File : nvt/gb_RHSA-2011_0887-01_thunderbird.nasl |
2011-06-24 | Name : RedHat Update for firefox RHSA-2011:0885-01 File : nvt/gb_RHSA-2011_0885-01_firefox.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
73188 | Mozilla Multiple Products Trailing Dot Cookie Cross-domain Information Disclo... |
73187 | Mozilla Multiple Products nsXULCommandDispatcher.cpp Use-after-free Remote Co... |
73186 | Mozilla Multiple Products nsSVGPointList::AppendElement() Use-after-free Remo... |
73185 | Mozilla Multiple Products nsSVGPathSegList::ReplaceItem() Use-after-free Remo... |
73184 | Mozilla Multiple Products Array.reduceRight() Method Overflow |
73183 | Mozilla Multiple Products multipart/x-mixed-replace Image Handling Memory Cor... |
73182 | Mozilla Multiple Products XUL Document Handling Use-after-free Arbitrary Code... |
73181 | Mozilla Multiple Products Unspecified DoS (2011-2365) |
73180 | Mozilla Multiple Products Unspecified DoS (2011-2364) |
73179 | Mozilla Multiple Products Multiple Unspecified Memory Corruption (2011-2376) |
73177 | Mozilla Multiple Products Multiple Unspecified Memory Corruption (2011-2374) |
Snort® IPS/IDS
Date | Description |
---|---|
2014-03-08 | Mozilla Array.reduceRight integer overflow attempt RuleID : 29625 - Revision : 2 - Type : BROWSER-FIREFOX |
2014-03-08 | Mozilla Array.reduceRight integer overflow attempt RuleID : 29624 - Revision : 2 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Array.reduceRight integer overflow RuleID : 24188 - Revision : 4 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Array.reduceRight integer overflow RuleID : 24187 - Revision : 4 - Type : BROWSER-FIREFOX |
2014-01-10 | Phoenix exploit kit post-compromise behavior RuleID : 21860 - Revision : 5 - Type : MALWARE-CNC |
2014-01-10 | Phoenix exploit kit landing page RuleID : 21640 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Mozilla Array.reduceRight integer overflow RuleID : 19714 - Revision : 5 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Array.reduceRight integer overflow RuleID : 19713 - Revision : 8 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_mozilla-js192-110622.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaFirefox-110622.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaThunderbird-110627.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_MozillaThunderbird-110628.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2011-0886.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0888.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2011-0887.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0885.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20110621_thunderbird_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20110621_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110621_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110621_seamonkey_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-7596.nasl - Type : ACT_GATHER_INFO |
2011-08-17 | Name : The remote Windows host contains a web browser that may be affected by multip... File : seamonkey_22.nasl - Type : ACT_GATHER_INFO |
2011-08-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0888.nasl - Type : ACT_GATHER_INFO |
2011-07-18 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1150-1.nasl - Type : ACT_GATHER_INFO |
2011-07-07 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2273.nasl - Type : ACT_GATHER_INFO |
2011-07-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2269.nasl - Type : ACT_GATHER_INFO |
2011-07-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2268.nasl - Type : ACT_GATHER_INFO |
2011-07-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-7597.nasl - Type : ACT_GATHER_INFO |
2011-07-01 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-110628.nasl - Type : ACT_GATHER_INFO |
2011-06-30 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1149-2.nasl - Type : ACT_GATHER_INFO |
2011-06-24 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_3_6_18.nasl - Type : ACT_GATHER_INFO |
2011-06-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1157-3.nasl - Type : ACT_GATHER_INFO |
2011-06-24 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_5_0.nasl - Type : ACT_GATHER_INFO |
2011-06-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1157-1.nasl - Type : ACT_GATHER_INFO |
2011-06-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1157-2.nasl - Type : ACT_GATHER_INFO |
2011-06-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2011-0887.nasl - Type : ACT_GATHER_INFO |
2011-06-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1149-1.nasl - Type : ACT_GATHER_INFO |
2011-06-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-111.nasl - Type : ACT_GATHER_INFO |
2011-06-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0885.nasl - Type : ACT_GATHER_INFO |
2011-06-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0888.nasl - Type : ACT_GATHER_INFO |
2011-06-22 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-0887.nasl - Type : ACT_GATHER_INFO |
2011-06-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0886.nasl - Type : ACT_GATHER_INFO |
2011-06-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0885.nasl - Type : ACT_GATHER_INFO |
2011-06-21 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_3111.nasl - Type : ACT_GATHER_INFO |
2011-06-21 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_50.nasl - Type : ACT_GATHER_INFO |
2011-06-21 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_3618.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:58:41 |
|