Executive Summary
Summary | |
---|---|
Title | Mozvoikko and ubufox update |
Informations | |||
---|---|---|---|
Name | USN-1277-2 | First vendor Publication | 2011-11-23 |
Vendor | Ubuntu | Last vendor Modification | 2011-11-23 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 Summary: This update provides packages compatible with Firefox 8. Software Description: - mozvoikko: Finnish spell-checker extension for Firefox - ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-1277-1 fixed vulnerabilities in Firefox. This update provides updated Mozvoikko and ubufox packages for use with Firefox 8. Original advisory details: Yosuke Hasegawa discovered that the Mozilla browser engine mishandled Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: Ubuntu 11.04: After a standard system update you need to restart Firefox to make all the necessary changes. References: Package Information: |
Original Source
Url : http://www.ubuntu.com/usn/USN-1277-2 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
60 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
20 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
20 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:13830 | |||
Oval ID: | oval:org.mitre.oval:def:13830 | ||
Title: | The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. | ||
Description: | The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3654 | Version: | 19 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Thunderbird Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13870 | |||
Oval ID: | oval:org.mitre.oval:def:13870 | ||
Title: | Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug. | ||
Description: | Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3650 | Version: | 19 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Thunderbird Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14202 | |||
Oval ID: | oval:org.mitre.oval:def:14202 | ||
Title: | Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site. | ||
Description: | Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3655 | Version: | 19 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14212 | |||
Oval ID: | oval:org.mitre.oval:def:14212 | ||
Title: | Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding. | ||
Description: | Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3648 | Version: | 19 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Thunderbird Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14239 | |||
Oval ID: | oval:org.mitre.oval:def:14239 | ||
Title: | The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. | ||
Description: | The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3652 | Version: | 19 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Thunderbird Mozilla Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14364 | |||
Oval ID: | oval:org.mitre.oval:def:14364 | ||
Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3651 | Version: | 17 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14796 | |||
Oval ID: | oval:org.mitre.oval:def:14796 | ||
Title: | USN-1254-1 -- Thunderbird vulnerabilities | ||
Description: | thunderbird: Mozilla Open Source mail and newsgroup client Multiple vulnerabilities have been fixed in Thunderbird. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1254-1 CVE-2011-3004 CVE-2011-3647 CVE-2011-3648 CVE-2011-3650 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15154 | |||
Oval ID: | oval:org.mitre.oval:def:15154 | ||
Title: | DSA-2345-1 icedove -- several | ||
Description: | Several vulnerabilities have been discovered in Icedove, a mail client based on Thunderbird. CVE-2011-3647 The JSSubScriptLoader does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior. CVE-2011-3648 A cross-site scripting vulnerability allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding. CVE-2011-3650 Iceweasel does not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2345-1 CVE-2011-3647 CVE-2011-3648 CVE-2011-3650 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | icedove |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15170 | |||
Oval ID: | oval:org.mitre.oval:def:15170 | ||
Title: | USN-1277-2 -- Mozvoikko and ubufox update | ||
Description: | mozvoikko: Finnish spell-checker extension for Firefox - ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-1277-1 fixed vulnerabilities in Firefox. This update provides updated Mozvoikko and ubufox packages for use with Firefox 8. Original advisory This update provides packages compatible with Firefox 8. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1277-2 CVE-2011-3648 CVE-2011-3650 CVE-2011-3651 CVE-2011-3652 CVE-2011-3654 CVE-2011-3655 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 11.10 | Product(s): | Mozvoikko |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15332 | |||
Oval ID: | oval:org.mitre.oval:def:15332 | ||
Title: | DSA-2342-1 iceape -- several | ||
Description: | Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey: CVE-2011-3647 "moz_bug_r_a4" discovered a privilege escalation vulnerability in addon handling. CVE-2011-3648 Yosuke Hasegawa discovered that incorrect handling of Shift-JIS encodings could lead to cross-site scripting. CVE-2011-3650 Marc Schoenefeld discovered that profiling the Javascript code could lead to memory corruption. The oldstable distribution is not affected. The iceape package only provides the XPCOM code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2342-1 CVE-2011-3647 CVE-2011-3648 CVE-2011-3650 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | iceape |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15362 | |||
Oval ID: | oval:org.mitre.oval:def:15362 | ||
Title: | DSA-2341-1 iceweasel -- several | ||
Description: | Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. CVE-2011-3647 "moz_bug_r_a4" discovered a privilege escalation vulnerability in addon handling. CVE-2011-3648 Yosuke Hasegawa discovered that incorrect handling of Shift-JIS encodings could lead to cross-site scripting. CVE-2011-3650 Marc Schoenefeld discovered that profiling the Javascript code could lead to memory corruption. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2341-1 CVE-2011-3647 CVE-2011-3648 CVE-2011-3650 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15371 | |||
Oval ID: | oval:org.mitre.oval:def:15371 | ||
Title: | USN-1251-1 -- Firefox and Xulrunner vulnerabilities | ||
Description: | firefox: Mozilla Open Source web browser - xulrunner-1.9.2: Mozilla Gecko runtime environment Multiple vulnerabilities have been fixed in Firefox and Xulrunner. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1251-1 CVE-2011-3004 CVE-2011-3647 CVE-2011-3648 CVE-2011-3650 | Version: | 5 |
Platform(s): | Ubuntu 10.10 Ubuntu 10.04 | Product(s): | Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15380 | |||
Oval ID: | oval:org.mitre.oval:def:15380 | ||
Title: | USN-1282-1 -- Thunderbird vulnerabilities | ||
Description: | thunderbird: Mozilla Open Source mail and newsgroup client Multiple vulnerabilities have been fixed in Thunderbird. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1282-1 CVE-2011-3648 CVE-2011-3650 CVE-2011-3651 CVE-2011-3652 CVE-2011-3654 CVE-2011-3655 | Version: | 5 |
Platform(s): | Ubuntu 11.10 | Product(s): | Thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15383 | |||
Oval ID: | oval:org.mitre.oval:def:15383 | ||
Title: | USN-1277-1 -- Firefox vulnerabilities | ||
Description: | firefox: Mozilla Open Source web browser Multiple vulnerabilities have been fixed in Firefox. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1277-1 CVE-2011-3648 CVE-2011-3650 CVE-2011-3651 CVE-2011-3652 CVE-2011-3654 CVE-2011-3655 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 11.10 | Product(s): | Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21620 | |||
Oval ID: | oval:org.mitre.oval:def:21620 | ||
Title: | RHSA-2011:1439: thunderbird security update (Critical) | ||
Description: | Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1439-01 CVE-2011-3647 CVE-2011-3648 CVE-2011-3650 | Version: | 42 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21765 | |||
Oval ID: | oval:org.mitre.oval:def:21765 | ||
Title: | RHSA-2011:1437: firefox security update (Critical) | ||
Description: | Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1437-01 CESA-2011:1437 CVE-2011-3647 CVE-2011-3648 CVE-2011-3650 | Version: | 42 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22013 | |||
Oval ID: | oval:org.mitre.oval:def:22013 | ||
Title: | RHSA-2011:1438: thunderbird security update (Moderate) | ||
Description: | Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1438-01 CESA-2011:1438 CVE-2011-3648 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22694 | |||
Oval ID: | oval:org.mitre.oval:def:22694 | ||
Title: | DEPRECATED: ELSA-2011:1437: firefox security update (Critical) | ||
Description: | Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1437-01 CVE-2011-3647 CVE-2011-3648 CVE-2011-3650 | Version: | 18 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23226 | |||
Oval ID: | oval:org.mitre.oval:def:23226 | ||
Title: | ELSA-2011:1438: thunderbird security update (Moderate) | ||
Description: | Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1438-01 CVE-2011-3648 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23410 | |||
Oval ID: | oval:org.mitre.oval:def:23410 | ||
Title: | ELSA-2011:1439: thunderbird security update (Critical) | ||
Description: | Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1439-01 CVE-2011-3647 CVE-2011-3648 CVE-2011-3650 | Version: | 17 |
Platform(s): | Oracle Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23717 | |||
Oval ID: | oval:org.mitre.oval:def:23717 | ||
Title: | ELSA-2011:1437: firefox security update (Critical) | ||
Description: | Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1437-01 CVE-2011-3647 CVE-2011-3648 CVE-2011-3650 | Version: | 17 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28130 | |||
Oval ID: | oval:org.mitre.oval:def:28130 | ||
Title: | DEPRECATED: ELSA-2011-1439 -- thunderbird security update (critical) | ||
Description: | [3.1.16-2.0.1.el6_1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [3.1.16-2] - Update to 3.1.16 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-1439 CVE-2011-3647 CVE-2011-3648 CVE-2011-3650 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-07-30 | Name : CentOS Update for seamonkey CESA-2011:1440 centos4 x86_64 File : nvt/gb_CESA-2011_1440_seamonkey_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for thunderbird CESA-2011:1438 centos5 x86_64 File : nvt/gb_CESA-2011_1438_thunderbird_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for firefox CESA-2011:1437 centos4 x86_64 File : nvt/gb_CESA-2011_1437_firefox_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for thunderbird CESA-2011:1438 centos4 x86_64 File : nvt/gb_CESA-2011_1438_thunderbird_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for firefox CESA-2011:1437 centos5 x86_64 File : nvt/gb_CESA-2011_1437_firefox_centos5_x86_64.nasl |
2012-07-09 | Name : RedHat Update for thunderbird RHSA-2011:1439-01 File : nvt/gb_RHSA-2011_1439-01_thunderbird.nasl |
2012-03-16 | Name : Ubuntu Update for thunderbird USN-1282-1 File : nvt/gb_ubuntu_USN_1282_1.nasl |
2012-02-13 | Name : Debian Security Advisory DSA 2341-1 (iceweasel) File : nvt/deb_2341_1.nasl |
2012-02-11 | Name : Debian Security Advisory DSA 2342-1 (iceape) File : nvt/deb_2342_1.nasl |
2011-12-23 | Name : Ubuntu Update for thunderbird USN-1254-1 File : nvt/gb_ubuntu_USN_1254_1.nasl |
2011-11-25 | Name : Ubuntu Update for mozvoikko USN-1277-2 File : nvt/gb_ubuntu_USN_1277_2.nasl |
2011-11-25 | Name : Ubuntu Update for firefox USN-1277-1 File : nvt/gb_ubuntu_USN_1277_1.nasl |
2011-11-14 | Name : Mozilla Products Multiple Unspecified Vulnerabilities (MAC OS X) File : nvt/gb_mozilla_prdts_mult_unspecified_vuln_macosx.nasl |
2011-11-14 | Name : Mozilla Products XSS and Memory Corruption Vulnerabilities (Windows) File : nvt/gb_mozilla_prdts_xss_n_mem_crptn_vuln_win.nasl |
2011-11-14 | Name : Mozilla Products XSS and Memory Corruption Vulnerabilities (MAC OS X) File : nvt/gb_mozilla_prdts_xss_n_mem_crptn_vuln_macosx.nasl |
2011-11-14 | Name : Mozilla Products 'NoWaiverWrapper' Privilege Escalation Vulnerability (Mac OS X) File : nvt/gb_mozilla_prdts_wrapper_priv_esc_vuln_macosx.nasl |
2011-11-14 | Name : Mozilla Products Multiple Vulnerabilities (MAC OS X) File : nvt/gb_mozilla_prdts_mult_vuln_nov11_macosx.nasl |
2011-11-11 | Name : Mandriva Update for mozilla MDVSA-2011:169 (mozilla) File : nvt/gb_mandriva_MDVSA_2011_169.nasl |
2011-11-11 | Name : Mozilla Products Browser Engine Denial of Service Vulnerabilities (Windows) File : nvt/gb_mozilla_prdts_browser_engine_dos_vuln_win.nasl |
2011-11-11 | Name : CentOS Update for thunderbird CESA-2011:1438 centos4 i386 File : nvt/gb_CESA-2011_1438_thunderbird_centos4_i386.nasl |
2011-11-11 | Name : RedHat Update for seamonkey RHSA-2011:1440-01 File : nvt/gb_RHSA-2011_1440-01_seamonkey.nasl |
2011-11-11 | Name : Mozilla Products Multiple Vulnerabilities (Windows) File : nvt/gb_mozilla_prdts_mult_vuln_nov11_win.nasl |
2011-11-11 | Name : RedHat Update for thunderbird RHSA-2011:1438-01 File : nvt/gb_RHSA-2011_1438-01_thunderbird.nasl |
2011-11-11 | Name : Mozilla Products 'NoWaiverWrapper' Privilege Escalation Vulnerability (Windows) File : nvt/gb_mozilla_prdts_wrapper_priv_esc_vuln_win.nasl |
2011-11-11 | Name : RedHat Update for firefox RHSA-2011:1437-01 File : nvt/gb_RHSA-2011_1437-01_firefox.nasl |
2011-11-11 | Name : Ubuntu Update for firefox USN-1251-1 File : nvt/gb_ubuntu_USN_1251_1.nasl |
2011-11-11 | Name : CentOS Update for seamonkey CESA-2011:1440 centos4 i386 File : nvt/gb_CESA-2011_1440_seamonkey_centos4_i386.nasl |
2011-11-11 | Name : CentOS Update for firefox CESA-2011:1437 centos4 i386 File : nvt/gb_CESA-2011_1437_firefox_centos4_i386.nasl |
2011-11-11 | Name : CentOS Update for thunderbird CESA-2011:1438 centos5 i386 File : nvt/gb_CESA-2011_1438_thunderbird_centos5_i386.nasl |
2011-11-11 | Name : CentOS Update for firefox CESA-2011:1437 centos5 i386 File : nvt/gb_CESA-2011_1437_firefox_centos5_i386.nasl |
0000-00-00 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox61.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
76955 | Mozilla Multiple Product NoWaiverWrappers Internal Privilege Check Weakness R... |
76952 | Mozilla Multiple Product Firebug JavaScript File Profiling Remote Memory Corr... |
76951 | Mozilla Multiple Product Multiple Unspecified Remote Memory Corruption (2011-... |
76950 | Mozilla Multiple Product Unchecked Allocation Failure Remote Memory Corruption |
76949 | Mozilla Multiple Product SVG <mpath> Non-SVG Link Remote Memory Corruption |
76948 | Mozilla Multiple Product Shift-JIS XSS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_thunderbird_20120404.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_firefox_20121210.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-254.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2011-34.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2011-9.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaFirefox-111109.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_seamonkey-111130.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_MozillaFirefox-111110.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_seamonkey-111130.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1440.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2011-1439.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2011-1438.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1437.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111108_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111108_seamonkey_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111108_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111108_thunderbird_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2011-12-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1254-1.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-111114.nasl - Type : ACT_GATHER_INFO |
2011-11-29 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1282-1.nasl - Type : ACT_GATHER_INFO |
2011-11-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1277-1.nasl - Type : ACT_GATHER_INFO |
2011-11-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1277-2.nasl - Type : ACT_GATHER_INFO |
2011-11-14 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2011-1438.nasl - Type : ACT_GATHER_INFO |
2011-11-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1437.nasl - Type : ACT_GATHER_INFO |
2011-11-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1440.nasl - Type : ACT_GATHER_INFO |
2011-11-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2345.nasl - Type : ACT_GATHER_INFO |
2011-11-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1251-1.nasl - Type : ACT_GATHER_INFO |
2011-11-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2341.nasl - Type : ACT_GATHER_INFO |
2011-11-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2342.nasl - Type : ACT_GATHER_INFO |
2011-11-10 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_6c8ad3e80a3011e195804061862b8c22.nasl - Type : ACT_GATHER_INFO |
2011-11-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-169.nasl - Type : ACT_GATHER_INFO |
2011-11-09 | Name : The remote Mac OS X host contains an email client that is potentially affecte... File : macosx_thunderbird_8_0.nasl - Type : ACT_GATHER_INFO |
2011-11-09 | Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_3_6_24.nasl - Type : ACT_GATHER_INFO |
2011-11-09 | Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_8_0.nasl - Type : ACT_GATHER_INFO |
2011-11-09 | Name : The remote Mac OS X host contains an email client that is potentially affecte... File : macosx_thunderbird_3_1_16.nasl - Type : ACT_GATHER_INFO |
2011-11-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1440.nasl - Type : ACT_GATHER_INFO |
2011-11-09 | Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_3624.nasl - Type : ACT_GATHER_INFO |
2011-11-09 | Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_80.nasl - Type : ACT_GATHER_INFO |
2011-11-09 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_3116.nasl - Type : ACT_GATHER_INFO |
2011-11-09 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_80.nasl - Type : ACT_GATHER_INFO |
2011-11-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1437.nasl - Type : ACT_GATHER_INFO |
2011-11-09 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-1438.nasl - Type : ACT_GATHER_INFO |
2011-11-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1439.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:59:19 |
|