6.9 - CVE-2010-3182

Executive Summary

Informations
Name	CVE-2010-3182	First vendor Publication	2010-10-21
Vendor	Cve	Last vendor Modification	2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	6.9	Attack Range	Local
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	3.4	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3182

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:13392

Oval ID:	oval:org.mitre.oval:def:13392
Title:	USN-997-1 -- firefox, firefox-3.0, firefox-3.5, xulrunner-1.9.1, xulrunner-1.9.2 vulnerabilities
Description:	Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov, Josh Soref, Gary Kwong, Martijn Wargers, Siddharth Agarwal and Michal Zalewski discovered various flaws in the browser engine. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. Alexander Miller, Sergey Glazunov, and others discovered several flaws in the JavaScript engine. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. Robert Swiecki discovered that Firefox did not properly validate Gopher URLs. If a user were tricked into opening a crafted file via Gopher, an attacker could possibly run arbitrary JavaScript. Eduardo Vela Nava discovered that Firefox could be made to violate the same-origin policy by using modal calls with JavaScript. An attacker could exploit this to steal information from another site. Dmitri GribenkoDmitri Gribenko discovered that Firefox did not properly setup the LD_LIBRARY_PATH environment variable. A local attacker could exploit this to execute arbitrary code as the user invoking the program
Family:	unix	Class:	patch
Reference(s):	USN-997-1 CVE-2010-3175 CVE-2010-3176 CVE-2010-3179 CVE-2010-3180 CVE-2010-3183 CVE-2010-3177 CVE-2010-3178 CVE-2010-3182	Version:	5
Platform(s):	Ubuntu 8.04 Ubuntu 10.10 Ubuntu 10.04 Ubuntu 9.04 Ubuntu 9.10	Product(s):	firefox firefox-3.0 firefox-3.5 xulrunner-1.9.1 xulrunner-1.9.2
Definition Synopsis:
Release section Ubuntu 8.04 is installed AND Architecture section Architecture independet section Installed architecture is all AND Packages section firefox-3.0 DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 AND firefox-trunk DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 AND firefox-granparadiso-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 AND firefox-3.0-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 AND firefox-granparadiso DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 AND firefox-trunk-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 AND firefox-3.0-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 AND firefox-granparadiso-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 AND abrowser DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 AND firefox-libthai DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 AND firefox-trunk-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 OR Architecture depended section Supported architectures section Installed architecture is powerpc AND Installed architecture is amd64 AND Installed architecture is lpia AND Installed architecture is i386 AND Packages section firefox-gnome-support-dbg DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 AND firefox-dbg DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 AND firefox DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 AND firefox-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 AND xulrunner-1.9.2-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.8.04.1 AND firefox-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 AND xulrunner-1.9.2-testsuite-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.8.04.1 AND abrowser-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 AND xulrunner-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.8.04.1 AND xulrunner-1.9.2-testsuite DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.8.04.1 AND xulrunner-1.9.2 DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.8.04.1 AND xulrunner-1.9.2-gnome-support DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.8.04.1 AND xulrunner-1.9.2-dbg DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.8.04.1 AND firefox-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.8.04.1 OR Release section Ubuntu 10.10 is installed AND Architecture section Architecture independet section Installed architecture is all AND abrowser DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.10.1 OR Architecture depended section Supported architectures section Installed architecture is powerpc AND Installed architecture is amd64 AND Installed architecture is i386 AND Packages section firefox-gnome-support-dbg DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.10.1 AND firefox-dbg DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.10.1 AND firefox DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.10.1 AND firefox-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.10.1 AND xulrunner-1.9.2-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.10.10.1 AND xulrunner-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.10.10.1 AND xulrunner-1.9.2-testsuite-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.10.10.1 AND abrowser-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.10.1 AND xulrunner-1.9.2-testsuite DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.10.10.1 AND xulrunner-1.9.2 DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.10.10.1 AND xulrunner-1.9.2-gnome-support DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.10.10.1 AND xulrunner-1.9.2-dbg DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.10.10.1 AND firefox-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.10.1 OR Architecture depended section Supported architectures section Installed architecture is i386 AND Installed architecture is amd64 AND firefox-mozsymbols DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.10.1 OR Release section Ubuntu 10.04 is installed AND Architecture section Architecture independet section Installed architecture is all AND Packages section firefox-3.5-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox-3.0 DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND abrowser-3.5-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox-2-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox-2-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox-2-libthai DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox-2 DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND xulrunner-1.9 DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox-3.5 DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND abrowser-3.5 DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox-3.5-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox-3.0-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox-3.5-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox-3.5-dbg DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox-2-dbg DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND abrowser DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox-3.0-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox-2-dom-inspector DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 OR Architecture depended section Supported architectures section Installed architecture is sparc AND Installed architecture is powerpc AND Installed architecture is amd64 AND Installed architecture is i386 AND Packages section firefox-gnome-support-dbg DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox-dbg DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND xulrunner-1.9.2-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND xulrunner-1.9.2-testsuite-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.10.04.1 AND abrowser-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 AND xulrunner-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.10.04.1 AND xulrunner-1.9.2-testsuite DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.10.04.1 AND xulrunner-1.9.2 DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.10.04.1 AND xulrunner-1.9.2-gnome-support DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.10.04.1 AND xulrunner-1.9.2-dbg DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.10.04.1 AND firefox-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 OR Architecture depended section Supported architectures section Installed architecture is i386 AND Installed architecture is amd64 AND firefox-mozsymbols DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.10.04.1 OR Release section Ubuntu 9.04 is installed AND Architecture section Architecture independet section Installed architecture is all AND Packages section firefox-3.0 DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-granparadiso DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-granparadiso-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-3.0-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-2-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-2-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-2-libthai DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-2 DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-trunk-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-3.0-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-granparadiso-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND abrowser-3.0-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-2-dbg DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-trunk DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND abrowser DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-3.0-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-trunk-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-2-dom-inspector DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-libthai DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 OR Architecture depended section Supported architectures section Installed architecture is amd64 AND Installed architecture is i386 AND Installed architecture is powerpc AND Installed architecture is lpia AND Packages section firefox-gnome-support-dbg DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-dbg DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND xulrunner-1.9.2-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND xulrunner-1.9.2-testsuite-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.04.1 AND abrowser-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 AND xulrunner-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.04.1 AND xulrunner-1.9.2-testsuite DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.04.1 AND xulrunner-1.9.2 DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.04.1 AND xulrunner-1.9.2-gnome-support DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.04.1 AND xulrunner-1.9.2-dbg DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.04.1 AND firefox-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.04.1 OR Architecture depended section Installed architecture is sparc AND Packages section xulrunner-1.9.2-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.04.1 AND xulrunner-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.04.1 AND xulrunner-1.9.2-testsuite-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.04.1 AND xulrunner-1.9.2-gnome-support DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.04.1 AND xulrunner-1.9.2-testsuite DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.04.1 AND xulrunner-1.9.2 DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.04.1 AND xulrunner-1.9.2-dbg DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.04.1 OR Release section Ubuntu 9.10 is installed AND Architecture section Architecture independet section Installed architecture is all AND Packages section firefox-3.1-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-3.0-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-2-dbg DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-3.0-dom-inspector DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-2-libthai DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9 DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-3.5-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-3.1 DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-3.5-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-3.5-dbg DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-2 DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND abrowser DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND abrowser-3.5-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-2-dom-inspector DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-dom-inspector DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-3.5-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-3.0 DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-3.0-venkman DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-3.1-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-3.1-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-3.5 DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-2-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND abrowser-3.5 DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-3.1-dbg DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-3.0-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND abrowser-3.1 DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND abrowser-3.0 DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND abrowser-3.0-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-2-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-3.0-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND abrowser-3.1-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 OR Architecture depended section Supported architectures section Installed architecture is amd64 AND Installed architecture is i386 AND Installed architecture is powerpc AND Installed architecture is lpia AND Packages section firefox-gnome-support-dbg DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-dbg DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.2-gnome-support DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.2-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.10.1 AND firefox-dev DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.1-dbg DPKG is earlier than 1.9.1.14+build4+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.2-dbg DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.2-testsuite-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.1-testsuite-dev DPKG is earlier than 1.9.1.14+build4+nobinonly-0ubuntu0.9.10.1 AND abrowser-branding DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.2-testsuite DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.2 DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.1-gnome-support DPKG is earlier than 1.9.1.14+build4+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.1 DPKG is earlier than 1.9.1.14+build4+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.1-dev DPKG is earlier than 1.9.1.14+build4+nobinonly-0ubuntu0.9.10.1 AND firefox-gnome-support DPKG is earlier than 3.6.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.1-testsuite DPKG is earlier than 1.9.1.14+build4+nobinonly-0ubuntu0.9.10.1 OR Architecture depended section Installed architecture is sparc AND Packages section xulrunner-1.9.1-dbg DPKG is earlier than 1.9.1.14+build4+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.1-testsuite DPKG is earlier than 1.9.1.14+build4+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.2-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.2-testsuite-dev DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.1-testsuite-dev DPKG is earlier than 1.9.1.14+build4+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.1 DPKG is earlier than 1.9.1.14+build4+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.2-testsuite DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.2 DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.2-gnome-support DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.1-dev DPKG is earlier than 1.9.1.14+build4+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.2-dbg DPKG is earlier than 1.9.2.11+build3+nobinonly-0ubuntu0.9.10.1 AND xulrunner-1.9.1-gnome-support DPKG is earlier than 1.9.1.14+build4+nobinonly-0ubuntu0.9.10.1

Definition Id: oval:org.mitre.oval:def:13508

Oval ID:	oval:org.mitre.oval:def:13508
Title:	USN-998-1 -- thunderbird vulnerabilities
Description:	Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov, Josh Soref, Gary Kwong, Martijn Wargers, Siddharth Agarwal and Michal Zalewski discovered various flaws in the browser engine. An attacker could exploit this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. Alexander Miller, Sergey Glazunov, and others discovered several flaws in the JavaScript engine. If JavaScript were enabled, an attacker could exploit this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. Eduardo Vela Nava discovered that Thunderbird could be made to violate the same-origin policy by using modal calls with JavaScript. If JavaScript were enabled, an attacker could exploit this to steal information from another site. Dmitri GribenkoDmitri Gribenko discovered that Thunderbird did not properly setup the LD_LIBRARY_PATH environment variable. A local attacker could exploit this to execute arbitrary code as the user invoking the program
Family:	unix	Class:	patch
Reference(s):	USN-998-1 CVE-2010-3175 CVE-2010-3176 CVE-2010-3179 CVE-2010-3180 CVE-2010-3183 CVE-2010-3178 CVE-2010-3182	Version:	5
Platform(s):	Ubuntu 10.10 Ubuntu 10.04	Product(s):	thunderbird
Definition Synopsis:
Release section Ubuntu 10.10 is installed AND Supported architectures section Installed architecture is i386 AND Installed architecture is amd64 AND Installed architecture is powerpc AND Packages section thunderbird-gnome-support-dbg DPKG is earlier than 3.1.5+build1+nobinonly-0ubuntu0.10.10.1 AND thunderbird-dbg DPKG is earlier than 3.1.5+build1+nobinonly-0ubuntu0.10.10.1 AND thunderbird DPKG is earlier than 3.1.5+build1+nobinonly-0ubuntu0.10.10.1 AND thunderbird-dev DPKG is earlier than 3.1.5+build1+nobinonly-0ubuntu0.10.10.1 AND thunderbird-gnome-support DPKG is earlier than 3.1.5+build1+nobinonly-0ubuntu0.10.10.1 OR Release section Ubuntu 10.04 is installed AND Supported architectures section Installed architecture is sparc AND Installed architecture is i386 AND Installed architecture is amd64 AND Installed architecture is powerpc AND Packages section thunderbird-gnome-support-dbg DPKG is earlier than 3.0.9+build1+nobinonly-0ubuntu0.10.04.1 AND thunderbird-dbg DPKG is earlier than 3.0.9+build1+nobinonly-0ubuntu0.10.04.1 AND thunderbird DPKG is earlier than 3.0.9+build1+nobinonly-0ubuntu0.10.04.1 AND thunderbird-dev DPKG is earlier than 3.0.9+build1+nobinonly-0ubuntu0.10.04.1 AND thunderbird-gnome-support DPKG is earlier than 3.0.9+build1+nobinonly-0ubuntu0.10.04.1

Definition Id: oval:org.mitre.oval:def:13844

Oval ID:	oval:org.mitre.oval:def:13844
Title:	DEPRECATED: A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Description:	A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-3182	Version:	14
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey
Definition Synopsis:
Determine if the version of Mozilla Firefox is less than or equal to 1.5 and is greater than or equal to 1.0 Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is less than or equal to 1.5 AND Check for vulnerable version Mozilla Firefox Mainline version is greater than or equal to 1.0 OR Determine if the version of Mozilla Thunderbird is less than or equal to 1.5.2 and is greater than or equal to 1.0 Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 1.5.2 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 1.0 OR Determine if the version of Mozilla Firefox is less than or equal to 3.6.10 and is greater than or equal to 3.0 Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is less than or equal to 3.6.10 AND Mozilla Firefox Mainline version is greater than or equal to 3.0 OR Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 and is greater than or equal to 1.0 Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 1.0 OR Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 and is greater than or equal to 1.0 Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 1.0 OR Determine if the version of Mozilla Thunderbird is less than or equal to 0.9 and is greater than or equal to 0.1 Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 0.9 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 OR Determine if the version of Mozilla Thunderbird is less than or equal to 2.0.0.23 and is greater than or equal to 2.0.0.0 Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 2.0.0.23 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 2.0.0.0 OR Determine if the version of Mozilla Thunderbird is less than or equal to 3.1.4 and is greater than or equal to 3.0 Mozilla Thunderbird Mainline release is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 3.1.4 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 3.0 OR Determine if the version of Mozilla Firefox is less than or equal to 2.0.0.20 and is greater than or equal to 2.0.0.1 Mozilla Firefox Mainline release is installed AND Check for vulnerable version Mozilla Firefox Mainline version is less than or equal to 2.0.0.20 AND Check for vulnerable version Mozilla Firefox Mainline version is greater than or equal to 2.0.0.1 OR Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.8 and is greater than or equal to 2.0.1 Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.8 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0.1 OR Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.8 and is greater than or equal to 2.0.1 Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.8 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0.1

Definition Id: oval:org.mitre.oval:def:22324

Oval ID:	oval:org.mitre.oval:def:22324
Title:	RHSA-2010:0780: thunderbird security update (Moderate)
Description:	A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Family:	unix	Class:	patch
Reference(s):	RHSA-2010:0780-01 CESA-2010:0780 CVE-2010-3176 CVE-2010-3180 CVE-2010-3182	Version:	42
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	thunderbird
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x AND thunderbird is earlier than 0:2.0.0.24-9.el5

Definition Id: oval:org.mitre.oval:def:23160

Oval ID:	oval:org.mitre.oval:def:23160
Title:	ELSA-2010:0780: thunderbird security update (Moderate)
Description:	A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Family:	unix	Class:	patch
Reference(s):	ELSA-2010:0780-01 CVE-2010-3176 CVE-2010-3180 CVE-2010-3182	Version:	17
Platform(s):	Oracle Linux 5	Product(s):	thunderbird
Definition Synopsis:
Oracle Linux 5.x AND thunderbird is earlier than 0:2.0.0.24-9.el5

CPE : Common Platform Enumeration

Type	Description	Count
Application	Mozilla Firefox cpe:2.3:a:mozilla:firefox:3.6.9:::::::* cpe:2.3:a:mozilla:firefox:3.6.8:::::::* cpe:2.3:a:mozilla:firefox:3.6.7:::::::* cpe:2.3:a:mozilla:firefox:3.6.6:::::::* cpe:2.3:a:mozilla:firefox:3.6.4:::::::* cpe:2.3:a:mozilla:firefox:3.6.3:::::::* cpe:2.3:a:mozilla:firefox:3.6.2:::::::* cpe:2.3:a:mozilla:firefox:3.6.10:::::::* cpe:2.3:a:mozilla:firefox:3.6:::::::* cpe:2.3:a:mozilla:firefox:3.5.9:::::::* cpe:2.3:a:mozilla:firefox:3.5.8:::::::* cpe:2.3:a:mozilla:firefox:3.5.7:::::::* cpe:2.3:a:mozilla:firefox:3.5.6:::::::* cpe:2.3:a:mozilla:firefox:3.5.5:::::::* cpe:2.3:a:mozilla:firefox:3.5.4:::::::* cpe:2.3:a:mozilla:firefox:3.5.3:::::::* cpe:2.3:a:mozilla:firefox:3.5.2:::::::* cpe:2.3:a:mozilla:firefox:3.5.2:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.5.2::linux::::: cpe:2.3:a:mozilla:firefox:3.5.2::~~~linux~~::::: cpe:2.3:a:mozilla:firefox:3.5.2:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.5.13:::::::* cpe:2.3:a:mozilla:firefox:3.5.12:::::::* cpe:2.3:a:mozilla:firefox:3.5.11:::::::* cpe:2.3:a:mozilla:firefox:3.5.10:::::::* cpe:2.3:a:mozilla:firefox:3.5.1:::::::* cpe:2.3:a:mozilla:firefox:3.5.1:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.5.1:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.5:::::::* cpe:2.3:a:mozilla:firefox:3.5:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.5:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.2:beta2:::::: cpe:2.3:a:mozilla:firefox:3.2:beta3:::::: cpe:2.3:a:mozilla:firefox:3.2:beta1:::::: cpe:2.3:a:mozilla:firefox:3.1:beta1:::::: cpe:2.3:a:mozilla:firefox:3.0beta5:::::::* cpe:2.3:a:mozilla:firefox:3.0.9:::::::* cpe:2.3:a:mozilla:firefox:3.0.9:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.9:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.8:::::::* cpe:2.3:a:mozilla:firefox:3.0.8:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.8:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.7:::::::* cpe:2.3:a:mozilla:firefox:3.0.7:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.7:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.6:::::::* cpe:2.3:a:mozilla:firefox:3.0.6:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.6:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.5:::::::* cpe:2.3:a:mozilla:firefox:3.0.5:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.5:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.4:::::::* cpe:2.3:a:mozilla:firefox:3.0.4:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.4:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.3:::::::* cpe:2.3:a:mozilla:firefox:3.0.3:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.3:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.2:::::::* cpe:2.3:a:mozilla:firefox:3.0.2:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.2:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.19:::::::* cpe:2.3:a:mozilla:firefox:3.0.18:::::::* cpe:2.3:a:mozilla:firefox:3.0.17:::::::* cpe:2.3:a:mozilla:firefox:3.0.16:::::::* cpe:2.3:a:mozilla:firefox:3.0.15:::::::* cpe:2.3:a:mozilla:firefox:3.0.14:::::::* cpe:2.3:a:mozilla:firefox:3.0.13:::::::* cpe:2.3:a:mozilla:firefox:3.0.13:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.13:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.12:::::::* cpe:2.3:a:mozilla:firefox:3.0.12:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.12:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.11:::::::* cpe:2.3:a:mozilla:firefox:3.0.11:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.11:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.10:::::::* cpe:2.3:a:mozilla:firefox:3.0.10:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.10:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0.1:::::::* cpe:2.3:a:mozilla:firefox:3.0.1:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0.1:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:3.0:-:::::: cpe:2.3:a:mozilla:firefox:3.0:alpha:::::: cpe:2.3:a:mozilla:firefox:3.0:beta5:::::: cpe:2.3:a:mozilla:firefox:3.0:beta2:::::: cpe:2.3:a:mozilla:firefox:3.0:-:linux:::::* cpe:2.3:a:mozilla:firefox:3.0:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.9:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.9:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.9:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.8:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.8:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.8:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.7:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.7:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.7:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.6:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.6:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.6:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.5:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.5:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.5:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.4:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.4:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.4:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.3:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.3:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.3:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.21:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.20:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.20:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.20:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.2:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.2:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.2:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.19:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.19:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.19:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.18:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.18:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.18:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.17:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.17:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.17:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.16:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.16:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.16:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.15:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.15:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.15:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.14:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.14:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.14:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.13:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.13:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.13:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.12:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.12:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.12:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.11:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.11:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.11:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.10:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.10:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.10:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0.0.1:::::::* cpe:2.3:a:mozilla:firefox:2.0.0.1:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0.0.1:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:2.0_8:::::::* cpe:2.3:a:mozilla:firefox:2.0_.9:::::::* cpe:2.3:a:mozilla:firefox:2.0_.7:::::::* cpe:2.3:a:mozilla:firefox:2.0_.6:::::::* cpe:2.3:a:mozilla:firefox:2.0_.5:::::::* cpe:2.3:a:mozilla:firefox:2.0_.4:::::::* cpe:2.3:a:mozilla:firefox:2.0_.10:::::::* cpe:2.3:a:mozilla:firefox:2.0_.1:::::::* cpe:2.3:a:mozilla:firefox:2.0:::::::* cpe:2.3:a:mozilla:firefox:2.0:beta1:::::: cpe:2.3:a:mozilla:firefox:2.0:beta_1:::::: cpe:2.3:a:mozilla:firefox:2.0:rc3:::::: cpe:2.3:a:mozilla:firefox:2.0:rc2:::::: cpe:2.3:a:mozilla:firefox:2.0:-:linux:::::* cpe:2.3:a:mozilla:firefox:2.0:-:~~~linux~~:::::* cpe:2.3:a:mozilla:firefox:1.8:::::::* cpe:2.3:a:mozilla:firefox:1.5.8:::::::* cpe:2.3:a:mozilla:firefox:1.5.7:::::::* cpe:2.3:a:mozilla:firefox:1.5.6:::::::* cpe:2.3:a:mozilla:firefox:1.5.5:::::::* cpe:2.3:a:mozilla:firefox:1.5.4:::::::* cpe:2.3:a:mozilla:firefox:1.5.3:::::::* cpe:2.3:a:mozilla:firefox:1.5.2:::::::* cpe:2.3:a:mozilla:firefox:1.5.1:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.9:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.8:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.7:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.6:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.5:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.4:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.3:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.2:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.12:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.11:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.10:::::::* cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::* cpe:2.3:a:mozilla:firefox:1.5:-:::::: cpe:2.3:a:mozilla:firefox:1.5:beta2:::::: cpe:2.3:a:mozilla:firefox:1.5:beta1:::::: cpe:2.3:a:mozilla:firefox:1.4.1:::::::* cpe:2.3:a:mozilla:firefox:1.0.8:::::::* cpe:2.3:a:mozilla:firefox:1.0.7:::::::* cpe:2.3:a:mozilla:firefox:1.0.6:::::::* cpe:2.3:a:mozilla:firefox:1.0.6::linux::::: cpe:2.3:a:mozilla:firefox:1.0.5:::::::* cpe:2.3:a:mozilla:firefox:1.0.4:::::::* cpe:2.3:a:mozilla:firefox:1.0.3:::::::* cpe:2.3:a:mozilla:firefox:1.0.2:::::::* cpe:2.3:a:mozilla:firefox:1.0.1:::::::* cpe:2.3:a:mozilla:firefox:1.0:preview_release:::::: cpe:2.3:a:mozilla:firefox:1.0:-:::::: cpe:2.3:a:mozilla:firefox:0.9.3:::::::* cpe:2.3:a:mozilla:firefox:0.9.2:::::::* cpe:2.3:a:mozilla:firefox:0.9.1:::::::* cpe:2.3:a:mozilla:firefox:0.9_rc:::::::* cpe:2.3:a:mozilla:firefox:0.9:rc:::::: cpe:2.3:a:mozilla:firefox:0.9:::::::* cpe:2.3:a:mozilla:firefox:0.8:::::::* cpe:2.3:a:mozilla:firefox:0.7.1:::::::* cpe:2.3:a:mozilla:firefox:0.7:::::::* cpe:2.3:a:mozilla:firefox:0.6.1:::::::* cpe:2.3:a:mozilla:firefox:0.6:::::::* cpe:2.3:a:mozilla:firefox:0.5:::::::* cpe:2.3:a:mozilla:firefox:0.4:::::::* cpe:2.3:a:mozilla:firefox:0.3:::::::* cpe:2.3:a:mozilla:firefox:0.2:::::::* cpe:2.3:a:mozilla:firefox:0.10.1:::::::* cpe:2.3:a:mozilla:firefox:0.10:::::::* cpe:2.3:a:mozilla:firefox:0.1:::::::* cpe:2.3:a:mozilla:firefox:::::::: cpe:2.3:a:mozilla:firefox:::::::x86:* cpe:2.3:a:mozilla:firefox::::::x86::* cpe:2.3:a:mozilla:firefox::::::iphone_os::* cpe:2.3:a:mozilla:firefox::::::-::* cpe:2.3:a:mozilla:firefox::::::android::* cpe:2.3:a:mozilla:firefox:::::android:::* cpe:2.3:a:mozilla:firefox:::::esr:::* cpe:2.3:a:mozilla:firefox:::::-:::* cpe:2.3:a:mozilla:firefox:-:::::::* cpe:2.3:a:mozilla:firefox:-::::esr::: cpe:2.3:a:mozilla:firefox:-:::::iphone_os::	229
Application	Mozilla Seamonkey cpe:2.3:a:mozilla:seamonkey:2.0a1pre:::::::* cpe:2.3:a:mozilla:seamonkey:2.0a1::pre::::: cpe:2.3:a:mozilla:seamonkey:2.0.8:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.7:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.6:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.5:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.4:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.3:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.2:::::::* cpe:2.3:a:mozilla:seamonkey:2.0.1:::::::* cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:::::: cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:::::: cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:::::: cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:::::: cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:::::: cpe:2.3:a:mozilla:seamonkey:2.0:rc2:::::: cpe:2.3:a:mozilla:seamonkey:2.0:rc1:::::: cpe:2.3:a:mozilla:seamonkey:2.0:::::::* cpe:2.3:a:mozilla:seamonkey:2.:beta3:::::: cpe:2.3:a:mozilla:seamonkey:1.5.0.9:::::::* cpe:2.3:a:mozilla:seamonkey:1.5.0.8:::::::* cpe:2.3:a:mozilla:seamonkey:1.5.0.10:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.9:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.8:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.7:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.6:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.5:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.5:1.1.10:::::: cpe:2.3:a:mozilla:seamonkey:1.1.4:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.3:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.2:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.19:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.18:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.17:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.16:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.15:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.14:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.13:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.12:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.11:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.10:::::::* cpe:2.3:a:mozilla:seamonkey:1.1.1:::::::* cpe:2.3:a:mozilla:seamonkey:1.1:beta:::::: cpe:2.3:a:mozilla:seamonkey:1.1:alpha:::::: cpe:2.3:a:mozilla:seamonkey:1.1:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.99:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.9:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.8:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.7:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.6:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.5:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.4:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.3:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.2:::::::* cpe:2.3:a:mozilla:seamonkey:1.0.1:::::::* cpe:2.3:a:mozilla:seamonkey:1.0:alpha:::::: cpe:2.3:a:mozilla:seamonkey:1.0:beta:::::: cpe:2.3:a:mozilla:seamonkey:1.0:::::::* cpe:2.3:a:mozilla:seamonkey:1.0::dev::::: cpe:2.3:a:mozilla:seamonkey:1.0::alpha::::: cpe:2.3:a:mozilla:seamonkey:1.0::beta::::: cpe:2.3:a:mozilla:seamonkey:::::::: cpe:2.3:a:mozilla:seamonkey:-:::::::*	63
Application	Mozilla Thunderbird cpe:2.3:a:mozilla:thunderbird:3.1.4:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.3:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.2:::::::* cpe:2.3:a:mozilla:thunderbird:3.1.1:::::::* cpe:2.3:a:mozilla:thunderbird:3.1:-:::::: cpe:2.3:a:mozilla:thunderbird:3.0.8:::::::* cpe:2.3:a:mozilla:thunderbird:3.0.7:::::::* cpe:2.3:a:mozilla:thunderbird:3.0.6:::::::* cpe:2.3:a:mozilla:thunderbird:3.0.5:::::::* cpe:2.3:a:mozilla:thunderbird:3.0.4:::::::* cpe:2.3:a:mozilla:thunderbird:3.0.3:::::::* cpe:2.3:a:mozilla:thunderbird:3.0.2:::::::* cpe:2.3:a:mozilla:thunderbird:3.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:3.0:alpha1:::::: cpe:2.3:a:mozilla:thunderbird:3.0:alpha2:::::: cpe:2.3:a:mozilla:thunderbird:3.0:alpha3:::::: cpe:2.3:a:mozilla:thunderbird:3.0:beta1:::::: cpe:2.3:a:mozilla:thunderbird:3.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:3.0:beta3:::::: cpe:2.3:a:mozilla:thunderbird:3.0:beta4:::::: cpe:2.3:a:mozilla:thunderbird:3.0:rc1:::::: cpe:2.3:a:mozilla:thunderbird:3.0:rc2:::::: cpe:2.3:a:mozilla:thunderbird:3.0:-:::::: cpe:2.3:a:mozilla:thunderbird:2.0.0.9:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.8:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.7:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.6:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.5:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.4:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.3:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.24:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.23:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.22:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.21:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.20:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.2:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.19:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.18:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.17:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.16:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.15:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.14:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.13:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.12:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.11:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.0:::::::* cpe:2.3:a:mozilla:thunderbird:2.0.0.0:rc1:::::: cpe:2.3:a:mozilla:thunderbird:2.0_8:::::::* cpe:2.3:a:mozilla:thunderbird:2.0_.9:::::::* cpe:2.3:a:mozilla:thunderbird:2.0_.6:::::::* cpe:2.3:a:mozilla:thunderbird:2.0_.5:::::::* cpe:2.3:a:mozilla:thunderbird:2.0_.4:::::::* cpe:2.3:a:mozilla:thunderbird:2.0_.14:::::::* cpe:2.3:a:mozilla:thunderbird:2.0_.13:::::::* cpe:2.3:a:mozilla:thunderbird:2.0_.12:::::::* cpe:2.3:a:mozilla:thunderbird:2.0:alpha1:::::: cpe:2.3:a:mozilla:thunderbird:2.0:beta1:::::: cpe:2.3:a:mozilla:thunderbird:2.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:2.0:-:::::: cpe:2.3:a:mozilla:thunderbird:1.7.3:::::::* cpe:2.3:a:mozilla:thunderbird:1.7.1:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.2:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.1:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.9:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.8:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.7:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.6:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.5:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.4:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.3:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.2:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.14:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.13:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.12:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.11:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.10:::::::* cpe:2.3:a:mozilla:thunderbird:1.5.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:1.5:beta2:::::: cpe:2.3:a:mozilla:thunderbird:1.5:beta1:::::: cpe:2.3:a:mozilla:thunderbird:1.5:rc1:::::: cpe:2.3:a:mozilla:thunderbird:1.5:rc2:::::: cpe:2.3:a:mozilla:thunderbird:1.5:-:::::: cpe:2.3:a:mozilla:thunderbird:1.1:alpha1:::::: cpe:2.3:a:mozilla:thunderbird:1.1:alpha2:::::: cpe:2.3:a:mozilla:thunderbird:1.0.8:::::::* cpe:2.3:a:mozilla:thunderbird:1.0.7:::::::* cpe:2.3:a:mozilla:thunderbird:1.0.6:::::::* cpe:2.3:a:mozilla:thunderbird:1.0.5:::::::* cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:::::: cpe:2.3:a:mozilla:thunderbird:1.0.4:::::::* cpe:2.3:a:mozilla:thunderbird:1.0.3:::::::* cpe:2.3:a:mozilla:thunderbird:1.0.2:::::::* cpe:2.3:a:mozilla:thunderbird:1.0.1:::::::* cpe:2.3:a:mozilla:thunderbird:1.0:rc:::::: cpe:2.3:a:mozilla:thunderbird:1.0:-:::::: cpe:2.3:a:mozilla:thunderbird:0.9:::::::* cpe:2.3:a:mozilla:thunderbird:0.8:::::::* cpe:2.3:a:mozilla:thunderbird:0.7.3:::::::* cpe:2.3:a:mozilla:thunderbird:0.7.2:::::::* cpe:2.3:a:mozilla:thunderbird:0.7.1:::::::* cpe:2.3:a:mozilla:thunderbird:0.7:rc:::::: cpe:2.3:a:mozilla:thunderbird:0.7:-:::::: cpe:2.3:a:mozilla:thunderbird:0.6:::::::* cpe:2.3:a:mozilla:thunderbird:0.5:::::::* cpe:2.3:a:mozilla:thunderbird:0.4:::::::* cpe:2.3:a:mozilla:thunderbird:0.3:::::::* cpe:2.3:a:mozilla:thunderbird:0.2:::::::* cpe:2.3:a:mozilla:thunderbird:0.1:::::::* cpe:2.3:a:mozilla:thunderbird:::::::: cpe:2.3:a:mozilla:thunderbird:::::::x86:* cpe:2.3:a:mozilla:thunderbird:::::-:::* cpe:2.3:a:mozilla:thunderbird:::::esr:::* cpe:2.3:a:mozilla:thunderbird:-:::::::*	114

OpenVAS Exploits

Date	Description
2011-08-09	Name : CentOS Update for thunderbird CESA-2010:0780 centos5 i386 File : nvt/gb_CESA-2010_0780_thunderbird_centos5_i386.nasl
2011-08-09	Name : CentOS Update for firefox CESA-2010:0782 centos5 i386 File : nvt/gb_CESA-2010_0782_firefox_centos5_i386.nasl
2010-12-02	Name : Fedora Update for firefox FEDORA-2010-16897 File : nvt/gb_fedora_2010_16897_firefox_fc14.nasl
2010-12-02	Name : Fedora Update for galeon FEDORA-2010-16897 File : nvt/gb_fedora_2010_16897_galeon_fc14.nasl
2010-12-02	Name : Fedora Update for xulrunner FEDORA-2010-16897 File : nvt/gb_fedora_2010_16897_xulrunner_fc14.nasl
2010-12-02	Name : Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-16897 File : nvt/gb_fedora_2010_16897_perl-Gtk2-MozEmbed_fc14.nasl
2010-12-02	Name : Fedora Update for mozvoikko FEDORA-2010-16897 File : nvt/gb_fedora_2010_16897_mozvoikko_fc14.nasl
2010-12-02	Name : Fedora Update for gnome-web-photo FEDORA-2010-16897 File : nvt/gb_fedora_2010_16897_gnome-web-photo_fc14.nasl
2010-12-02	Name : Fedora Update for gnome-python2-extras FEDORA-2010-16897 File : nvt/gb_fedora_2010_16897_gnome-python2-extras_fc14.nasl
2010-11-17	Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox52.nasl
2010-11-16	Name : SuSE Update for MozillaFirefox,seamonkey,MozillaThunderbird SUSE-SA:2010:056 File : nvt/gb_suse_2010_056.nasl
2010-11-16	Name : Fedora Update for xulrunner FEDORA-2010-16885 File : nvt/gb_fedora_2010_16885_xulrunner_fc12.nasl
2010-11-16	Name : Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-16885 File : nvt/gb_fedora_2010_16885_perl-Gtk2-MozEmbed_fc12.nasl
2010-11-16	Name : Fedora Update for mozvoikko FEDORA-2010-16885 File : nvt/gb_fedora_2010_16885_mozvoikko_fc12.nasl
2010-11-16	Name : Fedora Update for gnome-web-photo FEDORA-2010-16885 File : nvt/gb_fedora_2010_16885_gnome-web-photo_fc12.nasl
2010-11-16	Name : Fedora Update for gnome-python2-extras FEDORA-2010-16885 File : nvt/gb_fedora_2010_16885_gnome-python2-extras_fc12.nasl
2010-11-16	Name : Fedora Update for firefox FEDORA-2010-16885 File : nvt/gb_fedora_2010_16885_firefox_fc12.nasl
2010-11-16	Name : Fedora Update for galeon FEDORA-2010-16885 File : nvt/gb_fedora_2010_16885_galeon_fc12.nasl
2010-11-04	Name : CentOS Update for thunderbird CESA-2010:0780 centos4 i386 File : nvt/gb_CESA-2010_0780_thunderbird_centos4_i386.nasl
2010-11-04	Name : Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-16593 File : nvt/gb_fedora_2010_16593_perl-Gtk2-MozEmbed_fc13.nasl
2010-11-04	Name : Fedora Update for mozvoikko FEDORA-2010-16593 File : nvt/gb_fedora_2010_16593_mozvoikko_fc13.nasl
2010-11-04	Name : Fedora Update for gnome-web-photo FEDORA-2010-16593 File : nvt/gb_fedora_2010_16593_gnome-web-photo_fc13.nasl
2010-11-04	Name : Fedora Update for gnome-python2-extras FEDORA-2010-16593 File : nvt/gb_fedora_2010_16593_gnome-python2-extras_fc13.nasl
2010-11-04	Name : Fedora Update for galeon FEDORA-2010-16593 File : nvt/gb_fedora_2010_16593_galeon_fc13.nasl
2010-11-04	Name : Fedora Update for firefox FEDORA-2010-16593 File : nvt/gb_fedora_2010_16593_firefox_fc13.nasl
2010-11-04	Name : Fedora Update for xulrunner FEDORA-2010-16593 File : nvt/gb_fedora_2010_16593_xulrunner_fc13.nasl
2010-11-04	Name : CentOS Update for seamonkey CESA-2010:0781 centos3 i386 File : nvt/gb_CESA-2010_0781_seamonkey_centos3_i386.nasl
2010-11-04	Name : CentOS Update for firefox CESA-2010:0782 centos4 i386 File : nvt/gb_CESA-2010_0782_firefox_centos4_i386.nasl
2010-11-04	Name : CentOS Update for seamonkey CESA-2010:0781 centos4 i386 File : nvt/gb_CESA-2010_0781_seamonkey_centos4_i386.nasl
2010-10-26	Name : Mandriva Update for firefox MDVSA-2010:210 (firefox) File : nvt/gb_mandriva_MDVSA_2010_210.nasl
2010-10-26	Name : Mandriva Update for mozilla-thunderbird MDVSA-2010:211 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2010_211.nasl
2010-10-22	Name : Ubuntu Update for thunderbird vulnerabilities USN-998-1 File : nvt/gb_ubuntu_USN_998_1.nasl
2010-10-22	Name : Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-997-1 File : nvt/gb_ubuntu_USN_997_1.nasl
2010-10-22	Name : RedHat Update for thunderbird RHSA-2010:0780-01 File : nvt/gb_RHSA-2010_0780-01_thunderbird.nasl
2010-10-22	Name : RedHat Update for seamonkey RHSA-2010:0781-01 File : nvt/gb_RHSA-2010_0781-01_seamonkey.nasl
2010-10-22	Name : RedHat Update for firefox RHSA-2010:0782-01 File : nvt/gb_RHSA-2010_0782-01_firefox.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
68853	Mozilla Multiple Products on Linux Unspecified Application-launch Script LD_L... Mozilla Firefox, Thunderbird and SeaMonkey on Linux are prone to a flaw in the way they load dynamic-link libraries (DLL). The programs use a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the programs will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening the program executable file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.

Description

68853

Mozilla Multiple Products on Linux Unspecified Application-launch Script LD_L...

Mozilla Firefox, Thunderbird and SeaMonkey on Linux are prone to a flaw in the way they load dynamic-link libraries (DLL). The programs use a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the programs will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening the program executable file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.

Nessus® Vulnerability Scanner

Date	Description
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_3_seamonkey-101021.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_3_mozilla-xulrunner191-101028.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaThunderbird-101021.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaFirefox-101029.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0780.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0781.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0782.nasl - Type : ACT_GATHER_INFO
2013-01-08	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing a security update. File : sl_20101019_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing a security update. File : sl_20101117_thunderbird_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101110_firefox_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101019_seamonkey_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101019_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2010-12-02	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_mozilla-xulrunner191-101118.nasl - Type : ACT_GATHER_INFO
2010-12-02	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_mozilla-xulrunner191-101028.nasl - Type : ACT_GATHER_INFO
2010-12-02	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-101103.nasl - Type : ACT_GATHER_INFO
2010-11-24	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0781.nasl - Type : ACT_GATHER_INFO
2010-11-24	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0782.nasl - Type : ACT_GATHER_INFO
2010-11-24	Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0780.nasl - Type : ACT_GATHER_INFO
2010-11-18	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0861.nasl - Type : ACT_GATHER_INFO
2010-11-18	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0896.nasl - Type : ACT_GATHER_INFO
2010-11-05	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-7208.nasl - Type : ACT_GATHER_INFO
2010-11-03	Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaFirefox-101028.nasl - Type : ACT_GATHER_INFO
2010-11-03	Name : The remote openSUSE host is missing a security update. File : suse_11_2_mozilla-xulrunner191-101028.nasl - Type : ACT_GATHER_INFO
2010-11-03	Name : The remote openSUSE host is missing a security update. File : suse_11_1_mozilla-xulrunner191-101028.nasl - Type : ACT_GATHER_INFO
2010-11-03	Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-101028.nasl - Type : ACT_GATHER_INFO
2010-11-01	Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-16885.nasl - Type : ACT_GATHER_INFO
2010-10-29	Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-16897.nasl - Type : ACT_GATHER_INFO
2010-10-28	Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaThunderbird-101021.nasl - Type : ACT_GATHER_INFO
2010-10-28	Name : The remote openSUSE host is missing a security update. File : suse_11_1_seamonkey-101021.nasl - Type : ACT_GATHER_INFO
2010-10-28	Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaThunderbird-101022.nasl - Type : ACT_GATHER_INFO
2010-10-28	Name : The remote openSUSE host is missing a security update. File : suse_11_2_seamonkey-101021.nasl - Type : ACT_GATHER_INFO
2010-10-28	Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-16593.nasl - Type : ACT_GATHER_INFO
2010-10-24	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-210.nasl - Type : ACT_GATHER_INFO
2010-10-24	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-211.nasl - Type : ACT_GATHER_INFO
2010-10-21	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_c4f067b9dc4a11df8e32000f20797ede.nasl - Type : ACT_GATHER_INFO
2010-10-21	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-997-1.nasl - Type : ACT_GATHER_INFO
2010-10-21	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-998-1.nasl - Type : ACT_GATHER_INFO
2010-10-20	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0780.nasl - Type : ACT_GATHER_INFO
2010-10-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0782.nasl - Type : ACT_GATHER_INFO
2010-10-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0781.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077...
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154...
http://secunia.com/advisories/42867
http://support.avaya.com/css/P8/documents/100114250
http://support.avaya.com/css/P8/documents/100120156
http://www.mandriva.com/security/advisories?name=MDVSA-2010:210
http://www.mandriva.com/security/advisories?name=MDVSA-2010:211
http://www.mozilla.org/security/announce/2010/mfsa2010-71.html
http://www.redhat.com/support/errata/RHSA-2010-0780.html
http://www.redhat.com/support/errata/RHSA-2010-0781.html
http://www.redhat.com/support/errata/RHSA-2010-0782.html
http://www.redhat.com/support/errata/RHSA-2010-0861.html
http://www.redhat.com/support/errata/RHSA-2010-0896.html
http://www.securityfocus.com/bid/44251
http://www.ubuntu.com/usn/USN-997-1
http://www.ubuntu.com/usn/USN-998-1
http://www.vupen.com/english/advisories/2011/0061
https://bugzilla.mozilla.org/show_bug.cgi?id=590753
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2025-02-07 01:15:16	Multiple Updates
2024-11-28 23:07:12	Multiple Updates
2024-11-28 12:22:47	Multiple Updates
2024-11-01 01:14:33	Multiple Updates
2024-10-22 12:14:29	Multiple Updates
2024-08-02 12:14:20	Multiple Updates
2024-08-02 01:03:54	Multiple Updates
2024-02-10 01:13:00	Multiple Updates
2024-02-02 01:13:55	Multiple Updates
2024-02-01 12:03:49	Multiple Updates
2023-09-05 12:12:57	Multiple Updates
2023-09-05 01:03:41	Multiple Updates
2023-09-02 12:13:02	Multiple Updates
2023-09-02 01:03:43	Multiple Updates
2023-08-12 12:15:30	Multiple Updates
2023-08-12 01:03:43	Multiple Updates
2023-08-11 12:13:04	Multiple Updates
2023-08-11 01:03:51	Multiple Updates
2023-08-06 12:12:34	Multiple Updates
2023-08-06 01:03:45	Multiple Updates
2023-08-04 12:12:40	Multiple Updates
2023-08-04 01:03:45	Multiple Updates
2023-07-14 12:12:36	Multiple Updates
2023-07-14 01:03:44	Multiple Updates
2023-03-29 01:14:26	Multiple Updates
2023-03-28 12:03:50	Multiple Updates
2022-10-11 12:11:15	Multiple Updates
2022-10-11 01:03:31	Multiple Updates
2021-05-04 12:12:20	Multiple Updates
2021-04-22 01:13:03	Multiple Updates
2020-10-14 01:05:39	Multiple Updates
2020-10-03 01:05:39	Multiple Updates
2020-05-29 01:05:09	Multiple Updates
2020-05-23 01:42:35	Multiple Updates
2020-05-23 00:26:23	Multiple Updates
2019-06-25 12:03:10	Multiple Updates
2019-01-30 12:03:24	Multiple Updates
2018-07-13 01:03:33	Multiple Updates
2017-11-22 12:03:29	Multiple Updates
2017-11-21 12:02:41	Multiple Updates
2017-09-19 09:23:55	Multiple Updates
2016-06-28 18:18:02	Multiple Updates
2016-04-26 20:03:20	Multiple Updates
2014-06-14 13:29:12	Multiple Updates
2014-02-17 10:57:07	Multiple Updates
2013-05-10 23:31:21	Multiple Updates

Global Informations

Type	Count
Oval ID(s)	5
CPE ID(s)	406
Sources(s)	20
osvdb(s)	1
Openvas Exploit(s)	36
Nessus® Exploit(s)	41

	Related
10	GLSA-201301-01
9.3	USN-998-1
9.3	USN-997-1
9.3	RHSA-2010:0896
9.3	RHSA-2010:0861
9.3	RHSA-2010:0782
9.3	RHSA-2010:0781
9.3	RHSA-2010:0780
9.3	MDVSA-2010:211
9.3	MDVSA-2010:210
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 10 more Alert(s)

6.9 - CVE-2010-3182

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU