Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2010-2754 | First vendor Publication | 2010-07-30 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2754 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-200 | Information Exposure |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:11531 | |||
| Oval ID: | oval:org.mitre.oval:def:11531 | ||
| Title: | DSA-2075 xulrunner -- several vulnerabilities | ||
| Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems: Wladimir Palant discovered that security checks in XML processing were insufficiently enforced. Chris Evans discovered that insecure CSS handling could lead to reading data across domain boundaries. Aki Helin discovered a buffer overflow in the internal copy of libpng, which could lead to the execution of arbitrary code. "regenrecht" discovered that incorrect memory handling in DOM parsing could lead to the execution of arbitrary code. Jesse Ruderman, Ehsan Akhgari, Mats Palmgren, Igor Bukanov, Gary Kwong, Tobias Markus and Daniel Holbert discovered crashes in the layout engine, which might allow the execution of arbitrary code. "JS3" discovered an integer overflow in the plugin code, which could lead to the execution of arbitrary code. Jordi Chancel discovered that the location could be spoofed to appear like a secured page. "regenrecht" discovered that incorrect memory handling in XUL parsing could lead to the execution of arbitrary code. Soroush Dalili discovered an information leak in script processing. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2075 CVE-2010-0182 CVE-2010-0654 CVE-2010-1205 CVE-2010-1208 CVE-2010-1211 CVE-2010-1214 CVE-2010-2751 CVE-2010-2753 CVE-2010-2754 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:11770 | |||
| Oval ID: | oval:org.mitre.oval:def:11770 | ||
| Title: | Mozilla Firefox, Thunderbird, and SeaMonkey Cross-origin data leakage from script filename in error messages | ||
| Description: | dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-2754 | Version: | 25 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13110 | |||
| Oval ID: | oval:org.mitre.oval:def:13110 | ||
| Title: | USN-958-1 -- thunderbird vulnerabilities | ||
| Description: | Several flaws were discovered in the browser engine of Thunderbird. If a user were tricked into viewing malicious content, a remote attacker could use this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. An integer overflow was discovered in how Thunderbird processed CSS values. An attacker could exploit this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. An integer overflow was discovered in how Thunderbird interpreted the XUL element. If a user were tricked into viewing malicious content, a remote attacker could use this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. Aki Helin discovered that libpng did not properly handle certain malformed PNG images. If a user were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Yosuke Hasegawa discovered that the same-origin check in Thunderbird could be bypassed by utilizing the importScripts Web Worker method. If a user were tricked into viewing malicious content, an attacker could exploit this to read data from other domains. Chris Evans discovered that Thunderbird did not properly process improper CSS selectors. If a user were tricked into viewing malicious content, an attacker could exploit this to read data from other domains. Soroush Dalili discovered that Thunderbird did not properly handle script error output. An attacker could use this to access URL parameters from other domains | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-958-1 CVE-2010-1211 CVE-2010-1212 CVE-2010-2752 CVE-2010-2753 CVE-2010-1205 CVE-2010-1213 CVE-2010-0654 CVE-2010-2754 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13136 | |||
| Oval ID: | oval:org.mitre.oval:def:13136 | ||
| Title: | DSA-2075-1 xulrunner -- several | ||
| Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0182 Wladimir Palant discovered that security checks in XML processing were insufficiently enforced. CVE-2010-0654 Chris Evans discovered that insecure CSS handling could lead to reading data across domain boundaries. CVE-2010-1205 Aki Helin discovered a buffer overflow in the internal copy of libpng, which could lead to the execution of arbitrary code. CVE-2010-1208 "regenrecht" discovered that incorrect memory handling in DOM parsing could lead to the execution of arbitrary code. CVE-2010-1211 Jesse Ruderman, Ehsan Akhgari, Mats Palmgren, Igor Bukanov, Gary Kwong, Tobias Markus and Daniel Holbert discovered crashes in the layout engine, which might allow the execution of arbitrary code. CVE-2010-1214 "JS3" discovered an integer overflow in the plugin code, which could lead to the execution of arbitrary code. CVE-2010-2751 Jordi Chancel discovered that the location could be spoofed to appear like a secured page. CVE-2010-2753 "regenrecht" discovered that incorrect memory handling in XUL parsing could lead to the execution of arbitrary code. CVE-2010-2754 Soroush Dalili discovered an information leak in script processing. For the stable distribution, these problems have been fixed in version 1.9.0.19-3. For the unstable distribution, these problems have been fixed in version 1.9.1.11-1. For the experimental distribution, these problems have been fixed in version 1.9.2.7-1. We recommend that you upgrade your xulrunner packages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2075-1 CVE-2010-0182 CVE-2010-0654 CVE-2010-1205 CVE-2010-1208 CVE-2010-1211 CVE-2010-1214 CVE-2010-2751 CVE-2010-2753 CVE-2010-2754 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13256 | |||
| Oval ID: | oval:org.mitre.oval:def:13256 | ||
| Title: | USN-930-5 -- ant, apturl, epiphany-browser, gluezilla, gnome-python-extras, liferea, mozvoikko, openjdk-6, packagekit, ubufox, webfav, yelp update | ||
| Description: | USN-930-4 fixed vulnerabilities in Firefox and Xulrunner on Ubuntu 9.04 and 9.10. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2. Original advisory details: If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS. Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. A flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. An integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Michal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. Ilja van Sprundel discovered that the "Content-Disposition: attachment" HTTP header was ignored when "Content-Type: multipart" was also present. Under certain circumstances, this could potentially lead to cross-site scripting attacks. Amit Klein discovered that Firefox did not seed its random number generator often enough. An attacker could exploit this to identify and track users across different web sites. Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. An integer overflow was discovered in how Firefox processed plugin parameters. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. A flaw was discovered in the Firefox JavaScript engine. If a user were tricked into viewing a malicious site, a remote attacker code execute arbitrary JavaScript with chrome privileges. An integer overflow was discovered in how Firefox processed CSS values. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. An integer overflow was discovered in how Firefox interpreted the XUL <tree> element. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. Aki Helin discovered that libpng did not properly handle certain malformed PNG images. If a user were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Yosuke Hasegawa and Vladimir Vukicevic discovered that the same-origin check in Firefox could be bypassed by utilizing the importScripts Web Worker method. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. O. Andersen that Firefox did not properly map undefined positions within certain 8 bit encodings. An attacker could utilize this to perform cross-site scripting attacks. Michal Zalewski discovered flaws in how Firefox processed the HTTP 204 code. An attacker could exploit this to spoof the location bar, such as in a phishing attack. Jordi Chancel discovered that Firefox did not properly handle when a server responds to an HTTPS request with plaintext and then processes JavaScript history events. An attacker could exploit this to spoof the location bar, such as in a phishing attack. Chris Evans discovered that Firefox did not properly process improper CSS selectors. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. Soroush Dalili discovered that Firefox did not properly handle script error output. An attacker could use this to access URL parameters from other domains | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-930-5 CVE-2010-1121 CVE-2010-1200 CVE-2010-1201 CVE-2010-1202 CVE-2010-1203 CVE-2010-1198 CVE-2010-1196 CVE-2010-1199 CVE-2010-1125 CVE-2010-1197 CVE-2008-5913 CVE-2010-1208 CVE-2010-1209 CVE-2010-1211 CVE-2010-1212 CVE-2010-1214 CVE-2010-1215 CVE-2010-2752 CVE-2010-2753 CVE-2010-1205 CVE-2010-1213 CVE-2010-1207 CVE-2010-1210 CVE-2010-1206 CVE-2010-2751 CVE-2010-0654 CVE-2010-2754 | Version: | 7 |
| Platform(s): | Ubuntu 9.04 Ubuntu 9.10 | Product(s): | ant apturl epiphany-browser gluezilla gnome-python-extras liferea mozvoikko openjdk-6 packagekit ubufox webfav yelp |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22242 | |||
| Oval ID: | oval:org.mitre.oval:def:22242 | ||
| Title: | RHSA-2010:0545: thunderbird security update (Critical) | ||
| Description: | dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0545-01 CESA-2010:0545 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-1197 CVE-2010-1198 CVE-2010-1199 CVE-2010-1200 CVE-2010-1205 CVE-2010-1211 CVE-2010-1214 CVE-2010-2753 CVE-2010-2754 | Version: | 172 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22344 | |||
| Oval ID: | oval:org.mitre.oval:def:22344 | ||
| Title: | RHSA-2010:0547: firefox security update (Critical) | ||
| Description: | dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0547-01 CESA-2010:0547 CVE-2010-0654 CVE-2010-1205 CVE-2010-1206 CVE-2010-1207 CVE-2010-1208 CVE-2010-1209 CVE-2010-1210 CVE-2010-1211 CVE-2010-1212 CVE-2010-1213 CVE-2010-1214 CVE-2010-1215 CVE-2010-2751 CVE-2010-2752 CVE-2010-2753 CVE-2010-2754 | Version: | 211 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | firefox xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23023 | |||
| Oval ID: | oval:org.mitre.oval:def:23023 | ||
| Title: | ELSA-2010:0547: firefox security update (Critical) | ||
| Description: | dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0547-01 CVE-2010-0654 CVE-2010-1205 CVE-2010-1206 CVE-2010-1207 CVE-2010-1208 CVE-2010-1209 CVE-2010-1210 CVE-2010-1211 CVE-2010-1212 CVE-2010-1213 CVE-2010-1214 CVE-2010-1215 CVE-2010-2751 CVE-2010-2752 CVE-2010-2753 CVE-2010-2754 | Version: | 69 |
| Platform(s): | Oracle Linux 5 | Product(s): | firefox xulrunner |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23041 | |||
| Oval ID: | oval:org.mitre.oval:def:23041 | ||
| Title: | ELSA-2010:0545: thunderbird security update (Critical) | ||
| Description: | dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0545-01 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-1197 CVE-2010-1198 CVE-2010-1199 CVE-2010-1200 CVE-2010-1205 CVE-2010-1211 CVE-2010-1214 CVE-2010-2753 CVE-2010-2754 | Version: | 57 |
| Platform(s): | Oracle Linux 5 | Product(s): | thunderbird |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2011-08-09 | Name : CentOS Update for thunderbird CESA-2010:0545 centos5 i386 File : nvt/gb_CESA-2010_0545_thunderbird_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for firefox CESA-2010:0547 centos5 i386 File : nvt/gb_CESA-2010_0547_firefox_centos5_i386.nasl |
| 2010-11-17 | Name : Debian Security Advisory DSA 2124-1 (xulrunner) File : nvt/deb_2124_1.nasl |
| 2010-09-07 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2010:169 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2010_169.nasl |
| 2010-08-21 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox49.nasl |
| 2010-08-21 | Name : Debian Security Advisory DSA 2075-1 (xulrunner) File : nvt/deb_2075_1.nasl |
| 2010-08-20 | Name : CentOS Update for seamonkey CESA-2010:0546 centos3 i386 File : nvt/gb_CESA-2010_0546_seamonkey_centos3_i386.nasl |
| 2010-08-06 | Name : SuSE Update for MozillaFirefox,MozillaThunderbird,seamonkey SUSE-SA:2010:032 File : nvt/gb_suse_2010_032.nasl |
| 2010-07-30 | Name : Ubuntu Update for thunderbird vulnerabilities USN-958-1 File : nvt/gb_ubuntu_USN_958_1.nasl |
| 2010-07-30 | Name : Ubuntu Update for Firefox and Xulrunner vulnerability USN-957-2 File : nvt/gb_ubuntu_USN_957_2.nasl |
| 2010-07-30 | Name : Ubuntu Update for Firefox and Xulrunner vulnerability USN-930-6 File : nvt/gb_ubuntu_USN_930_6.nasl |
| 2010-07-26 | Name : Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-957-1 File : nvt/gb_ubuntu_USN_957_1.nasl |
| 2010-07-26 | Name : Ubuntu Update USN-930-5 File : nvt/gb_ubuntu_USN_930_5.nasl |
| 2010-07-26 | Name : Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-930-4 File : nvt/gb_ubuntu_USN_930_4.nasl |
| 2010-07-26 | Name : Mozilla Products Multiple Vulnerabilities jul-10 (Windows) File : nvt/gb_mozilla_prdts_mult_vuln_win_jul10.nasl |
| 2010-07-23 | Name : Fedora Update for mozvoikko FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_mozvoikko_fc12.nasl |
| 2010-07-23 | Name : RedHat Update for thunderbird RHSA-2010:0544-01 File : nvt/gb_RHSA-2010_0544-01_thunderbird.nasl |
| 2010-07-23 | Name : RedHat Update for seamonkey RHSA-2010:0546-01 File : nvt/gb_RHSA-2010_0546-01_seamonkey.nasl |
| 2010-07-23 | Name : RedHat Update for firefox RHSA-2010:0547-01 File : nvt/gb_RHSA-2010_0547-01_firefox.nasl |
| 2010-07-23 | Name : Fedora Update for seamonkey FEDORA-2010-11327 File : nvt/gb_fedora_2010_11327_seamonkey_fc13.nasl |
| 2010-07-23 | Name : Fedora Update for firefox FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_firefox_fc13.nasl |
| 2010-07-23 | Name : Fedora Update for thunderbird FEDORA-2010-11379 File : nvt/gb_fedora_2010_11379_thunderbird_fc13.nasl |
| 2010-07-23 | Name : Fedora Update for sunbird FEDORA-2010-11379 File : nvt/gb_fedora_2010_11379_sunbird_fc13.nasl |
| 2010-07-23 | Name : Fedora Update for xulrunner FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_xulrunner_fc12.nasl |
| 2010-07-23 | Name : Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_perl-Gtk2-MozEmbed_fc12.nasl |
| 2010-07-23 | Name : Fedora Update for galeon FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_galeon_fc13.nasl |
| 2010-07-23 | Name : Fedora Update for gnome-web-photo FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_gnome-web-photo_fc12.nasl |
| 2010-07-23 | Name : Fedora Update for gnome-python2-extras FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_gnome-python2-extras_fc12.nasl |
| 2010-07-23 | Name : Fedora Update for galeon FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_galeon_fc12.nasl |
| 2010-07-23 | Name : Fedora Update for firefox FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_firefox_fc12.nasl |
| 2010-07-23 | Name : Fedora Update for seamonkey FEDORA-2010-11363 File : nvt/gb_fedora_2010_11363_seamonkey_fc12.nasl |
| 2010-07-23 | Name : Fedora Update for thunderbird FEDORA-2010-11361 File : nvt/gb_fedora_2010_11361_thunderbird_fc12.nasl |
| 2010-07-23 | Name : Fedora Update for sunbird FEDORA-2010-11361 File : nvt/gb_fedora_2010_11361_sunbird_fc12.nasl |
| 2010-07-23 | Name : Fedora Update for xulrunner FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_xulrunner_fc13.nasl |
| 2010-07-23 | Name : Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_perl-Gtk2-MozEmbed_fc13.nasl |
| 2010-07-23 | Name : Fedora Update for mozvoikko FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_mozvoikko_fc13.nasl |
| 2010-07-23 | Name : Fedora Update for gnome-web-photo FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_gnome-web-photo_fc13.nasl |
| 2010-07-23 | Name : Fedora Update for gnome-python2-extras FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_gnome-python2-extras_fc13.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 66595 | Mozilla Multiple Products Script Error Cross-origin Data Leakage |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_seamonkey-100721.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_mozilla-xulrunner191-100722.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaThunderbird-100721.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaFirefox-100727.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0547.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0546.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0544.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0545.nasl - Type : ACT_GATHER_INFO |
| 2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100720_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20100720_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20100720_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100720_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-100722.nasl - Type : ACT_GATHER_INFO |
| 2010-11-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2124.nasl - Type : ACT_GATHER_INFO |
| 2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-7101.nasl - Type : ACT_GATHER_INFO |
| 2010-09-03 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-169.nasl - Type : ACT_GATHER_INFO |
| 2010-08-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0546.nasl - Type : ACT_GATHER_INFO |
| 2010-08-09 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0544.nasl - Type : ACT_GATHER_INFO |
| 2010-07-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-100722.nasl - Type : ACT_GATHER_INFO |
| 2010-07-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaFirefox-100722.nasl - Type : ACT_GATHER_INFO |
| 2010-07-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2075.nasl - Type : ACT_GATHER_INFO |
| 2010-07-28 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0544.nasl - Type : ACT_GATHER_INFO |
| 2010-07-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaThunderbird-100721.nasl - Type : ACT_GATHER_INFO |
| 2010-07-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0547.nasl - Type : ACT_GATHER_INFO |
| 2010-07-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0546.nasl - Type : ACT_GATHER_INFO |
| 2010-07-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-930-6.nasl - Type : ACT_GATHER_INFO |
| 2010-07-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-957-2.nasl - Type : ACT_GATHER_INFO |
| 2010-07-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-958-1.nasl - Type : ACT_GATHER_INFO |
| 2010-07-27 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_seamonkey-100721.nasl - Type : ACT_GATHER_INFO |
| 2010-07-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-930-4.nasl - Type : ACT_GATHER_INFO |
| 2010-07-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-930-5.nasl - Type : ACT_GATHER_INFO |
| 2010-07-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-957-1.nasl - Type : ACT_GATHER_INFO |
| 2010-07-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0545.nasl - Type : ACT_GATHER_INFO |
| 2010-07-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0547.nasl - Type : ACT_GATHER_INFO |
| 2010-07-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-11361.nasl - Type : ACT_GATHER_INFO |
| 2010-07-23 | Name : The remote Fedora host is missing a security update. File : fedora_2010-11327.nasl - Type : ACT_GATHER_INFO |
| 2010-07-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-11345.nasl - Type : ACT_GATHER_INFO |
| 2010-07-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-11379.nasl - Type : ACT_GATHER_INFO |
| 2010-07-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-11375.nasl - Type : ACT_GATHER_INFO |
| 2010-07-23 | Name : The remote Fedora host is missing a security update. File : fedora_2010-11363.nasl - Type : ACT_GATHER_INFO |
| 2010-07-22 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_367.nasl - Type : ACT_GATHER_INFO |
| 2010-07-22 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_3511.nasl - Type : ACT_GATHER_INFO |
| 2010-07-22 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_8c2ea875949911df8e32000f20797ede.nasl - Type : ACT_GATHER_INFO |
| 2010-07-21 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_206.nasl - Type : ACT_GATHER_INFO |
| 2010-07-21 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_311.nasl - Type : ACT_GATHER_INFO |
| 2010-07-21 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_306.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:07:58 |
|
| 2024-11-28 12:22:27 |
|
| 2024-08-02 12:14:04 |
|
| 2024-08-02 01:03:48 |
|
| 2024-02-02 01:13:40 |
|
| 2024-02-01 12:03:44 |
|
| 2023-09-05 12:12:43 |
|
| 2023-09-05 01:03:35 |
|
| 2023-09-02 12:12:46 |
|
| 2023-09-02 01:03:38 |
|
| 2023-08-12 12:15:11 |
|
| 2023-08-12 01:03:37 |
|
| 2023-08-11 12:12:49 |
|
| 2023-08-11 01:03:45 |
|
| 2023-08-06 12:12:20 |
|
| 2023-08-06 01:03:39 |
|
| 2023-08-04 12:12:25 |
|
| 2023-08-04 01:03:40 |
|
| 2023-07-14 12:12:21 |
|
| 2023-07-14 01:03:38 |
|
| 2023-03-29 01:14:08 |
|
| 2023-03-28 12:03:44 |
|
| 2022-10-11 12:11:02 |
|
| 2022-10-11 01:03:25 |
|
| 2021-05-04 12:12:09 |
|
| 2021-04-22 01:12:24 |
|
| 2020-05-23 01:42:22 |
|
| 2020-05-23 00:26:08 |
|
| 2019-06-25 12:03:06 |
|
| 2017-11-21 12:02:37 |
|
| 2017-09-19 09:23:52 |
|
| 2016-06-28 18:16:22 |
|
| 2016-04-26 19:58:19 |
|
| 2014-06-14 13:28:59 |
|
| 2014-02-17 10:56:31 |
|
| 2013-05-10 23:29:07 |
|
