Summary
| Detail | |||
|---|---|---|---|
| Vendor | Opensuse Project | First view | 2013-12-11 |
| Product | Opensuse | Last view | 2014-03-19 |
| Version | 11.4 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:opensuse_project:opensuse | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 6.8 | 2014-03-19 | CVE-2014-1502 | The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors. |
| 5 | 2014-03-19 | CVE-2014-1500 | Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution. |
| 4.3 | 2014-03-19 | CVE-2014-1499 | Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt. |
| 5 | 2014-03-19 | CVE-2014-1498 | The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm. |
| 9.3 | 2014-03-19 | CVE-2014-1494 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
| 5.8 | 2014-02-10 | CVE-2011-4093 | Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided. |
| 5.8 | 2013-12-11 | CVE-2013-5611 | Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 25% (1) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 25% (1) | CWE-347 | Improper Verification of Cryptographic Signature |
| 25% (1) | CWE-346 | Origin Validation Error |
| 25% (1) | CWE-190 | Integer Overflow or Wraparound |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 76741 | net6 basic_server::id_counter Overflow Session Hijacking |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-04-02 | Name : Fedora Update for net6 FEDORA-2011-15363 File : nvt/gb_fedora_2011_15363_net6_fc16.nasl |
| 2011-11-25 | Name : Fedora Update for net6 FEDORA-2011-15326 File : nvt/gb_fedora_2011_15326_net6_fc15.nasl |
| 2011-11-25 | Name : Fedora Update for net6 FEDORA-2011-15332 File : nvt/gb_fedora_2011_15332_net6_fc14.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2014-A-0043 | Multiple Vulnerabilities in Mozilla Products Severity: Category I - VMSKEY: V0046769 |
| 2013-A-0233 | Multiple Vulnerabilities in Mozilla Products Severity: Category I - VMSKEY: V0042596 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2015-04-08 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201504-01.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_4_net6-111222.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_3_net6-111222.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2014-321.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2014-256.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2014-2.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2013-995.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2013-994.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2013-993.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-19.nasl - Type: ACT_GATHER_INFO |
| 2014-03-22 | Name: The remote SuSE 11 host is missing one or more security updates. File: suse_11_firefox-201403-140320.nasl - Type: ACT_GATHER_INFO |
| 2014-03-20 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_610de647af8d11e3a25bb4b52fce4ce8.nasl - Type: ACT_GATHER_INFO |
| 2014-03-19 | Name: The remote Windows host contains a web browser that is potentially affected b... File: mozilla_firefox_28.nasl - Type: ACT_GATHER_INFO |
| 2014-03-19 | Name: The remote Ubuntu host is missing a security-related patch. File: ubuntu_USN-2150-1.nasl - Type: ACT_GATHER_INFO |
| 2014-03-19 | Name: The remote Windows host contains a web browser that is potentially affected b... File: seamonkey_2_25.nasl - Type: ACT_GATHER_INFO |
| 2014-03-19 | Name: The remote Windows host contains a mail client that is potentially affected b... File: mozilla_thunderbird_24_4.nasl - Type: ACT_GATHER_INFO |
| 2014-03-19 | Name: The remote Windows host contains a web browser that is potentially affected b... File: mozilla_firefox_24_4_esr.nasl - Type: ACT_GATHER_INFO |
| 2014-03-19 | Name: The remote Mac OS X host contains a mail client that is potentially affected ... File: macosx_thunderbird_24_4.nasl - Type: ACT_GATHER_INFO |
| 2014-03-19 | Name: The remote Mac OS X host contains a web browser that is potentially affected ... File: macosx_firefox_28.nasl - Type: ACT_GATHER_INFO |
| 2014-03-19 | Name: The remote Mac OS X host contains a web browser that is potentially affected ... File: macosx_firefox_24_4_esr.nasl - Type: ACT_GATHER_INFO |
| 2013-12-20 | Name: The remote SuSE 11 host is missing one or more security updates. File: suse_11_firefox24-201312-131216.nasl - Type: ACT_GATHER_INFO |
| 2013-12-20 | Name: The remote SuSE 11 host is missing one or more security updates. File: suse_11_firefox24-201312-131215.nasl - Type: ACT_GATHER_INFO |
| 2013-12-18 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2013-23519.nasl - Type: ACT_GATHER_INFO |
| 2013-12-16 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_dd116b1964b311e3868f0025905a4771.nasl - Type: ACT_GATHER_INFO |
| 2013-12-12 | Name: The remote Ubuntu host is missing a security-related patch. File: ubuntu_USN-2052-1.nasl - Type: ACT_GATHER_INFO |
