Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | Thunderbird vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | USN-1681-2 | First vendor Publication | 2013-01-09 |
| Vendor | Ubuntu | Last vendor Modification | 2013-01-09 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.10 - Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 10.04 LTS Summary: Several security issues were fixed in Thunderbird. Software Description: - thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1681-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Original advisory details: Christoph Diehl, Christian Holler, Mats Palmgren, Chiaki Ishikawa, Bill Abhishek Arya discovered several user-after-free and buffer overflows in A stack buffer was discovered in Firefox. If the user were tricked into Masato Kinugawa discovered that Firefox did not always properly display URL Atte Kettunen discovered that Firefox did not properly handle HTML tables Jerry Baker discovered that Firefox did not always properly handle Olli Pettay and Boris Zbarsky discovered flaws in the Javacript engine of Jesse Ruderman discovered a flaw in the way Firefox handled plugins. If a Jesse Ruderman discovered an information leak in Firefox. An attacker could An integer overflow was discovered in the Javascript engine, leading to a Sviatoslav Chagaev discovered that Firefox did not properly handle XBL Mariusz Mlynski discovered two flaws to gain access to privileged chrome Several use-after-free issues were discovered in Firefox. If the user were Two intermediate CA certificates were mis-issued by the TURKTRUST Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.10: Ubuntu 12.04 LTS: Ubuntu 11.10: Ubuntu 10.04 LTS: After a standard system update you need to restart Thunderbird to make all the necessary changes. References: Package Information: https://launchpad.net/ubuntu/+source/thunderbird/17.0.2+build1-0ubuntu0.12.10.1 https://launchpad.net/ubuntu/+source/thunderbird/17.0.2+build1-0ubuntu0.12.04.1 https://launchpad.net/ubuntu/+source/thunderbird/17.0.2+build1-0ubuntu0.11.10.1 https://launchpad.net/ubuntu/+source/thunderbird/17.0.2+build1-0ubuntu0.10.04.1 |
Original Source
| Url : http://www.ubuntu.com/usn/USN-1681-2 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 39 % | CWE-416 | Use After Free |
| 13 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
| 9 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 9 % | CWE-20 | Improper Input Validation |
| 4 % | CWE-326 | Inadequate Encryption Strength |
| 4 % | CWE-287 | Improper Authentication |
| 4 % | CWE-200 | Information Exposure |
| 4 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
| 4 % | CWE-125 | Out-of-bounds Read |
| 4 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
| 4 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:16171 | |||
| Oval ID: | oval:org.mitre.oval:def:16171 | ||
| Title: | The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| Description: | The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0767 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16189 | |||
| Oval ID: | oval:org.mitre.oval:def:16189 | ||
| Title: | Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
| Description: | Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0766 | Version: | 21 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16199 | |||
| Oval ID: | oval:org.mitre.oval:def:16199 | ||
| Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0769 | Version: | 21 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16288 | |||
| Oval ID: | oval:org.mitre.oval:def:16288 | ||
| Title: | Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
| Description: | Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0762 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16570 | |||
| Oval ID: | oval:org.mitre.oval:def:16570 | ||
| Title: | Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection. | ||
| Description: | Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0746 | Version: | 21 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16694 | |||
| Oval ID: | oval:org.mitre.oval:def:16694 | ||
| Title: | Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content. | ||
| Description: | Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0752 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16715 | |||
| Oval ID: | oval:org.mitre.oval:def:16715 | ||
| Title: | The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not ensure thread safety for SSL sessions, which allows remote attackers to execute arbitrary code via crafted data, as demonstrated by e-mail message data. | ||
| Description: | The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not ensure thread safety for SSL sessions, which allows remote attackers to execute arbitrary code via crafted data, as demonstrated by e-mail message data. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0764 | Version: | 23 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16812 | |||
| Oval ID: | oval:org.mitre.oval:def:16812 | ||
| Title: | Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the triggering of garbage collection after memory allocation for listener objects. | ||
| Description: | Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the triggering of garbage collection after memory allocation for listener objects. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0754 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16813 | |||
| Oval ID: | oval:org.mitre.oval:def:16813 | ||
| Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0770 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16827 | |||
| Oval ID: | oval:org.mitre.oval:def:16827 | ||
| Title: | Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to spoof the address bar via vectors involving authentication information in the userinfo field of a URL, in conjunction with a 204 (aka No Content) HTTP status code. | ||
| Description: | Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to spoof the address bar via vectors involving authentication information in the userinfo field of a URL, in conjunction with a 204 (aka No Content) HTTP status code. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0759 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16832 | |||
| Oval ID: | oval:org.mitre.oval:def:16832 | ||
| Title: | Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
| Description: | Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0761 | Version: | 23 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16849 | |||
| Oval ID: | oval:org.mitre.oval:def:16849 | ||
| Title: | Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors. | ||
| Description: | Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-5829 | Version: | 19 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16866 | |||
| Oval ID: | oval:org.mitre.oval:def:16866 | ||
| Title: | The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly enforce the Same Origin Policy, which allows remote attackers to conduct clickjacking attacks via crafted JavaScript code that listens for a mutation event. | ||
| Description: | The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly enforce the Same Origin Policy, which allows remote attackers to conduct clickjacking attacks via crafted JavaScript code that listens for a mutation event. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0747 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16939 | |||
| Oval ID: | oval:org.mitre.oval:def:16939 | ||
| Title: | The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document. | ||
| Description: | The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0757 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16952 | |||
| Oval ID: | oval:org.mitre.oval:def:16952 | ||
| Title: | Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors related to the domDoc pointer. | ||
| Description: | Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors related to the domDoc pointer. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0755 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16953 | |||
| Oval ID: | oval:org.mitre.oval:def:16953 | ||
| Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0749 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16957 | |||
| Oval ID: | oval:org.mitre.oval:def:16957 | ||
| Title: | Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted string concatenation, leading to improper memory allocation and a heap-based buffer overflow. | ||
| Description: | Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted string concatenation, leading to improper memory allocation and a heap-based buffer overflow. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0750 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:16990 | |||
| Oval ID: | oval:org.mitre.oval:def:16990 | ||
| Title: | Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via an HTML document that specifies invalid width and height values. | ||
| Description: | Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via an HTML document that specifies invalid width and height values. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0768 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17007 | |||
| Oval ID: | oval:org.mitre.oval:def:17007 | ||
| Title: | Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups. | ||
| Description: | Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0744 | Version: | 23 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17019 | |||
| Oval ID: | oval:org.mitre.oval:def:17019 | ||
| Title: | Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document. | ||
| Description: | Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0771 | Version: | 23 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17053 | |||
| Oval ID: | oval:org.mitre.oval:def:17053 | ||
| Title: | Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content. | ||
| Description: | Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0753 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17061 | |||
| Oval ID: | oval:org.mitre.oval:def:17061 | ||
| Title: | The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows remote attackers to execute arbitrary code via a crafted HTML document referencing JavaScript objects. | ||
| Description: | The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows remote attackers to execute arbitrary code via a crafted HTML document referencing JavaScript objects. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0745 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17086 | |||
| Oval ID: | oval:org.mitre.oval:def:17086 | ||
| Title: | Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document. | ||
| Description: | Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0760 | Version: | 23 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17087 | |||
| Oval ID: | oval:org.mitre.oval:def:17087 | ||
| Title: | Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging improper interaction between plugin objects and SVG elements. | ||
| Description: | Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging improper interaction between plugin objects and SVG elements. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0758 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17101 | |||
| Oval ID: | oval:org.mitre.oval:def:17101 | ||
| Title: | Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted web page referencing JavaScript Proxy objects that are not properly handled during garbage collection. | ||
| Description: | Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted web page referencing JavaScript Proxy objects that are not properly handled during garbage collection. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0756 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17107 | |||
| Oval ID: | oval:org.mitre.oval:def:17107 | ||
| Title: | Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to Mesa drivers and a resized WebGL canvas. | ||
| Description: | Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to Mesa drivers and a resized WebGL canvas. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0763 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17109 | |||
| Oval ID: | oval:org.mitre.oval:def:17109 | ||
| Title: | The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes it easier for remote attackers to bypass the ASLR protection mechanism by calling the toString function of an XBL object. | ||
| Description: | The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes it easier for remote attackers to bypass the ASLR protection mechanism by calling the toString function of an XBL object. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-0748 | Version: | 22 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17859 | |||
| Oval ID: | oval:org.mitre.oval:def:17859 | ||
| Title: | USN-1687-1 -- nss vulnerability | ||
| Description: | Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1687-1 CVE-2013-0743 | Version: | 7 |
| Platform(s): | Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04 | Product(s): | nss |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17950 | |||
| Oval ID: | oval:org.mitre.oval:def:17950 | ||
| Title: | USN-1681-2 -- thunderbird vulnerabilities | ||
| Description: | Several security issues were fixed in Thunderbird. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1681-2 CVE-2013-0769 CVE-2013-0749 CVE-2013-0770 CVE-2013-0760 CVE-2013-0761 CVE-2013-0762 CVE-2013-0763 CVE-2013-0766 CVE-2013-0767 CVE-2013-0771 CVE-2012-5829 CVE-2013-0768 CVE-2013-0759 CVE-2013-0744 CVE-2013-0764 CVE-2013-0745 CVE-2013-0746 CVE-2013-0747 CVE-2013-0748 CVE-2013-0750 CVE-2013-0752 CVE-2013-0757 CVE-2013-0758 CVE-2013-0753 CVE-2013-0754 CVE-2013-0755 CVE-2013-0756 CVE-2013-0743 | Version: | 7 |
| Platform(s): | Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17969 | |||
| Oval ID: | oval:org.mitre.oval:def:17969 | ||
| Title: | USN-1687-2 -- nspr update | ||
| Description: | NSPR update to work with the new NSS. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1687-2 CVE-2013-0743 | Version: | 7 |
| Platform(s): | Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04 | Product(s): | nspr |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18149 | |||
| Oval ID: | oval:org.mitre.oval:def:18149 | ||
| Title: | USN-1681-3 -- firefox regression | ||
| Description: | USN-1681-1 introduced a regression in Firefox. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1681-3 CVE-2013-0769 CVE-2013-0749 CVE-2013-0770 CVE-2013-0760 CVE-2013-0761 CVE-2013-0762 CVE-2013-0763 CVE-2013-0766 CVE-2013-0767 CVE-2013-0771 CVE-2012-5829 CVE-2013-0768 CVE-2013-0759 CVE-2013-0744 CVE-2013-0764 CVE-2013-0745 CVE-2013-0746 CVE-2013-0747 CVE-2013-0748 CVE-2013-0750 CVE-2013-0752 CVE-2013-0757 CVE-2013-0758 CVE-2013-0753 CVE-2013-0754 CVE-2013-0755 CVE-2013-0756 CVE-2013-0743 | Version: | 7 |
| Platform(s): | Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18249 | |||
| Oval ID: | oval:org.mitre.oval:def:18249 | ||
| Title: | USN-1681-1 -- firefox vulnerabilities | ||
| Description: | Several security issues were fixed in Firefox. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1681-1 CVE-2013-0769 CVE-2013-0749 CVE-2013-0770 CVE-2013-0760 CVE-2013-0761 CVE-2013-0762 CVE-2013-0763 CVE-2013-0766 CVE-2013-0767 CVE-2013-0771 CVE-2012-5829 CVE-2013-0768 CVE-2013-0759 CVE-2013-0744 CVE-2013-0764 CVE-2013-0745 CVE-2013-0746 CVE-2013-0747 CVE-2013-0748 CVE-2013-0750 CVE-2013-0752 CVE-2013-0757 CVE-2013-0758 CVE-2013-0753 CVE-2013-0754 CVE-2013-0755 CVE-2013-0756 CVE-2013-0743 | Version: | 7 |
| Platform(s): | Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18290 | |||
| Oval ID: | oval:org.mitre.oval:def:18290 | ||
| Title: | USN-1681-4 -- firefox regression | ||
| Description: | USN-1681-1 introduced a regression in Firefox. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1681-4 CVE-2013-0769 CVE-2013-0749 CVE-2013-0770 CVE-2013-0760 CVE-2013-0761 CVE-2013-0762 CVE-2013-0763 CVE-2013-0766 CVE-2013-0767 CVE-2013-0771 CVE-2012-5829 CVE-2013-0768 CVE-2013-0759 CVE-2013-0744 CVE-2013-0764 CVE-2013-0745 CVE-2013-0746 CVE-2013-0747 CVE-2013-0748 CVE-2013-0750 CVE-2013-0752 CVE-2013-0757 CVE-2013-0758 CVE-2013-0753 CVE-2013-0754 CVE-2013-0755 CVE-2013-0756 CVE-2013-0743 | Version: | 7 |
| Platform(s): | Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18476 | |||
| Oval ID: | oval:org.mitre.oval:def:18476 | ||
| Title: | DSA-2599-1 nss - mis-issued intermediates | ||
| Description: | Google, Inc. discovered that the TurkTrust certification authority included in the Network Security Service libraries (nss) mis-issued two intermediate CAs which could be used to generate rogue end-entity certificates. This update explicitly distrusts those two intermediate CAs. The two existing TurkTrust root CAs remain active. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2599-1 CVE-2013-0743 | Version: | 7 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | nss |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20230 | |||
| Oval ID: | oval:org.mitre.oval:def:20230 | ||
| Title: | RHSA-2013:0145: thunderbird security update (Critical) | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2013:0145-01 CESA-2013:0145 CVE-2013-0744 CVE-2013-0746 CVE-2013-0748 CVE-2013-0750 CVE-2013-0753 CVE-2013-0754 CVE-2013-0758 CVE-2013-0759 CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 CVE-2013-0769 | Version: | 171 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20855 | |||
| Oval ID: | oval:org.mitre.oval:def:20855 | ||
| Title: | RHSA-2013:0144: firefox security update (Critical) | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2013:0144-01 CESA-2013:0144 CVE-2013-0744 CVE-2013-0746 CVE-2013-0748 CVE-2013-0750 CVE-2013-0753 CVE-2013-0754 CVE-2013-0758 CVE-2013-0759 CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 CVE-2013-0769 | Version: | 171 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | firefox xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22698 | |||
| Oval ID: | oval:org.mitre.oval:def:22698 | ||
| Title: | DEPRECATED: ELSA-2013:0145: thunderbird security update (Critical) | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013:0145-01 CVE-2013-0744 CVE-2013-0746 CVE-2013-0748 CVE-2013-0750 CVE-2013-0753 CVE-2013-0754 CVE-2013-0758 CVE-2013-0759 CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 CVE-2013-0769 | Version: | 54 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22936 | |||
| Oval ID: | oval:org.mitre.oval:def:22936 | ||
| Title: | DEPRECATED: ELSA-2013:0144: firefox security update (Critical) | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013:0144-01 CVE-2013-0744 CVE-2013-0746 CVE-2013-0748 CVE-2013-0750 CVE-2013-0753 CVE-2013-0754 CVE-2013-0758 CVE-2013-0759 CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 CVE-2013-0769 | Version: | 54 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23847 | |||
| Oval ID: | oval:org.mitre.oval:def:23847 | ||
| Title: | ELSA-2013:0145: thunderbird security update (Critical) | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013:0145-01 CVE-2013-0744 CVE-2013-0746 CVE-2013-0748 CVE-2013-0750 CVE-2013-0753 CVE-2013-0754 CVE-2013-0758 CVE-2013-0759 CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 CVE-2013-0769 | Version: | 53 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23874 | |||
| Oval ID: | oval:org.mitre.oval:def:23874 | ||
| Title: | ELSA-2013:0144: firefox security update (Critical) | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013:0144-01 CVE-2013-0744 CVE-2013-0746 CVE-2013-0748 CVE-2013-0750 CVE-2013-0753 CVE-2013-0754 CVE-2013-0758 CVE-2013-0759 CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 CVE-2013-0769 | Version: | 53 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27450 | |||
| Oval ID: | oval:org.mitre.oval:def:27450 | ||
| Title: | DEPRECATED: ELSA-2013-0144 -- firefox security update (critical) | ||
| Description: | firefox [10.0.12-1.0.1.el6_3] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [10.0.12-1] - Update to 10.0.12 ESR xulrunner [10.0.12-1.0.1.el6_3] - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [10.0.12-1] - Update to 10.0.12 ESR | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013-0144 CVE-2013-0744 CVE-2013-0746 CVE-2013-0748 CVE-2013-0750 CVE-2013-0753 CVE-2013-0754 CVE-2013-0758 CVE-2013-0759 CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 CVE-2013-0769 | Version: | 4 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27607 | |||
| Oval ID: | oval:org.mitre.oval:def:27607 | ||
| Title: | DEPRECATED: ELSA-2013-0145 -- thunderbird security update (critical) | ||
| Description: | [10.0.12-3.0.1.el6_3] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [10.0.12-3] - Update to 10.0.12 ESR | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013-0145 CVE-2013-0744 CVE-2013-0746 CVE-2013-0748 CVE-2013-0750 CVE-2013-0753 CVE-2013-0754 CVE-2013-0758 CVE-2013-0759 CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 CVE-2013-0769 | Version: | 4 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
SAINT Exploits
| Description | Link |
|---|---|
| Mozilla Firefox XMLSerializer serializeToStream Use-after-free Vulnerability | More info here |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2013-09-18 | Name : Debian Security Advisory DSA 2588-1 (icedove - several vulnerabilities) File : nvt/deb_2588_1.nasl |
| 2013-09-18 | Name : Debian Security Advisory DSA 2584-1 (iceape - several vulnerabilities) File : nvt/deb_2584_1.nasl |
| 2013-09-18 | Name : Debian Security Advisory DSA 2583-1 (iceweasel - several vulnerabilities) File : nvt/deb_2583_1.nasl |
| 2012-12-06 | Name : Fedora Update for seamonkey FEDORA-2012-18931 File : nvt/gb_fedora_2012_18931_seamonkey_fc16.nasl |
| 2012-12-06 | Name : Fedora Update for seamonkey FEDORA-2012-18952 File : nvt/gb_fedora_2012_18952_seamonkey_fc17.nasl |
| 2012-12-04 | Name : Ubuntu Update for firefox USN-1638-3 File : nvt/gb_ubuntu_USN_1638_3.nasl |
| 2012-11-26 | Name : Mozilla Firefox Multiple Vulnerabilities-01 November12 (Windows) File : nvt/gb_mozilla_prdts_mult_vuln01_nov12_win.nasl |
| 2012-11-26 | Name : Mozilla Thunderbird Multiple Vulnerabilities-01 November12 (Windows) File : nvt/gb_mozilla_thunderbird_mult_vuln01_nov12_win.nasl |
| 2012-11-26 | Name : Mozilla Thunderbird ESR Multiple Vulnerabilities-01 November12 (Windows) File : nvt/gb_mozilla_thunderbird_esr_mult_vuln01_nov12_win.nasl |
| 2012-11-26 | Name : Mozilla SeaMonkey Multiple Vulnerabilities-01 November12 (Windows) File : nvt/gb_mozilla_seamonkey_mult_vuln01_nov12_win.nasl |
| 2012-11-26 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox72.nasl |
| 2012-11-26 | Name : Mozilla Firefox Multiple Vulnerabilities-01 November12 (Mac OS X) File : nvt/gb_mozilla_prdts_mult_vuln01_nov12_macosx.nasl |
| 2012-11-26 | Name : Mozilla Firefox ESR Multiple Vulnerabilities-01 November12 (Windows) File : nvt/gb_mozilla_firefox_esr_mult_vuln01_nov12_win.nasl |
| 2012-11-23 | Name : RedHat Update for thunderbird RHSA-2012:1483-01 File : nvt/gb_RHSA-2012_1483-01_thunderbird.nasl |
| 2012-11-23 | Name : RedHat Update for firefox RHSA-2012:1482-01 File : nvt/gb_RHSA-2012_1482-01_firefox.nasl |
| 2012-11-23 | Name : Ubuntu Update for thunderbird USN-1636-1 File : nvt/gb_ubuntu_USN_1636_1.nasl |
| 2012-11-23 | Name : Ubuntu Update for firefox USN-1638-1 File : nvt/gb_ubuntu_USN_1638_1.nasl |
| 2012-11-23 | Name : Ubuntu Update for ubufox USN-1638-2 File : nvt/gb_ubuntu_USN_1638_2.nasl |
| 2012-11-23 | Name : CentOS Update for thunderbird CESA-2012:1483 centos6 File : nvt/gb_CESA-2012_1483_thunderbird_centos6.nasl |
| 2012-11-23 | Name : CentOS Update for thunderbird CESA-2012:1483 centos5 File : nvt/gb_CESA-2012_1483_thunderbird_centos5.nasl |
| 2012-11-23 | Name : CentOS Update for firefox CESA-2012:1482 centos6 File : nvt/gb_CESA-2012_1482_firefox_centos6.nasl |
| 2012-11-23 | Name : CentOS Update for firefox CESA-2012:1482 centos5 File : nvt/gb_CESA-2012_1482_firefox_centos5.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2015-02-11 | Mozilla Firefox XMLSerializer serializeToStream use-after-free attempt RuleID : 32994 - Revision : 6 - Type : BROWSER-FIREFOX |
| 2015-02-11 | Mozilla Firefox XMLSerializer serializeToStream use-after-free attempt RuleID : 32993 - Revision : 6 - Type : BROWSER-FIREFOX |
| 2014-01-10 | Nailed exploit kit Firefox exploit download - autopwn RuleID : 27080 - Revision : 2 - Type : EXPLOIT-KIT |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-0306-1.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-817.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-818.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-819.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-820.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-17.nasl - Type : ACT_GATHER_INFO |
| 2013-09-28 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201309-23.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2013-0145.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0144.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2012-1483.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1482.nasl - Type : ACT_GATHER_INFO |
| 2013-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-050.nasl - Type : ACT_GATHER_INFO |
| 2013-02-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1681-4.nasl - Type : ACT_GATHER_INFO |
| 2013-02-04 | Name : The remote Fedora host is missing a security update. File : fedora_2013-1432.nasl - Type : ACT_GATHER_INFO |
| 2013-02-04 | Name : The remote Fedora host is missing a security update. File : fedora_2013-1382.nasl - Type : ACT_GATHER_INFO |
| 2013-01-28 | Name : The remote Fedora host is missing a security update. File : fedora_2013-1442.nasl - Type : ACT_GATHER_INFO |
| 2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-201301-130110.nasl - Type : ACT_GATHER_INFO |
| 2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-20121121-121123.nasl - Type : ACT_GATHER_INFO |
| 2013-01-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1681-3.nasl - Type : ACT_GATHER_INFO |
| 2013-01-20 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox-201301-8426.nasl - Type : ACT_GATHER_INFO |
| 2013-01-15 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_10012.nasl - Type : ACT_GATHER_INFO |
| 2013-01-15 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_180.nasl - Type : ACT_GATHER_INFO |
| 2013-01-15 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_1702.nasl - Type : ACT_GATHER_INFO |
| 2013-01-15 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_1701.nasl - Type : ACT_GATHER_INFO |
| 2013-01-15 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_10012.nasl - Type : ACT_GATHER_INFO |
| 2013-01-15 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1702.nasl - Type : ACT_GATHER_INFO |
| 2013-01-15 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_215.nasl - Type : ACT_GATHER_INFO |
| 2013-01-15 | Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0_2.nasl - Type : ACT_GATHER_INFO |
| 2013-01-15 | Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_10_0_12.nasl - Type : ACT_GATHER_INFO |
| 2013-01-15 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_18_0.nasl - Type : ACT_GATHER_INFO |
| 2013-01-15 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_17_0_2.nasl - Type : ACT_GATHER_INFO |
| 2013-01-15 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_17_0_1.nasl - Type : ACT_GATHER_INFO |
| 2013-01-15 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_10_0_12.nasl - Type : ACT_GATHER_INFO |
| 2013-01-11 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130108_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2013-01-11 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130108_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2013-01-10 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_a4ed66325aa911e28fcbc8600054b392.nasl - Type : ACT_GATHER_INFO |
| 2013-01-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-003.nasl - Type : ACT_GATHER_INFO |
| 2013-01-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1681-1.nasl - Type : ACT_GATHER_INFO |
| 2013-01-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0145.nasl - Type : ACT_GATHER_INFO |
| 2013-01-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0144.nasl - Type : ACT_GATHER_INFO |
| 2013-01-09 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0144.nasl - Type : ACT_GATHER_INFO |
| 2013-01-09 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2013-0145.nasl - Type : ACT_GATHER_INFO |
| 2013-01-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1681-2.nasl - Type : ACT_GATHER_INFO |
| 2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
| 2012-12-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2588.nasl - Type : ACT_GATHER_INFO |
| 2012-12-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2583.nasl - Type : ACT_GATHER_INFO |
| 2012-12-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2584.nasl - Type : ACT_GATHER_INFO |
| 2012-12-04 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1638-3.nasl - Type : ACT_GATHER_INFO |
| 2012-12-04 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18894.nasl - Type : ACT_GATHER_INFO |
| 2012-12-04 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18931.nasl - Type : ACT_GATHER_INFO |
| 2012-12-04 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18952.nasl - Type : ACT_GATHER_INFO |
| 2012-11-29 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox-20121121-8381.nasl - Type : ACT_GATHER_INFO |
| 2012-11-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1638-2.nasl - Type : ACT_GATHER_INFO |
| 2012-11-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2012-1483.nasl - Type : ACT_GATHER_INFO |
| 2012-11-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1638-1.nasl - Type : ACT_GATHER_INFO |
| 2012-11-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1636-1.nasl - Type : ACT_GATHER_INFO |
| 2012-11-23 | Name : The remote Scientific Linux host is missing a security update. File : sl_20121120_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-11-23 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121120_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-11-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1482.nasl - Type : ACT_GATHER_INFO |
| 2012-11-21 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_214.nasl - Type : ACT_GATHER_INFO |
| 2012-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1483.nasl - Type : ACT_GATHER_INFO |
| 2012-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1482.nasl - Type : ACT_GATHER_INFO |
| 2012-11-21 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_170.nasl - Type : ACT_GATHER_INFO |
| 2012-11-21 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_10011.nasl - Type : ACT_GATHER_INFO |
| 2012-11-21 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_170.nasl - Type : ACT_GATHER_INFO |
| 2012-11-21 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_10011.nasl - Type : ACT_GATHER_INFO |
| 2012-11-21 | Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0.nasl - Type : ACT_GATHER_INFO |
| 2012-11-21 | Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_10_0_11.nasl - Type : ACT_GATHER_INFO |
| 2012-11-21 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_17_0.nasl - Type : ACT_GATHER_INFO |
| 2012-11-21 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_10_0_11.nasl - Type : ACT_GATHER_INFO |
| 2012-11-21 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_d23119df335d11e2b64cc8600054b392.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 12:01:17 |
|
| 2013-01-25 21:19:35 |
|
| 2013-01-14 00:24:06 |
|
| 2013-01-09 09:20:44 |
|
