Executive Summary
Summary | |
---|---|
Title | New iceweasel packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-1535 | First vendor Publication | 2008-03-30 |
Vendor | Debian | Last vendor Modification | 2008-03-30 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-4879 Peter Brodersen and Alexander Klink discovered that the autoselection of SSL client certificates could lead to users being tracked, resulting in a loss of privacy. CVE-2008-1233 "moz_bug_r_a4" discovered that variants of CVE-2007-3738 and CVE-2007-5338 allow the execution of arbitrary code through XPCNativeWrapper. CVE-2008-1234 "moz_bug_r_a4" discovered that insecure handling of event handlers could lead to cross-site scripting. CVE-2008-1235 Boris Zbarsky, Johnny Stenback, and "moz_bug_r_a4" discovered that incorrect principal handling can lead to cross-site scripting and the execution of arbitrary code. CVE-2008-1236 Tom Ferris, Seth Spitzer, Martin Wargers, John Daggett and Mats Palmgren discovered crashes in the layout engine, which might allow the execution of arbitrary code. CVE-2008-1237 "georgi", "tgirmann" and Igor Bukanov discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. CVE-2008-1238 Gregory Fleischer discovered that HTTP Referrer headers were handled incorrectly in combination with URLs containing Basic Authentication credentials with empty usernames, resulting in potential Cross-Site Request Forgery attacks. CVE-2008-1240 Gregory Fleischer discovered that web content fetched through the jar: protocol can use Java to connect to arbitrary ports. This is only an issue in combination with the non-free Java plugin. CVE-2008-1241 Chris Thomas discovered that background tabs could generate XUL popups overlaying the current tab, resulting in potential spoofing attacks. For the stable distribution (etch), these problems have been fixed in version 2.0.0.13-0etch1. The Mozilla products from the old stable distribution (sarge) are no longer supported. We recommend that you upgrade your iceweasel packages. |
Original Source
Url : http://www.debian.org/security/2008/dsa-1535 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
25 % | CWE-399 | Resource Management Errors |
12 % | CWE-287 | Improper Authentication |
12 % | CWE-264 | Permissions, Privileges, and Access Controls |
12 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
12 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
12 % | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
12 % | CWE-16 | Configuration |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10965 | |||
Oval ID: | oval:org.mitre.oval:def:10965 | ||
Title: | Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed. | ||
Description: | Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-5338 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10980 | |||
Oval ID: | oval:org.mitre.oval:def:10980 | ||
Title: | Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via unknown vectors that cause JavaScript to execute with the wrong principal, aka "Privilege escalation via incorrect principals." | ||
Description: | Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via unknown vectors that cause JavaScript to execute with the wrong principal, aka "Privilege escalation via incorrect principals." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1235 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11788 | |||
Oval ID: | oval:org.mitre.oval:def:11788 | ||
Title: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the layout engine. | ||
Description: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the layout engine. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1236 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17490 | |||
Oval ID: | oval:org.mitre.oval:def:17490 | ||
Title: | USN-605-1 -- mozilla-thunderbird, thunderbird vulnerabilities | ||
Description: | Various flaws were discovered in the JavaScript engine. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-605-1 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | mozilla-thunderbird thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17494 | |||
Oval ID: | oval:org.mitre.oval:def:17494 | ||
Title: | USN-536-1 -- mozilla-thunderbird, thunderbird vulnerabilities | ||
Description: | Various flaws were discovered in the layout and JavaScript engines. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-536-1 CVE-2007-5339 CVE-2007-5340 CVE-2006-2894 CVE-2007-3511 CVE-2007-1095 CVE-2007-2292 CVE-2007-5334 CVE-2007-5337 CVE-2007-5338 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | mozilla-thunderbird thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17694 | |||
Oval ID: | oval:org.mitre.oval:def:17694 | ||
Title: | USN-592-1 -- firefox vulnerabilities | ||
Description: | Alexey Proskuryakov, Yosuke Hasegawa and Simon Montagu discovered flaws in Firefox's character encoding handling. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-592-1 CVE-2008-0416 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 CVE-2008-1238 CVE-2007-4879 CVE-2008-1195 CVE-2008-1240 CVE-2008-1241 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18655 | |||
Oval ID: | oval:org.mitre.oval:def:18655 | ||
Title: | DSA-1574-1 icedove - several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1574-1 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 CVE-2007-3738 CVE-2007-5338 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | icedove |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18729 | |||
Oval ID: | oval:org.mitre.oval:def:18729 | ||
Title: | DSA-1534-1 iceape | ||
Description: | Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1534-1 CVE-2007-4879 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 CVE-2008-1238 CVE-2008-1240 CVE-2008-1241 CVE-2007-3738 CVE-2007-5338 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceape |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18755 | |||
Oval ID: | oval:org.mitre.oval:def:18755 | ||
Title: | DSA-1532-1 xulrunner | ||
Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1532-1 CVE-2007-4879 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 CVE-2008-1238 CVE-2008-1240 CVE-2008-1241 CVE-2007-3738 CVE-2007-5338 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18981 | |||
Oval ID: | oval:org.mitre.oval:def:18981 | ||
Title: | DSA-1338-1 iceweasel | ||
Description: | Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1338-1 CVE-2007-3089 CVE-2007-3656 CVE-2007-3734 CVE-2007-3735 CVE-2007-3736 CVE-2007-3737 CVE-2007-3738 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:19906 | |||
Oval ID: | oval:org.mitre.oval:def:19906 | ||
Title: | DSA-1534-2 iceape - regression | ||
Description: | Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1534-2 CVE-2007-4879 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 CVE-2008-1238 CVE-2008-1240 CVE-2008-1241 CVE-2007-3738 CVE-2007-5338 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceape |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:19992 | |||
Oval ID: | oval:org.mitre.oval:def:19992 | ||
Title: | DSA-1337-1 xulrunner | ||
Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1337-1 CVE-2007-3089 CVE-2007-3285 CVE-2007-3656 CVE-2007-3734 CVE-2007-3735 CVE-2007-3736 CVE-2007-3737 CVE-2007-3738 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20297 | |||
Oval ID: | oval:org.mitre.oval:def:20297 | ||
Title: | DSA-1535-1 iceweasel | ||
Description: | Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1535-1 CVE-2007-4879 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 CVE-2008-1238 CVE-2008-1240 CVE-2008-1241 CVE-2007-3738 CVE-2007-5338 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21817 | |||
Oval ID: | oval:org.mitre.oval:def:21817 | ||
Title: | ELSA-2007:0724: firefox security update (Critical) | ||
Description: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:0724-02 CVE-2007-3089 CVE-2007-3656 CVE-2007-3734 CVE-2007-3735 CVE-2007-3736 CVE-2007-3737 CVE-2007-3738 | Version: | 33 |
Platform(s): | Oracle Linux 5 | Product(s): | firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21880 | |||
Oval ID: | oval:org.mitre.oval:def:21880 | ||
Title: | ELSA-2007:0723: thunderbird security update (Moderate) | ||
Description: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:0723-01 CVE-2007-3089 CVE-2007-3734 CVE-2007-3735 CVE-2007-3736 CVE-2007-3737 CVE-2007-3738 | Version: | 29 |
Platform(s): | Oracle Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22699 | |||
Oval ID: | oval:org.mitre.oval:def:22699 | ||
Title: | ELSA-2008:0209: thunderbird security update (Moderate) | ||
Description: | GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0209-01 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 CVE-2008-1238 CVE-2008-1241 | Version: | 33 |
Platform(s): | Oracle Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22714 | |||
Oval ID: | oval:org.mitre.oval:def:22714 | ||
Title: | ELSA-2008:0207: firefox security update (Critical) | ||
Description: | GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0207-01 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 CVE-2008-1238 CVE-2008-1241 | Version: | 33 |
Platform(s): | Oracle Linux 5 | Product(s): | firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7395 | |||
Oval ID: | oval:org.mitre.oval:def:7395 | ||
Title: | DSA-1535 iceweasel -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems: Peter Brodersen and Alexander Klink discovered that the autoselection of SSL client certificates could lead to users being tracked, resulting in a loss of privacy. moz_bug_r_a4 discovered that variants of CVE-2007-3738 and CVE-2007-5338 allow the execution of arbitrary code through XPCNativeWrapper. moz_bug_r_a4 discovered that insecure handling of event handlers could lead to cross-site scripting. Boris Zbarsky, Johnny Stenback and moz_bug_r_a4 discovered that incorrect principal handling could lead to cross-site scripting and the execution of arbitrary code. Tom Ferris, Seth Spitzer, Martin Wargers, John Daggett and Mats Palmgren discovered crashes in the layout engine, which might allow the execution of arbitrary code. georgi, tgirmann and Igor Bukanov discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. Gregory Fleischer discovered that HTTP Referrer headers were handled incorrectly in combination with URLs containing Basic Authentication credentials with empty usernames, resulting in potential Cross-Site Request Forgery attacks. Gregory Fleischer discovered that web content fetched through the jar: protocol can use Java to connect to arbitrary ports. This is only an issue in combination with the non-free Java plugin. Chris Thomas discovered that background tabs could generate XUL popups overlaying the current tab, resulting in potential spoofing attacks. The Mozilla products from the old stable distribution (sarge) are no longer supported. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1535 CVE-2007-4879 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 CVE-2008-1238 CVE-2008-1240 CVE-2008-1241 CVE-2007-3738 CVE-2007-5338 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7869 | |||
Oval ID: | oval:org.mitre.oval:def:7869 | ||
Title: | DSA-1534 iceape -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite. The Common Vulnerabilities and Exposures project identifies the following problems: Peter Brodersen and Alexander Klink discovered that the autoselection of SSL client certificates could lead to users being tracked, resulting in a loss of privacy. moz_bug_r_a4 discovered that variants of CVE-2007-3738 and CVE-2007-5338 allow the execution of arbitrary code through XPCNativeWrapper. moz_bug_r_a4 discovered that insecure handling of event handlers could lead to cross-site scripting. Boris Zbarsky, Johnny Stenback and moz_bug_r_a4 discovered that incorrect principal handling could lead to cross-site scripting and the execution of arbitrary code. Tom Ferris, Seth Spitzer, Martin Wargers, John Daggett and Mats Palmgren discovered crashes in the layout engine, which might allow the execution of arbitrary code. Georgi, Tgirmann and Igor Bukanov discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. Gregory Fleischer discovered that HTTP Referrer headers were handled incorrectly in combination with URLs containing Basic Authentication credentials with empty usernames, resulting in potential Cross-Site Request Forgery attacks. Gregory Fleischer discovered that web content fetched through the jar: protocol can use Java to connect to arbitrary ports. This is only an issue in combination with the non-free Java plugin. Chris Thomas discovered that background tabs could generate XUL popups overlaying the current tab, resulting in potential spoofing attacks. The Mozilla products from the old stable distribution (sarge) are no longer supported. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1534 CVE-2007-4879 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 CVE-2008-1238 CVE-2008-1240 CVE-2008-1241 CVE-2007-3738 CVE-2007-5338 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | iceape |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7955 | |||
Oval ID: | oval:org.mitre.oval:def:7955 | ||
Title: | DSA-1532 xulrunner -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems: Peter Brodersen and Alexander Klink discovered that the autoselection of SSL client certificates could lead to users being tracked, resulting in a loss of privacy. moz_bug_r_a4 discovered that variants of CVE-2007-3738 and CVE-2007-5338 allow the execution of arbitrary code through XPCNativeWrapper. moz_bug_r_a4 discovered that insecure handling of event handlers could lead to cross-site scripting. Boris Zbarsky, Johnny Stenback and moz_bug_r_a4 discovered that incorrect principal handling could lead to cross-site scripting and the execution of arbitrary code. Tom Ferris, Seth Spitzer, Martin Wargers, John Daggett and Mats Palmgren discovered crashes in the layout engine, which might allow the execution of arbitrary code. georgi, tgirmann and Igor Bukanov discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. Gregory Fleischer discovered that HTTP Referrer headers were handled incorrectly in combination with URLs containing Basic Authentication credentials with empty usernames, resulting in potential Cross-Site Request Forgery attacks. Gregory Fleischer discovered that web content fetched through the jar: protocol can use Java to connect to arbitrary ports. This is only an issue in combination with the non-free Java plugin. Chris Thomas discovered that background tabs could generate XUL popups overlaying the current tab, resulting in potential spoofing attacks. The Mozilla products from the old stable distribution (sarge) are no longer supported. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1532 CVE-2007-4879 CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 CVE-2008-1238 CVE-2008-1240 CVE-2008-1241 CVE-2007-3738 CVE-2007-5338 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9651 | |||
Oval ID: | oval:org.mitre.oval:def:9651 | ||
Title: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the JavaScript engine. | ||
Description: | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the JavaScript engine. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1237 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9889 | |||
Oval ID: | oval:org.mitre.oval:def:9889 | ||
Title: | Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely on Referer headers, such as with some Cross-Site Request Forgery (CSRF) mechanisms. | ||
Description: | Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely on Referer headers, such as with some Cross-Site Request Forgery (CSRF) mechanisms. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1238 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-13 | Name : SLES10: Security update for epiphany File : nvt/sles10_mozilla-xulrunn.nasl |
2009-10-10 | Name : SLES9: Security update for Mozilla File : nvt/sles9p5022953.nasl |
2009-10-10 | Name : SLES9: Security update for Mozilla File : nvt/sles9p5018527.nasl |
2009-10-10 | Name : SLES9: Security update for Mozilla File : nvt/sles9p5011293.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2008:155-1 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2008_155_1.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2008:155 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2008_155.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-firefox MDVSA-2008:080 (mozilla-firefox) File : nvt/gb_mandriva_MDVSA_2008_080.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-firefox MDKSA-2007:202 (mozilla-firefox) File : nvt/gb_mandriva_MDKSA_2007_202.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-firefox MDKSA-2007:152 (mozilla-firefox) File : nvt/gb_mandriva_MDKSA_2007_152.nasl |
2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-535-1 File : nvt/gb_ubuntu_USN_535_1.nasl |
2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-490-1 File : nvt/gb_ubuntu_USN_490_1.nasl |
2009-03-23 | Name : Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-536-1 File : nvt/gb_ubuntu_USN_536_1.nasl |
2009-03-23 | Name : Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-605-1 File : nvt/gb_ubuntu_USN_605_1.nasl |
2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-592-1 File : nvt/gb_ubuntu_USN_592_1.nasl |
2009-03-06 | Name : RedHat Update for thunderbird RHSA-2008:0209-01 File : nvt/gb_RHSA-2008_0209-01_thunderbird.nasl |
2009-03-06 | Name : RedHat Update for seamonkey RHSA-2008:0208-01 File : nvt/gb_RHSA-2008_0208-01_seamonkey.nasl |
2009-03-06 | Name : RedHat Update for firefox RHSA-2008:0207-01 File : nvt/gb_RHSA-2008_0207-01_firefox.nasl |
2009-02-27 | Name : Fedora Update for devhelp FEDORA-2007-1143 File : nvt/gb_fedora_2007_1143_devhelp_fc7.nasl |
2009-02-27 | Name : Fedora Update for thunderbird FEDORA-2007-1180 File : nvt/gb_fedora_2007_1180_thunderbird_fc7.nasl |
2009-02-27 | Name : Fedora Update for yelp FEDORA-2007-1144 File : nvt/gb_fedora_2007_1144_yelp_fc7.nasl |
2009-02-27 | Name : Fedora Update for epiphany-extensions FEDORA-2007-1155 File : nvt/gb_fedora_2007_1155_epiphany-extensions_fc7.nasl |
2009-02-27 | Name : Fedora Update for blam FEDORA-2007-1157 File : nvt/gb_fedora_2007_1157_blam_fc7.nasl |
2009-02-27 | Name : Fedora Update for seamonkey FEDORA-2007-1181 File : nvt/gb_fedora_2007_1181_seamonkey_fc7.nasl |
2009-02-27 | Name : Fedora Update for seamonkey FEDORA-2007-2601 File : nvt/gb_fedora_2007_2601_seamonkey_fc7.nasl |
2009-02-27 | Name : Fedora Update for firefox FEDORA-2007-2664 File : nvt/gb_fedora_2007_2664_firefox_fc7.nasl |
2009-02-27 | Name : Fedora Update for seamonkey FEDORA-2007-2795 File : nvt/gb_fedora_2007_2795_seamonkey_fc8.nasl |
2009-02-27 | Name : Fedora Update for thunderbird FEDORA-2007-3414 File : nvt/gb_fedora_2007_3414_thunderbird_fc8.nasl |
2009-02-27 | Name : Fedora Update for thunderbird FEDORA-2007-3431 File : nvt/gb_fedora_2007_3431_thunderbird_fc7.nasl |
2009-02-27 | Name : Fedora Update for thunderbird FEDORA-2007-641 File : nvt/gb_fedora_2007_641_thunderbird_fc6.nasl |
2009-02-27 | Name : Fedora Update for firefox FEDORA-2007-642 File : nvt/gb_fedora_2007_642_firefox_fc6.nasl |
2009-02-27 | Name : Fedora Update for epiphany FEDORA-2007-1138 File : nvt/gb_fedora_2007_1138_epiphany_fc7.nasl |
2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0209 centos4 x86_64 File : nvt/gb_CESA-2008_0209_thunderbird_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for thunderbird CESA-2008:0209 centos4 i386 File : nvt/gb_CESA-2008_0209_thunderbird_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0208 centos4 x86_64 File : nvt/gb_CESA-2008_0208_seamonkey_centos4_x86_64.nasl |
2009-02-27 | Name : Fedora Update for firefox FEDORA-2007-1142 File : nvt/gb_fedora_2007_1142_firefox_fc7.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0208 centos4 i386 File : nvt/gb_CESA-2008_0208_seamonkey_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0208 centos3 x86_64 File : nvt/gb_CESA-2008_0208_seamonkey_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0208 centos3 i386 File : nvt/gb_CESA-2008_0208_seamonkey_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for seamonkey CESA-2008:0208-01 centos2 i386 File : nvt/gb_CESA-2008_0208-01_seamonkey_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0207 centos4 x86_64 File : nvt/gb_CESA-2008_0207_firefox_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0207 centos4 i386 File : nvt/gb_CESA-2008_0207_firefox_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0207 centos3 x86_64 File : nvt/gb_CESA-2008_0207_firefox_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for firefox CESA-2008:0207 centos3 i386 File : nvt/gb_CESA-2008_0207_firefox_centos3_i386.nasl |
2009-02-17 | Name : Fedora Update for thunderbird FEDORA-2008-3519 File : nvt/gb_fedora_2008_3519_thunderbird_fc7.nasl |
2009-02-17 | Name : Fedora Update for thunderbird FEDORA-2008-3557 File : nvt/gb_fedora_2008_3557_thunderbird_fc8.nasl |
2009-02-16 | Name : Fedora Update for devhelp FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_devhelp_fc7.nasl |
2009-02-16 | Name : Fedora Update for yelp FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_yelp_fc8.nasl |
2009-02-16 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_ruby-gnome2_fc8.nasl |
2009-02-16 | Name : Fedora Update for openvrml FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_openvrml_fc8.nasl |
2009-02-16 | Name : Fedora Update for liferea FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_liferea_fc8.nasl |
2009-02-16 | Name : Fedora Update for kazehakase FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_kazehakase_fc8.nasl |
2009-02-16 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_gtkmozembedmm_fc8.nasl |
2009-02-16 | Name : Fedora Update for gnome-web-photo FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_gnome-web-photo_fc8.nasl |
2009-02-16 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_gnome-python2-extras_fc8.nasl |
2009-02-16 | Name : Fedora Update for galeon FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_galeon_fc8.nasl |
2009-02-16 | Name : Fedora Update for firefox FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_firefox_fc8.nasl |
2009-02-16 | Name : Fedora Update for epiphany FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_epiphany_fc8.nasl |
2009-02-16 | Name : Fedora Update for epiphany-extensions FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_epiphany-extensions_fc8.nasl |
2009-02-16 | Name : Fedora Update for devhelp FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_devhelp_fc8.nasl |
2009-02-16 | Name : Fedora Update for chmsee FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_chmsee_fc8.nasl |
2009-02-16 | Name : Fedora Update for Miro FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_Miro_fc8.nasl |
2009-02-16 | Name : Fedora Update for Miro FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_Miro_fc7.nasl |
2009-02-16 | Name : Fedora Update for chmsee FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_chmsee_fc7.nasl |
2009-02-16 | Name : Fedora Update for epiphany-extensions FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_epiphany-extensions_fc7.nasl |
2009-02-16 | Name : Fedora Update for epiphany FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_epiphany_fc7.nasl |
2009-02-16 | Name : Fedora Update for firefox FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_firefox_fc7.nasl |
2009-02-16 | Name : Fedora Update for galeon FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_galeon_fc7.nasl |
2009-02-16 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_gnome-python2-extras_fc7.nasl |
2009-02-16 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_gtkmozembedmm_fc7.nasl |
2009-02-16 | Name : Fedora Update for kazehakase FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_kazehakase_fc7.nasl |
2009-02-16 | Name : Fedora Update for liferea FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_liferea_fc7.nasl |
2009-02-16 | Name : Fedora Update for openvrml FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_openvrml_fc7.nasl |
2009-02-16 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_ruby-gnome2_fc7.nasl |
2009-02-16 | Name : Fedora Update for yelp FEDORA-2008-2662 File : nvt/gb_fedora_2008_2662_yelp_fc7.nasl |
2009-02-16 | Name : Fedora Update for blam FEDORA-2008-2682 File : nvt/gb_fedora_2008_2682_blam_fc8.nasl |
2009-01-28 | Name : SuSE Update for MozillaFirefox,mozilla,seamonkey SUSE-SA:2007:057 File : nvt/gb_suse_2007_057.nasl |
2009-01-28 | Name : SuSE Update for MozillaFirefox,MozillaThunderbird,Seamonkey SUSE-SA:2007:049 File : nvt/gb_suse_2007_049.nasl |
2009-01-23 | Name : SuSE Update for MozillaFirefox SUSE-SA:2008:019 File : nvt/gb_suse_2008_019.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200708-09 (mozilla/thunderbird/firefox/xulrunner) File : nvt/glsa_200708_09.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200711-14 (firefox seamonkey xulrunner) File : nvt/glsa_200711_14.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200805-18 (mozilla ...) File : nvt/glsa_200805_18.nasl |
2008-09-04 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox29.nasl |
2008-09-04 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox33.nasl |
2008-09-04 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox32.nasl |
2008-06-17 | Name : Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Lin) File : nvt/mozilla_CB-A08-0017.nasl |
2008-06-17 | Name : Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Win) File : nvt/smbcl_mozilla.nasl |
2008-05-27 | Name : Debian Security Advisory DSA 1574-1 (icedove) File : nvt/deb_1574_1.nasl |
2008-04-30 | Name : Debian Security Advisory DSA 1534-2 (iceape) File : nvt/deb_1534_2.nasl |
2008-04-07 | Name : Debian Security Advisory DSA 1535-1 (iceweasel) File : nvt/deb_1535_1.nasl |
2008-04-07 | Name : Debian Security Advisory DSA 1534-1 (iceape) File : nvt/deb_1534_1.nasl |
2008-04-07 | Name : Debian Security Advisory DSA 1532-1 (xulrunner) File : nvt/deb_1532_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1401-1 (iceape) File : nvt/deb_1401_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1396-1 (icedove) File : nvt/deb_1396_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1392-1 (xulrunner) File : nvt/deb_1392_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1339-1 (iceape) File : nvt/deb_1339_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1338-1 (iceweasel) File : nvt/deb_1338_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1337-1 (xulrunner) File : nvt/deb_1337_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-128-02 mozilla-thunderbird File : nvt/esoft_slk_ssa_2008_128_02.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
43878 | Mozilla Multiple Products pref_DoCallback nsPref:changed Notification Observ... |
43877 | Mozilla Multiple Products on Mac OS X Quartz Drawing Code Malformed Image Di... |
43876 | Mozilla Multiple Products ARGB32_image_ARGB32() GIF Handling DoS |
43875 | Mozilla Multiple Products Window Zooming Unspecified DoS |
43874 | Mozilla Multiple Products DocumentViewerImpl::Destroy Popup DoS |
43873 | Mozilla Multiple Products GetNearestCapturingView iframe Style Editing DoS |
43872 | Mozilla Multiple Products JS_ValueToId Null String Handling DoS |
43871 | Mozilla Multiple Products js_FilterXMLList Block Object Handling DoS |
43870 | Mozilla Multiple Products JSOP_NEG js_NewNumberValue SAVE_SP_AND_PC Unspecif... |
43869 | Mozilla Multiple Products jsobj.c fp Assertion Failure Unspecified DoS |
43868 | Mozilla Multiple Products jsinterp.c Multiple Macros SAVE_SP_AND_PC Privileg... |
43867 | Mozilla Multiple Products JS_CompileUCFunctionForPrincipals js_NewFunction P... |
43866 | Mozilla Multiple Products JSOP_YIELD / JSOP_ARRAYPUSH SAVE_SP_AND_PC Privile... |
43865 | Mozilla Multiple Products XPCNativeWrapper Chrome XBL Method Bypass |
43864 | Mozilla Multiple Products XPCNativeWrapper tabbrowser.xml Multiple Function ... |
43863 | Mozilla Multiple Products XPCNativeWrapper Function Constructor Arbitrary Co... |
43862 | Mozilla Multiple Products XPCNativeWrapper setTimeout() Arbitrary Code Execu... |
43861 | Mozilla Multiple Products XMLHttpRequest Event Handler XSS |
43860 | Mozilla Multiple Products XMLDocument.load() Event Handler XSS |
43859 | Mozilla Multiple Products Indirect Eval Cross Principal Code Execution |
43858 | Mozilla Multiple Products js_ValueToFunctionObject Cloned Function Privilege... |
43857 | Mozilla Multiple Products Mixed Principal Overlay Privilege Escalation |
43849 | Mozilla Multiple Browsers Basic Authentication Referrer Header Spoofing |
43848 | Mozilla Multiple Browsers SSL Client Authentication Certificate Information D... |
43847 | Mozilla Multiple Browsers LiveConnect jar: Protocol Handling Arbitrary Local ... |
43846 | Mozilla Multiple Browsers Cross-tab XUL Pop-up Spoofing |
38036 | Mozilla Firefox TLS Client Certificate Cross Domain Tracking |
38033 | Mozilla Multiple Products Script Object XPCNativeWrappers Pollution |
38016 | Mozilla Firefox Crafted XPCNativeWrapper Arbitrary Code Execution (moz_bug_r_a4) |
38015 | Mozilla Firefox Crafted XPCNativeWrapper Arbitrary Code Execution (shutdown) |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Mozilla Firefox IFRAME style change handling code execution RuleID : 17570 - Revision : 5 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox IFRAME style change handling code execution RuleID : 13838 - Revision : 12 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0722.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2007-0723.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0724.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0979.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0980.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2007-0981.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0207.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0208.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0209.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20070718_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20070718_seamonkey_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20070718_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071019_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071019_seamonkey_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20071019_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080326_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080327_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20080403_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-202.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-080.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-155.nasl - Type : ACT_GATHER_INFO |
2008-06-09 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-5329.nasl - Type : ACT_GATHER_INFO |
2008-05-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-128-02.nasl - Type : ACT_GATHER_INFO |
2008-05-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200805-18.nasl - Type : ACT_GATHER_INFO |
2008-05-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1574.nasl - Type : ACT_GATHER_INFO |
2008-05-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3519.nasl - Type : ACT_GATHER_INFO |
2008-05-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3557.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-605-1.nasl - Type : ACT_GATHER_INFO |
2008-05-06 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20014.nasl - Type : ACT_GATHER_INFO |
2008-05-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5218.nasl - Type : ACT_GATHER_INFO |
2008-05-01 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-5219.nasl - Type : ACT_GATHER_INFO |
2008-04-28 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_67bd39ba12b511ddbab70016179b2dd5.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote openSUSE host is missing a security update. File : suse_mozilla-xulrunner-5163.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote openSUSE host is missing a security update. File : suse_mozilla-xulrunner181-5158.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5167.nasl - Type : ACT_GATHER_INFO |
2008-04-18 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mozilla-xulrunner-5164.nasl - Type : ACT_GATHER_INFO |
2008-04-17 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0209.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1535.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5153.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0209.nasl - Type : ACT_GATHER_INFO |
2008-04-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5134.nasl - Type : ACT_GATHER_INFO |
2008-03-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1532.nasl - Type : ACT_GATHER_INFO |
2008-03-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1534.nasl - Type : ACT_GATHER_INFO |
2008-03-31 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_12b336c6fe3611dcb09c001c2514716c.nasl - Type : ACT_GATHER_INFO |
2008-03-31 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-5135.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0207.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0208.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-2662.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-2682.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0207.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0208.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-592-1.nasl - Type : ACT_GATHER_INFO |
2008-03-26 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_20013.nasl - Type : ACT_GATHER_INFO |
2008-03-26 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_119.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-3932.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-4570.nasl - Type : ACT_GATHER_INFO |
2007-11-16 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3414.nasl - Type : ACT_GATHER_INFO |
2007-11-16 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3431.nasl - Type : ACT_GATHER_INFO |
2007-11-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200711-14.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-490-1.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-535-1.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-536-1.nasl - Type : ACT_GATHER_INFO |
2007-11-07 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2795.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1401.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1138.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1142.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1143.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1144.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1155.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1157.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1180.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1181.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2601.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2664.nasl - Type : ACT_GATHER_INFO |
2007-10-30 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1396.nasl - Type : ACT_GATHER_INFO |
2007-10-26 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-4596.nasl - Type : ACT_GATHER_INFO |
2007-10-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0979.nasl - Type : ACT_GATHER_INFO |
2007-10-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0980.nasl - Type : ACT_GATHER_INFO |
2007-10-25 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2007-0981.nasl - Type : ACT_GATHER_INFO |
2007-10-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1392.nasl - Type : ACT_GATHER_INFO |
2007-10-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0979.nasl - Type : ACT_GATHER_INFO |
2007-10-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0980.nasl - Type : ACT_GATHER_INFO |
2007-10-25 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-0981.nasl - Type : ACT_GATHER_INFO |
2007-10-25 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-4594.nasl - Type : ACT_GATHER_INFO |
2007-10-24 | Name : A web browser on the remote host is prone to multiple flaws. File : seamonkey_115.nasl - Type : ACT_GATHER_INFO |
2007-10-24 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-4572.nasl - Type : ACT_GATHER_INFO |
2007-10-24 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-4574.nasl - Type : ACT_GATHER_INFO |
2007-10-19 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_2008.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-3933.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-3935.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-3973.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-3984.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-3986.nasl - Type : ACT_GATHER_INFO |
2007-08-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200708-09.nasl - Type : ACT_GATHER_INFO |
2007-08-02 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-152.nasl - Type : ACT_GATHER_INFO |
2007-07-30 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1339.nasl - Type : ACT_GATHER_INFO |
2007-07-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1337.nasl - Type : ACT_GATHER_INFO |
2007-07-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1338.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0722.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2007-0723.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0724.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-641.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-642.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_e190ca65363611dca697000c6ec775d9.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0722.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-0723.nasl - Type : ACT_GATHER_INFO |
2007-07-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0724.nasl - Type : ACT_GATHER_INFO |
2007-07-19 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_2005.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:27:29 |
|
2013-05-11 00:42:56 |
|