Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2010:071 | First vendor Publication | 2010-04-13 |
Vendor | Mandriva | Last vendor Modification | 2010-04-23 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple vulnerabilities has been found and corrected in mozilla-thunderbird: Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing (CVE-2009-0689). Integer overflow in a base64 decoding function in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors (CVE-2009-2463). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2009-3072). Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2009-3075). Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns (aka TreeColumns) of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a dangling pointer vulnerability. (CVE-2009-3077) Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file (CVE-2009-3376). Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user (CVE-2009-3983). Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing (CVE-2010-0163). This update provides the latest version of Thunderbird which are not vulnerable to these issues. Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products. Additionally, some packages which require so, have been rebuilt and are being provided as updates. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2010:071 |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-8 | Buffer Overflow in an API Call |
CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
CAPEC-10 | Buffer Overflow via Environment Variables |
CAPEC-14 | Client-side Injection-induced Buffer Overflow |
CAPEC-24 | Filter Failure through Buffer Overflow |
CAPEC-42 | MIME Conversion |
CAPEC-44 | Overflow Binary Resource File |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-46 | Overflow Variables and Tags |
CAPEC-47 | Buffer Overflow via Parameter Expansion |
CAPEC-100 | Overflow Buffers |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
20 % | CWE-416 | Use After Free |
20 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
20 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
20 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
20 % | CWE-16 | Configuration |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10047 | |||
Oval ID: | oval:org.mitre.oval:def:10047 | ||
Title: | Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user. | ||
Description: | Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3983 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10349 | |||
Oval ID: | oval:org.mitre.oval:def:10349 | ||
Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors. | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3072 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10369 | |||
Oval ID: | oval:org.mitre.oval:def:10369 | ||
Title: | Multiple integer overflows in the (1) PL_Base64Decode and (2) PL_Base64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors that trigger buffer overflows. | ||
Description: | Multiple integer overflows in the (1) PL_Base64Decode and (2) PL_Base64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors that trigger buffer overflows. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2463 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10805 | |||
Oval ID: | oval:org.mitre.oval:def:10805 | ||
Title: | Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing. | ||
Description: | Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0163 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11365 | |||
Oval ID: | oval:org.mitre.oval:def:11365 | ||
Title: | Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper function in js/src/jsstr.cpp, and unknown vectors. | ||
Description: | Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper function in js/src/jsstr.cpp, and unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3075 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12913 | |||
Oval ID: | oval:org.mitre.oval:def:12913 | ||
Title: | DSA-1998-1 kdelibs -- buffer overflow | ||
Description: | Maksymilian Arciemowicz discovered a buffer overflow in the internal string routines of the KDE core libraries, which could lead to the execution of arbitrary code. For the stable distribution, this problem has been fixed in version 4:3.5.10.dfsg.1-0lenny4. For the unstable distribution, this problem has been fixed in version 4:3.5.10.dfsg.1-3. We recommend that you upgrade your kdelibs packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1998-1 CVE-2009-0689 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | kdelibs |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13236 | |||
Oval ID: | oval:org.mitre.oval:def:13236 | ||
Title: | USN-915-1 -- thunderbird vulnerabilities | ||
Description: | Several flaws were discovered in the JavaScript engine of Thunderbird. If a user had JavaScript enabled and were tricked into viewing malicious web content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Josh Soref discovered that the BinHex decoder used in Thunderbird contained a flaw. If a user were tricked into viewing malicious content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that Thunderbird did not properly manage memory when using XUL tree elements. If a user were tricked into viewing malicious content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Jesse Ruderman and Sid Stamm discovered that Thunderbird did not properly display filenames containing right-to-left override characters. If a user were tricked into opening a malicious file with a crafted filename, an attacker could exploit this to trick the user into opening a different file than the user expected. Takehiro Takahashi discovered flaws in the NTLM implementation in Thunderbird. If an NTLM authenticated user opened content containing links to a malicious website, a remote attacker could send requests to other applications, authenticated as the user. Ludovic Hirlimann discovered a flaw in the way Thunderbird indexed certain messages with attachments. A remote attacker could send specially crafted content and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program | ||
Family: | unix | Class: | patch |
Reference(s): | USN-915-1 CVE-2009-0689 CVE-2009-2463 CVE-2009-3075 CVE-2009-3072 CVE-2009-3077 CVE-2009-3376 CVE-2009-3983 CVE-2010-0163 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 8.10 Ubuntu 9.10 Ubuntu 9.04 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13262 | |||
Oval ID: | oval:org.mitre.oval:def:13262 | ||
Title: | DSA-2025-1 icedove -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2408 Dan Kaminsky and Moxie Marlinspike discovered that icedove does not properly handle a "\0" character in a domain name in the subject's Common Name field of an X.509 certificate. CVE-2009-2404 Moxie Marlinspike reported a heap overflow vulnerability in the code that handles regular expressions in certificate names. CVE-2009-2463 monarch2020 discovered an integer overflow n a base64 decoding function. CVE-2009-3072 Josh Soref discovered a crash in the BinHex decoder. CVE-2009-3075 Carsten Book reported a crash in the JavaScript engine. CVE-2010-0163 Ludovic Hirlimann reported a crash indexing some messages with attachments, which could lead to the execution of arbitrary code. For the stable distribution, these problems have been fixed in version 2.0.0.24-0lenny1. Due to a problem with the archive system it is not possible to release all architectures. The missing architectures will be installed into the archive once they become available. For the testing distribution squeeze and the unstable distribution, these problems will be fixed soon. We recommend that you upgrade your icedove packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2025-1 CVE-2009-2408 CVE-2009-2404 CVE-2009-2463 CVE-2009-3072 CVE-2009-3075 CVE-2010-0163 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | icedove |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13490 | |||
Oval ID: | oval:org.mitre.oval:def:13490 | ||
Title: | USN-871-1 -- kdelibs vulnerability | ||
Description: | A buffer overflow was found in the KDE libraries when converting a string to a floating point number. If a user or application linked against kdelibs were tricked into processing crafted input, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that the KDE libraries could use KHTML to process an unknown MIME type. If a user or application linked against kdelibs were tricked into opening a crafted file, an attacker could potentially trigger XMLHTTPRequests to remote sites. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-871-1 CVE-2009-0689 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 8.10 Ubuntu 9.10 Ubuntu 9.04 | Product(s): | kdelibs |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13598 | |||
Oval ID: | oval:org.mitre.oval:def:13598 | ||
Title: | DSA-1931-1 nspr -- several | ||
Description: | Several vulnerabilities have been discovered in the NetScape Portable Runtime Library, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-1563 A programming error in the string handling code may lead to the execution of arbitrary code. CVE-2009-2463 An integer overflow in the Base64 decoding functions may lead to the execution of arbitrary code. The old stable distribution doesn’t contain nspr. For the stable distribution, these problems have been fixed in version 4.7.1-5. For the unstable distribution these problems have been fixed in version 4.8.2-1. We recommend that you upgrade your NSPR packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1931-1 CVE-2009-1563 CVE-2009-2463 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | nspr |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14259 | |||
Oval ID: | oval:org.mitre.oval:def:14259 | ||
Title: | Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing. | ||
Description: | Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0163 | Version: | 15 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Thunderbird Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20259 | |||
Oval ID: | oval:org.mitre.oval:def:20259 | ||
Title: | DSA-2031-1 krb5 - denial of service | ||
Description: | Sol Jerome discovered that kadmind service in krb5, a system for authenticating users and services on a network, allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2031-1 CVE-2010-0629 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | krb5 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22037 | |||
Oval ID: | oval:org.mitre.oval:def:22037 | ||
Title: | RHSA-2010:0343: krb5 security and bug fix update (Important) | ||
Description: | Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0343-01 CESA-2010:0343 CVE-2010-0629 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | krb5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22669 | |||
Oval ID: | oval:org.mitre.oval:def:22669 | ||
Title: | ELSA-2009:1601: kdelibs security update (Critical) | ||
Description: | Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1601-01 CVE-2009-0689 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | kdelibs |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23005 | |||
Oval ID: | oval:org.mitre.oval:def:23005 | ||
Title: | ELSA-2010:0343: krb5 security and bug fix update (Important) | ||
Description: | Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0343-01 CVE-2010-0629 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | krb5 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23947 | |||
Oval ID: | oval:org.mitre.oval:def:23947 | ||
Title: | ELSA-2014:0311: php security update (Critical) | ||
Description: | Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0311-00 CVE-2006-7243 CVE-2009-0689 | Version: | 7 |
Platform(s): | Oracle Linux 5 | Product(s): | php |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24079 | |||
Oval ID: | oval:org.mitre.oval:def:24079 | ||
Title: | RHSA-2014:0311: php security update (Critical) | ||
Description: | PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed floating point numbers from their text representation. If a PHP application converted untrusted input strings to numbers, an attacker able to provide such input could cause the application to crash or, possibly, execute arbitrary code with the privileges of the application. (CVE-2009-0689) It was found that PHP did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. (CVE-2006-7243) All php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0311-00 CESA-2014:0311 CVE-2006-7243 CVE-2009-0689 | Version: | 11 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | php |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25660 | |||
Oval ID: | oval:org.mitre.oval:def:25660 | ||
Title: | SUSE-SU-2013:1828-1 -- Security update for ruby | ||
Description: | The following security issue has been fixed: * CVE-2013-4164: heap overflow in float point parsing | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1828-1 CVE-2013-4164 CVE-2009-0689 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | ruby |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28012 | |||
Oval ID: | oval:org.mitre.oval:def:28012 | ||
Title: | DEPRECATED: ELSA-2010-0343 -- krb5 security and bug fix update (important) | ||
Description: | [1.6.1-36.el5_5.3] - add upstream patch to fix a few use-after-free bugs, including one in kadmind (CVE-2010-0629, #578185) [1.6.1-36.el5_5.2] - pull changes to libkrb5 to properly handle and chase off-path referrals back from 1.7 (#574387) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0343 CVE-2010-0629 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | krb5 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29365 | |||
Oval ID: | oval:org.mitre.oval:def:29365 | ||
Title: | RHSA-2009:1601 -- kdelibs security update (Critical) | ||
Description: | Updated kdelibs packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. The kdelibs packages provide libraries for the K Desktop Environment (KDE). A buffer overflow flaw was found in the kdelibs string to floating point conversion routines. A web page containing malicious JavaScript could crash Konqueror or, potentially, execute arbitrary code with the privileges of the user running Konqueror. (CVE-2009-0689) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1601 CESA-2009:1601-CentOS 5 CVE-2009-0689 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 CentOS Linux 5 | Product(s): | kdelibs |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5606 | |||
Oval ID: | oval:org.mitre.oval:def:5606 | ||
Title: | Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3 allow dangling pointer vulnerability | ||
Description: | Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns (aka TreeColumns) of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a "dangling pointer vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3077 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5717 | |||
Oval ID: | oval:org.mitre.oval:def:5717 | ||
Title: | Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2 allow multiple DOS Vulnerabilities | ||
Description: | Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper function in js/src/jsstr.cpp, and unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3075 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6315 | |||
Oval ID: | oval:org.mitre.oval:def:6315 | ||
Title: | Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3 allow denial of service Vulnerability | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3072 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6528 | |||
Oval ID: | oval:org.mitre.oval:def:6528 | ||
Title: | Mozilla Firefox Floating Point Memory Allocation Vulnerability | ||
Description: | Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0689 | Version: | 10 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6541 | |||
Oval ID: | oval:org.mitre.oval:def:6541 | ||
Title: | Spoofed file extensions via a crafted filename containing Unicode character in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0 | ||
Description: | Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3376 | Version: | 13 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6699 | |||
Oval ID: | oval:org.mitre.oval:def:6699 | ||
Title: | DSA-2025 icedove -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: Dan Kaminsky and Moxie Marlinspike discovered that icedove does not properly handle a "\0" character in a domain name in the subject's Common Name field of an X.509 certificate. Moxie Marlinspike reported a heap overflow vulnerability in the code that handles regular expressions in certificate names. monarch2020 discovered an integer overflow in a base64 decoding function. Josh Soref discovered a crash in the BinHex decoder. Carsten Book reported a crash in the JavaScript engine. Ludovic Hirlimann reported a crash indexing some messages with attachments, which could lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2025 CVE-2009-2408 CVE-2009-2404 CVE-2009-2463 CVE-2009-3072 CVE-2009-3075 CVE-2010-0163 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | icedove |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6826 | |||
Oval ID: | oval:org.mitre.oval:def:6826 | ||
Title: | DSA-1998 kdelibs -- buffer overflow | ||
Description: | Maksymilian Arciemowicz discovered a buffer overflow in the internal string routines of the KDE core libraries, which could lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1998 CVE-2009-0689 | Version: | 7 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | kdelibs |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8171 | |||
Oval ID: | oval:org.mitre.oval:def:8171 | ||
Title: | DSA-1931 nspr -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the NetScape Portable Runtime Library, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: A programming error in the string handling code may lead to the execution of arbitrary code. An integer overflow in the Base64 decoding functions may lead to the execution of arbitrary code. The old stable distribution (etch) doesn't contain nspr. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1931 CVE-2009-1563 CVE-2009-2463 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | nspr |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8240 | |||
Oval ID: | oval:org.mitre.oval:def:8240 | ||
Title: | Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability | ||
Description: | Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3983 | Version: | 15 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9489 | |||
Oval ID: | oval:org.mitre.oval:def:9489 | ||
Title: | Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number. | ||
Description: | Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0629 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9541 | |||
Oval ID: | oval:org.mitre.oval:def:9541 | ||
Title: | Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number. | ||
Description: | Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0689 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2009-12-11 | Sunbird 0.9 Array Overrun (code execution) 0day |
2009-11-19 | Opera 10.01 Remote Array Overrun |
2009-11-19 | K-Meleon 1.5.3 Remote Array Overrun |
2009-11-19 | SeaMonkey 1.1.8 Remote Array Overrun |
2009-11-19 | KDE KDELibs 4.3.3 Remote Array Overrun |
OpenVAS Exploits
Date | Description |
---|---|
2012-02-12 | Name : Gentoo Security Advisory GLSA 201201-13 (mit-krb5) File : nvt/glsa_201201_13.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2009:1162 centos5 i386 File : nvt/gb_CESA-2009_1162_firefox_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:1163 centos3 i386 File : nvt/gb_CESA-2009_1163_seamonkey_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2009:1430 centos4 i386 File : nvt/gb_CESA-2009_1430_firefox_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2009:1430 centos5 i386 File : nvt/gb_CESA-2009_1430_firefox_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:1431 centos4 i386 File : nvt/gb_CESA-2009_1431_seamonkey_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:1432 centos3 i386 File : nvt/gb_CESA-2009_1432_seamonkey_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2009:1530 centos4 i386 File : nvt/gb_CESA-2009_1530_firefox_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:1531 centos3 i386 File : nvt/gb_CESA-2009_1531_seamonkey_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:1531 centos4 i386 File : nvt/gb_CESA-2009_1531_seamonkey_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for kdelibs CESA-2009:1601 centos4 i386 File : nvt/gb_CESA-2009_1601_kdelibs_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for kdelibs CESA-2009:1601 centos5 i386 File : nvt/gb_CESA-2009_1601_kdelibs_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:1673 centos4 i386 File : nvt/gb_CESA-2009_1673_seamonkey_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2009:1674 centos4 i386 File : nvt/gb_CESA-2009_1674_firefox_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2009:1674 centos5 i386 File : nvt/gb_CESA-2009_1674_firefox_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for thunderbird CESA-2010:0153 centos5 i386 File : nvt/gb_CESA-2010_0153_thunderbird_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for krb5-devel CESA-2010:0343 centos5 i386 File : nvt/gb_CESA-2010_0343_krb5-devel_centos5_i386.nasl |
2010-08-20 | Name : CentOS Update for seamonkey CESA-2010:0499 centos3 i386 File : nvt/gb_CESA-2010_0499_seamonkey_centos3_i386.nasl |
2010-06-28 | Name : RedHat Update for seamonkey RHSA-2010:0499-01 File : nvt/gb_RHSA-2010_0499-01_seamonkey.nasl |
2010-05-28 | Name : Fedora Update for krb5 FEDORA-2010-8796 File : nvt/gb_fedora_2010_8796_krb5_fc11.nasl |
2010-05-12 | Name : Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002 File : nvt/macosx_upd_10_6_3_secupd_2010-002.nasl |
2010-04-29 | Name : Fedora Update for seamonkey FEDORA-2010-7100 File : nvt/gb_fedora_2010_7100_seamonkey_fc11.nasl |
2010-04-21 | Name : FreeBSD Ports: krb5 File : nvt/freebsd_krb52.nasl |
2010-04-16 | Name : Mandriva Update for krb5 MDVSA-2010:071 (krb5) File : nvt/gb_mandriva_MDVSA_2010_071.nasl |
2010-04-09 | Name : RedHat Update for krb5 RHSA-2010:0343-01 File : nvt/gb_RHSA-2010_0343-01_krb5.nasl |
2010-04-09 | Name : Fedora Update for krb5 FEDORA-2010-6108 File : nvt/gb_fedora_2010_6108_krb5_fc11.nasl |
2010-04-09 | Name : Ubuntu Update for krb5 vulnerabilities USN-924-1 File : nvt/gb_ubuntu_USN_924_1.nasl |
2010-04-06 | Name : Debian Security Advisory DSA 2025-1 (icedove) File : nvt/deb_2025_1.nasl |
2010-03-30 | Name : FreeBSD Ports: seamonkey, linux-seamonkey File : nvt/freebsd_seamonkey.nasl |
2010-03-30 | Name : Mozilla Products Denial Of Service Vulnerability (Linux) File : nvt/secpod_mozilla_prdts_dos_vuln_lin_mar10.nasl |
2010-03-30 | Name : Mozilla Products Denial Of Service Vulnerability (Win) File : nvt/secpod_mozilla_prdts_dos_vuln_win_mar10.nasl |
2010-03-22 | Name : CentOS Update for thunderbird CESA-2010:0154 centos4 i386 File : nvt/gb_CESA-2010_0154_thunderbird_centos4_i386.nasl |
2010-03-22 | Name : RedHat Update for thunderbird RHSA-2010:0154-02 File : nvt/gb_RHSA-2010_0154-02_thunderbird.nasl |
2010-03-22 | Name : Ubuntu Update for thunderbird vulnerabilities USN-915-1 File : nvt/gb_ubuntu_USN_915_1.nasl |
2010-02-25 | Name : Debian Security Advisory DSA 1998-1 (kdelibs) File : nvt/deb_1998_1.nasl |
2010-02-19 | Name : Mandriva Update for eject MDVA-2010:071 (eject) File : nvt/gb_mandriva_MDVA_2010_071.nasl |
2010-01-29 | Name : Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4) File : nvt/gb_mandriva_MDVSA_2010_027.nasl |
2010-01-29 | Name : Mandriva Update for kdelibs4 MDVSA-2010:028 (kdelibs4) File : nvt/gb_mandriva_MDVSA_2010_028.nasl |
2010-01-15 | Name : Ubuntu Update for firefox-3.0, xulrunner-1.9 regression USN-877-1 File : nvt/gb_ubuntu_USN_877_1.nasl |
2010-01-15 | Name : Ubuntu Update for firefox-3.5, xulrunner-1.9.1 regression USN-878-1 File : nvt/gb_ubuntu_USN_878_1.nasl |
2009-12-30 | Name : RedHat Security Advisory RHSA-2009:1673 File : nvt/RHSA_2009_1673.nasl |
2009-12-30 | Name : RedHat Security Advisory RHSA-2009:1674 File : nvt/RHSA_2009_1674.nasl |
2009-12-30 | Name : Debian Security Advisory DSA 1956-1 (xulrunner) File : nvt/deb_1956_1.nasl |
2009-12-30 | Name : Fedora Core 11 FEDORA-2009-13333 (firefox) File : nvt/fcore_2009_13333.nasl |
2009-12-30 | Name : Fedora Core 12 FEDORA-2009-13362 (seamonkey) File : nvt/fcore_2009_13362.nasl |
2009-12-30 | Name : Fedora Core 12 FEDORA-2009-13366 (gnome-python2-extras) File : nvt/fcore_2009_13366.nasl |
2009-12-30 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox43.nasl |
2009-12-30 | Name : Mandriva Security Advisory MDVSA-2009:339 (firefox) File : nvt/mdksa_2009_339.nasl |
2009-12-30 | Name : CentOS Security Advisory CESA-2009:1673 (seamonkey) File : nvt/ovcesa2009_1673.nasl |
2009-12-30 | Name : CentOS Security Advisory CESA-2009:1674 (firefox) File : nvt/ovcesa2009_1674.nasl |
2009-12-30 | Name : SuSE Security Advisory SUSE-SA:2009:063 (MozillaFirefox) File : nvt/suse_sa_2009_063.nasl |
2009-12-30 | Name : Ubuntu USN-873-1 (xulrunner-1.9) File : nvt/ubuntu_873_1.nasl |
2009-12-30 | Name : Ubuntu USN-874-1 (xulrunner-1.9.1) File : nvt/ubuntu_874_1.nasl |
2009-12-23 | Name : Firefox Multiple Vulnerabilities Dec-09 (Linux) File : nvt/secpod_firefox_mult_vuln_dec09_lin01.nasl |
2009-12-23 | Name : Firefox Multiple Vulnerabilities Dec-09 (Linux) File : nvt/secpod_firefox_mult_vuln_dec09_lin02.nasl |
2009-12-23 | Name : Firefox Multiple Vulnerabilities Dec-09 (Win) File : nvt/secpod_firefox_mult_vuln_dec09_win01.nasl |
2009-12-23 | Name : Firefox Multiple Vulnerabilities Dec-09 (Win) File : nvt/secpod_firefox_mult_vuln_dec09_win02.nasl |
2009-12-23 | Name : Seamonkey Multiple Vulnerabilities Dec-09 (Linux) File : nvt/secpod_seamonkey_mult_vuln_dec09_lin.nasl |
2009-12-23 | Name : Seamonkey Multiple Vulnerabilities Dec-09 (Win) File : nvt/secpod_seamonkey_mult_vuln_dec09_win.nasl |
2009-12-14 | Name : Mandriva Security Advisory MDVSA-2009:330 (kdelibs) File : nvt/mdksa_2009_330.nasl |
2009-12-14 | Name : SLES11: Security update for kdelibs3 File : nvt/sles11_kdelibs3.nasl |
2009-12-10 | Name : FreeBSD Ports: opera File : nvt/freebsd_opera19.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:290-1 (firefox) File : nvt/mdksa_2009_290_1.nasl |
2009-12-03 | Name : RedHat Security Advisory RHSA-2009:1601 File : nvt/RHSA_2009_1601.nasl |
2009-11-23 | Name : Ubuntu USN-853-1 (xulrunner-1.9.1) File : nvt/ubuntu_853_1.nasl |
2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1530 File : nvt/RHSA_2009_1530.nasl |
2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1531 File : nvt/RHSA_2009_1531.nasl |
2009-11-11 | Name : Debian Security Advisory DSA 1922-1 (xulrunner) File : nvt/deb_1922_1.nasl |
2009-11-11 | Name : Debian Security Advisory DSA 1931-1 (nspr) File : nvt/deb_1931_1.nasl |
2009-11-11 | Name : Fedora Core 11 FEDORA-2009-10878 (chmsee) File : nvt/fcore_2009_10878.nasl |
2009-11-11 | Name : Fedora Core 10 FEDORA-2009-10981 (blam) File : nvt/fcore_2009_10981.nasl |
2009-11-11 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox42.nasl |
2009-11-11 | Name : Mandriva Security Advisory MDVSA-2009:290 (firefox) File : nvt/mdksa_2009_290.nasl |
2009-11-11 | Name : CentOS Security Advisory CESA-2009:1530 (firefox) File : nvt/ovcesa2009_1530.nasl |
2009-11-11 | Name : CentOS Security Advisory CESA-2009:1531 (seamonkey) File : nvt/ovcesa2009_1531.nasl |
2009-11-11 | Name : SLES10: Security update for Mozilla Firefox File : nvt/sles10_MozillaFirefox7.nasl |
2009-11-11 | Name : SLES10: Security update for mozilla-nspr File : nvt/sles10_mozilla-nspr0.nasl |
2009-11-11 | Name : SLES10: Security update for Mozilla XULRunner File : nvt/sles10_mozilla-xulrunn0.nasl |
2009-11-11 | Name : SLES11: Security update for Mozilla Firefox File : nvt/sles11_MozillaFirefox7.nasl |
2009-11-11 | Name : SLES11: Security update for Mozilla File : nvt/sles11_mozilla-nspr.nasl |
2009-11-11 | Name : SLES11: Security update for Mozilla XULRunner File : nvt/sles11_mozilla-xulrunn1.nasl |
2009-11-11 | Name : SuSE Security Advisory SUSE-SA:2009:052 (MozillaFirefox) File : nvt/suse_sa_2009_052.nasl |
2009-11-11 | Name : SuSE Security Summary SUSE-SR:2009:018 File : nvt/suse_sr_2009_018.nasl |
2009-11-04 | Name : Mozilla Seamonkey Multiple Vulnerabilities Nov-09 (Linux) File : nvt/gb_seamonkey_mult_vuln_nov09_lin.nasl |
2009-11-04 | Name : Mozilla Seamonkey Multiple Vulnerabilities Nov-09 (Win) File : nvt/gb_seamonkey_mult_vuln_nov09_win.nasl |
2009-11-02 | Name : Mozilla Firefox Multiple Vulnerabilities Nov-09 (Linux) File : nvt/gb_firefox_mult_vuln_nov09_lin.nasl |
2009-11-02 | Name : Mozilla Firefox Multiple Vulnerabilities Nov-09 (Win) File : nvt/gb_firefox_mult_vuln_nov09_win.nasl |
2009-10-27 | Name : SLES10: Security update for Mozilla Firefox File : nvt/sles10_firefox35upgrad.nasl |
2009-10-27 | Name : SuSE Security Advisory SUSE-SA:2009:048 (MozillaFirefox) File : nvt/suse_sa_2009_048.nasl |
2009-10-11 | Name : SLES11: Security update for MozillaFirefox File : nvt/sles11_MozillaFirefox4.nasl |
2009-10-11 | Name : SLES11: Security update for Firefox File : nvt/sles11_MozillaFirefox6.nasl |
2009-10-11 | Name : SLES11: Security update for Mozilla File : nvt/sles11_mozilla-xulrunn0.nasl |
2009-09-21 | Name : Mandrake Security Advisory MDVSA-2009:236 (firefox) File : nvt/mdksa_2009_236.nasl |
2009-09-15 | Name : RedHat Security Advisory RHSA-2009:1430 File : nvt/RHSA_2009_1430.nasl |
2009-09-15 | Name : RedHat Security Advisory RHSA-2009:1431 File : nvt/RHSA_2009_1431.nasl |
2009-09-15 | Name : RedHat Security Advisory RHSA-2009:1432 File : nvt/RHSA_2009_1432.nasl |
2009-09-15 | Name : Debian Security Advisory DSA 1885-1 (xulrunner) File : nvt/deb_1885_1.nasl |
2009-09-15 | Name : Fedora Core 10 FEDORA-2009-9494 (epiphany) File : nvt/fcore_2009_9494.nasl |
2009-09-15 | Name : Fedora Core 11 FEDORA-2009-9505 (epiphany-extensions) File : nvt/fcore_2009_9505.nasl |
2009-09-15 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox41.nasl |
2009-09-15 | Name : CentOS Security Advisory CESA-2009:1430 (seamonkey) File : nvt/ovcesa2009_1430.nasl |
2009-09-15 | Name : CentOS Security Advisory CESA-2009:1431 (seamonkey) File : nvt/ovcesa2009_1431.nasl |
2009-09-15 | Name : CentOS Security Advisory CESA-2009:1432 (seamonkey) File : nvt/ovcesa2009_1432.nasl |
2009-09-15 | Name : Ubuntu USN-821-1 (xulrunner-1.9) File : nvt/ubuntu_821_1.nasl |
2009-09-11 | Name : Mozilla Firefox 'JavaScript' DoS Vulnerabilities - Sep09 (Linux) File : nvt/secpod_firefox_js_dos_vuln_sep09_lin.nasl |
2009-09-11 | Name : Mozilla Firefox 'JavaScript' DoS Vulnerabilities - Sep09 (Win) File : nvt/secpod_firefox_js_dos_vuln_sep09_win.nasl |
2009-09-11 | Name : Mozilla Firefox Multiple Vulnerabilities - Sep09 (Linux) File : nvt/secpod_firefox_mult_vuln_sep09_lin.nasl |
2009-09-11 | Name : Mozilla Firefox Multiple Vulnerabilities - Sep09 (Win) File : nvt/secpod_firefox_mult_vuln_sep09_win.nasl |
2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:182 (firefox) File : nvt/mdksa_2009_182.nasl |
2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:185 (firefox) File : nvt/mdksa_2009_185.nasl |
2009-07-29 | Name : RedHat Security Advisory RHSA-2009:1162 File : nvt/RHSA_2009_1162.nasl |
2009-07-29 | Name : RedHat Security Advisory RHSA-2009:1163 File : nvt/RHSA_2009_1163.nasl |
2009-07-29 | Name : Debian Security Advisory DSA 1840-1 (xulrunner) File : nvt/deb_1840_1.nasl |
2009-07-29 | Name : Fedora Core 10 FEDORA-2009-7961 (blam) File : nvt/fcore_2009_7961.nasl |
2009-07-29 | Name : CentOS Security Advisory CESA-2009:1162 (firefox) File : nvt/ovcesa2009_1162.nasl |
2009-07-29 | Name : CentOS Security Advisory CESA-2009:1163 (seamonkey) File : nvt/ovcesa2009_1163.nasl |
2009-07-29 | Name : SuSE Security Advisory SUSE-SA:2009:039 (MozillaFirefox) File : nvt/suse_sa_2009_039.nasl |
2009-07-29 | Name : Ubuntu USN-798-1 (xulrunner-1.9) File : nvt/ubuntu_798_1.nasl |
2009-07-29 | Name : Ubuntu USN-805-1 (ruby1.9) File : nvt/ubuntu_805_1.nasl |
2009-07-23 | Name : Mozilla Firefox Multiple Vulnerabilities July-09 (Linux) File : nvt/secpod_firefox_mult_vuln_jul09_lin.nasl |
2009-07-23 | Name : Mozilla Firefox Multiple Vulnerabilities July-09 (Win) File : nvt/secpod_firefox_mult_vuln_jul09_win.nasl |
2009-07-23 | Name : Mozilla Thunderbird Memory Corruption Vulnerabilities July-09 (Linux) File : nvt/secpod_thunderbird_mem_crptn_vuln_jul09_lin.nasl |
2009-07-23 | Name : Mozilla Thunderbird Memory Corruption Vulnerabilities July-09 (Win) File : nvt/secpod_thunderbird_mem_crptn_vuln_jul09_win.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
63646 | J Programming Language libc dtoa Implementation Floating Point Parsing Memory... |
63641 | Matlab libc dtoa Implementation Floating Point Parsing Memory Corruption |
63639 | Apple Mac OS X libc dtoa Implementation Floating Point Parsing Memory Corruption |
63569 | Kerberos src/kadmin/server/server_stubs.c init_2_svc() Function API Version N... |
63263 | Mozilla Multiple Products Email Attachment Parser Message Indexing DoS |
62402 | K-Meleon libc dtoa Implementation Floating Point Parsing Memory Corruption |
61189 | Mozilla Sunbird libc dtoa Implementation Floating Point Parsing Memory Corrup... |
61188 | Flock Browser libc dtoa Implementation Floating Point Parsing Memory Corruption |
61187 | KDE kdelibs libc dtoa Implementation Floating Point Parsing Memory Corruption |
61186 | Opera libc dtoa Implementation Floating Point Parsing Memory Corruption |
61101 | Mozilla Multiple Browser NTLM Reflection Authentication Credential Disclosure |
61091 | Mozilla Multiple Products libc dtoa Implementation Floating Point Parsing Mem... |
59389 | Mozilla Multiple Browsers Filename Right-to-left (RTL) Override Character Dow... |
57978 | Mozilla Firefox XUL Document TreeColumn Rendering Arbitrary Code Execution |
57976 | Mozilla Firefox JavaScript Engine Multiple Unspecified Memory Corruption Firefox contains a flaw related to the JavaScript engine that may allow an attacker to execute arbitrary code via memory corruption. No further details have been provided. |
57972 | Mozilla Firefox Browser Engine Multiple Unspecified Memory Corruption (2009-3... |
56230 | Mozilla Multiple Products Base64 Decoding Unspecified DoS |
55603 | libc gdtoa/misc.c dtoa() Implementation printf Function Array Overflow |
Snort® IPS/IDS
Date | Description |
---|---|
2018-07-10 | Mozilla multiple products JavaScript string replace buffer overflow attempt RuleID : 46913 - Revision : 1 - Type : BROWSER-FIREFOX |
2018-07-10 | Mozilla multiple products JavaScript string replace buffer overflow attempt RuleID : 46912 - Revision : 1 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla products floating point buffer overflow attempt RuleID : 21155 - Revision : 6 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla products floating point buffer overflow attempt RuleID : 21154 - Revision : 6 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla multiple products JavaScript string replace buffer overflow attempt RuleID : 17166 - Revision : 10 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2018-11-02 | Name : The remote Debian host is missing a security update. File : debian_DLA-1564.nasl - Type : ACT_GATHER_INFO |
2016-12-01 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2958-1.nasl - Type : ACT_GATHER_INFO |
2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0001_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2015-6dec4e6d5f.nasl - Type : ACT_GATHER_INFO |
2016-01-28 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0257-1.nasl - Type : ACT_GATHER_INFO |
2016-01-04 | Name : The remote Debian host is missing a security update. File : debian_DLA-376.nasl - Type : ACT_GATHER_INFO |
2016-01-04 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_4b3a7e70afce11e5b86414dae9d210b8.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2011-0015.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0312.nasl - Type : ACT_GATHER_INFO |
2014-03-20 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140318_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-03-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0311.nasl - Type : ACT_GATHER_INFO |
2014-03-19 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0311.nasl - Type : ACT_GATHER_INFO |
2014-03-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0311.nasl - Type : ACT_GATHER_INFO |
2013-12-05 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_ruby-131125.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1162.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1163.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1430.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1431.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1432.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1530.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1531.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1601.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1673.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1674.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0154.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0343.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0499.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1601.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-924-1.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0153.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-11-05 | Name : The remote Scientific Linux host is missing a security update. File : sl_20090722_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-11-05 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090722_seamonkey_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20090723_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20090723_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090723_seamonkey_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090728_seamonkey_on_SL3_0.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090909_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090909_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091027_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091027_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091124_kdelibs_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091215_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091216_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20100317_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100406_krb5_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100622_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-01-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201201-13.nasl - Type : ACT_GATHER_INFO |
2011-03-17 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_mozilla-xulrunner190-090922.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_krb5-100401.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-6609.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-6735.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox35upgrade-6563.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kdelibs3-6692.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mozilla-nspr-6631.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mozilla-xulrunner190-6617.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mozilla-xulrunner190-6734.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-294.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-338.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-027.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-028.nasl - Type : ACT_GATHER_INFO |
2010-07-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0499.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-6108.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-7100.nasl - Type : ACT_GATHER_INFO |
2010-06-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0499.nasl - Type : ACT_GATHER_INFO |
2010-06-01 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0343.nasl - Type : ACT_GATHER_INFO |
2010-05-20 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12616.nasl - Type : ACT_GATHER_INFO |
2010-05-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_seamonkey-100430.nasl - Type : ACT_GATHER_INFO |
2010-05-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_seamonkey-100430.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0154.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0343.nasl - Type : ACT_GATHER_INFO |
2010-04-20 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_a30573dc489311dfa5f9001641aeabdf.nasl - Type : ACT_GATHER_INFO |
2010-04-14 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-071.nasl - Type : ACT_GATHER_INFO |
2010-04-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_krb5-100401.nasl - Type : ACT_GATHER_INFO |
2010-04-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_krb5-100401.nasl - Type : ACT_GATHER_INFO |
2010-04-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2031.nasl - Type : ACT_GATHER_INFO |
2010-04-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2025.nasl - Type : ACT_GATHER_INFO |
2010-03-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaThunderbird-100324.nasl - Type : ACT_GATHER_INFO |
2010-03-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaThunderbird-100324.nasl - Type : ACT_GATHER_INFO |
2010-03-29 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0153.nasl - Type : ACT_GATHER_INFO |
2010-03-29 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_3.nasl - Type : ACT_GATHER_INFO |
2010-03-29 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2010-002.nasl - Type : ACT_GATHER_INFO |
2010-03-22 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_56cfe192329f11dfabb2000f20797ede.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0154.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20024.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_1119.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-915-1.nasl - Type : ACT_GATHER_INFO |
2010-03-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-6562.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1840.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1885.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1922.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1931.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1956.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1998.nasl - Type : ACT_GATHER_INFO |
2010-01-12 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kdelibs4-100107.nasl - Type : ACT_GATHER_INFO |
2010-01-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-877-1.nasl - Type : ACT_GATHER_INFO |
2010-01-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-878-1.nasl - Type : ACT_GATHER_INFO |
2010-01-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0001.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1162.nasl - Type : ACT_GATHER_INFO |
2010-01-03 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_seamonkey-091223.nasl - Type : ACT_GATHER_INFO |
2009-12-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-346.nasl - Type : ACT_GATHER_INFO |
2009-12-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-339.nasl - Type : ACT_GATHER_INFO |
2009-12-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-091217.nasl - Type : ACT_GATHER_INFO |
2009-12-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-091221.nasl - Type : ACT_GATHER_INFO |
2009-12-23 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-6733.nasl - Type : ACT_GATHER_INFO |
2009-12-23 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mozilla-xulrunner190-6736.nasl - Type : ACT_GATHER_INFO |
2009-12-22 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12563.nasl - Type : ACT_GATHER_INFO |
2009-12-22 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaFirefox-091217.nasl - Type : ACT_GATHER_INFO |
2009-12-22 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-091217.nasl - Type : ACT_GATHER_INFO |
2009-12-22 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_mozilla-xulrunner190-091217.nasl - Type : ACT_GATHER_INFO |
2009-12-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1673.nasl - Type : ACT_GATHER_INFO |
2009-12-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1674.nasl - Type : ACT_GATHER_INFO |
2009-12-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-873-1.nasl - Type : ACT_GATHER_INFO |
2009-12-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-874-1.nasl - Type : ACT_GATHER_INFO |
2009-12-18 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-13333.nasl - Type : ACT_GATHER_INFO |
2009-12-18 | Name : The remote Fedora host is missing a security update. File : fedora_2009-13362.nasl - Type : ACT_GATHER_INFO |
2009-12-18 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-13366.nasl - Type : ACT_GATHER_INFO |
2009-12-17 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_01c57d20ea2611debd3900248c9b4be7.nasl - Type : ACT_GATHER_INFO |
2009-12-16 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_3016.nasl - Type : ACT_GATHER_INFO |
2009-12-16 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_356.nasl - Type : ACT_GATHER_INFO |
2009-12-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1673.nasl - Type : ACT_GATHER_INFO |
2009-12-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1674.nasl - Type : ACT_GATHER_INFO |
2009-12-16 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_201.nasl - Type : ACT_GATHER_INFO |
2009-12-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-871-1.nasl - Type : ACT_GATHER_INFO |
2009-12-08 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_kdelibs3-091202.nasl - Type : ACT_GATHER_INFO |
2009-12-08 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kdelibs3-091202.nasl - Type : ACT_GATHER_INFO |
2009-12-08 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kdelibs3-091204.nasl - Type : ACT_GATHER_INFO |
2009-12-08 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kdelibs3-091202.nasl - Type : ACT_GATHER_INFO |
2009-12-08 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kdelibs3-6691.nasl - Type : ACT_GATHER_INFO |
2009-12-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-290.nasl - Type : ACT_GATHER_INFO |
2009-12-02 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_6431c4dbdeb411de90780030843d3802.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_opera-091125.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_opera-091125.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_opera-091125.nasl - Type : ACT_GATHER_INFO |
2009-11-25 | Name : The remote host contains a web browser that is affected by multiple issues. File : opera_1010.nasl - Type : ACT_GATHER_INFO |
2009-11-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1601.nasl - Type : ACT_GATHER_INFO |
2009-11-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-853-2.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_mozilla-nspr-091104.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_mozilla-nspr-091104.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_mozilla-nspr-091103.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mozilla-nspr-6630.nasl - Type : ACT_GATHER_INFO |
2009-11-05 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-10981.nasl - Type : ACT_GATHER_INFO |
2009-11-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-091103.nasl - Type : ACT_GATHER_INFO |
2009-11-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-091102.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-091030.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_mozilla-xulrunner190-091030.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-6606.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mozilla-xulrunner190-6616.nasl - Type : ACT_GATHER_INFO |
2009-11-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-853-1.nasl - Type : ACT_GATHER_INFO |
2009-10-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1530.nasl - Type : ACT_GATHER_INFO |
2009-10-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1531.nasl - Type : ACT_GATHER_INFO |
2009-10-29 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-10878.nasl - Type : ACT_GATHER_INFO |
2009-10-29 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_c87aa2d2c3c411deab08000f20797ede.nasl - Type : ACT_GATHER_INFO |
2009-10-29 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_3015.nasl - Type : ACT_GATHER_INFO |
2009-10-29 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_354.nasl - Type : ACT_GATHER_INFO |
2009-10-29 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_20.nasl - Type : ACT_GATHER_INFO |
2009-10-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1530.nasl - Type : ACT_GATHER_INFO |
2009-10-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1531.nasl - Type : ACT_GATHER_INFO |
2009-10-20 | Name : The remote SuSE system is missing the security patch firefox35upgrade-6562 File : suse_firefox35upgrade-6562.nasl - Type : ACT_GATHER_INFO |
2009-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-6379.nasl - Type : ACT_GATHER_INFO |
2009-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-6495.nasl - Type : ACT_GATHER_INFO |
2009-10-01 | Name : The remote host contains a web browser that is affected by a buffer overflow ... File : google_chrome_3_0_195_24.nasl - Type : ACT_GATHER_INFO |
2009-10-01 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-090924.nasl - Type : ACT_GATHER_INFO |
2009-10-01 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_mozilla-xulrunner190-090917.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-090724.nasl - Type : ACT_GATHER_INFO |
2009-09-22 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-090916.nasl - Type : ACT_GATHER_INFO |
2009-09-22 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-090916.nasl - Type : ACT_GATHER_INFO |
2009-09-21 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-236.nasl - Type : ACT_GATHER_INFO |
2009-09-14 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-9494.nasl - Type : ACT_GATHER_INFO |
2009-09-14 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-9505.nasl - Type : ACT_GATHER_INFO |
2009-09-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1430.nasl - Type : ACT_GATHER_INFO |
2009-09-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1431.nasl - Type : ACT_GATHER_INFO |
2009-09-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1432.nasl - Type : ACT_GATHER_INFO |
2009-09-11 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_922d23989e2d11dea9980030843d3802.nasl - Type : ACT_GATHER_INFO |
2009-09-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-821-1.nasl - Type : ACT_GATHER_INFO |
2009-09-10 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_3014.nasl - Type : ACT_GATHER_INFO |
2009-09-10 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_353.nasl - Type : ACT_GATHER_INFO |
2009-09-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1430.nasl - Type : ACT_GATHER_INFO |
2009-09-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1431.nasl - Type : ACT_GATHER_INFO |
2009-09-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1432.nasl - Type : ACT_GATHER_INFO |
2009-08-04 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_352.nasl - Type : ACT_GATHER_INFO |
2009-07-31 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-182.nasl - Type : ACT_GATHER_INFO |
2009-07-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-090724.nasl - Type : ACT_GATHER_INFO |
2009-07-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-090724.nasl - Type : ACT_GATHER_INFO |
2009-07-24 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-7961.nasl - Type : ACT_GATHER_INFO |
2009-07-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1163.nasl - Type : ACT_GATHER_INFO |
2009-07-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-798-1.nasl - Type : ACT_GATHER_INFO |
2009-07-22 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_3012.nasl - Type : ACT_GATHER_INFO |
2009-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1162.nasl - Type : ACT_GATHER_INFO |
2009-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1163.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:41:23 |
|