Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2012:173 | First vendor Publication | 2012-11-21 |
Vendor | Mandriva | Last vendor Modification | 2012-11-21 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple security issue were identified and fixed in mozilla firefox: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2012-5842). Security researcher Atte Kettunen from OUSPG used the Address Sanitizer tool to discover a buffer overflow while rendering GIF format images. This issue is potentially exploitable and could lead to arbitrary code execution (CVE-2012-4202). Mozilla security researcher moz_bug_r_a4 reported that if code executed by the evalInSandbox function sets location.href, it can get the wrong subject principal for the URL check, ignoring the sandbox's Javascript context and gaining the context of evalInSandbox object. This can lead to malicious web content being able to perform a cross-site scripting (XSS) attack or stealing a copy of a local file if the user has installed an add-on vulnerable to this attack (CVE-2012-4201). Mozilla developer Bobby Holley reported that security wrappers filter at the time of property access, but once a function is returned, the caller can use this function without further security checks. This affects cross-origin wrappers, allowing for write actions on objects when only read actions should be properly allowed. This can lead to cross-site scripting (XSS) attacks (CVE-2012-5841). Security researcher Masato Kinugawa found when HZ-GB-2312 charset encoding is used for text, the ~ character will destroy another character near the chunk delimiter. This can lead to a cross-site scripting (XSS) attack in pages encoded in HZ-GB-2312 (CVE-2012-4207). Security researcher Mariusz Mlynski reported that the location property can be accessed by binary plugins through top.location with a frame whose name attribute's value is set to top. This can allow for possible cross-site scripting (XSS) attacks through plugins (CVE-2012-4209). Security researcher Mariusz Mlynski reported that when a maliciously crafted stylesheet is inspected in the Style Inspector, HTML and CSS can run in a chrome privileged context without being properly sanitized first. This can lead to arbitrary code execution (CVE-2012-4210). Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team discovered a series critically rated of use-after-free and buffer overflow issues using the Address Sanitizer tool in shipped software. These issues are potentially exploitable, allowing for remote code execution. We would also like to thank Abhishek for reporting five additional use-after-free, out of bounds read, and buffer overflow flaws introduced during Firefox development that were fixed before general release (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5839, CVE-2012-5840). Security researcher miaubiz used the Address Sanitizer tool to discover a series critically rated of use-after-free, buffer overflow, and memory corruption issues in shipped software. These issues are potentially exploitable, allowing for remote code execution. We would also like to thank miaubiz for reporting two additional use-after-free and memory corruption issues introduced during Firefox development that were fixed before general release (CVE-2012-5833, CVE-2012-5835). The mozilla firefox packages has been upgraded to the latest version which is unaffected by these security flaws. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2012:173 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
29 % | CWE-416 | Use After Free |
29 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
21 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
7 % | CWE-264 | Permissions, Privileges, and Access Controls |
7 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
7 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15995 | |||
Oval ID: | oval:org.mitre.oval:def:15995 | ||
Title: | The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code that sets the location.href property, which allows remote attackers to conduct cross-site scripting (XSS) attacks or read arbitrary files by leveraging a sandboxed add-on. | ||
Description: | The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code that sets the location.href property, which allows remote attackers to conduct cross-site scripting (XSS) attacks or read arbitrary files by leveraging a sandboxed add-on. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4201 | Version: | 18 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16573 | |||
Oval ID: | oval:org.mitre.oval:def:16573 | ||
Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5842 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16590 | |||
Oval ID: | oval:org.mitre.oval:def:16590 | ||
Title: | Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering behavior that does not properly restrict write actions, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site. | ||
Description: | Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering behavior that does not properly restrict write actions, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5841 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16603 | |||
Oval ID: | oval:org.mitre.oval:def:16603 | ||
Title: | Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data. | ||
Description: | Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5835 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16690 | |||
Oval ID: | oval:org.mitre.oval:def:16690 | ||
Title: | Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
Description: | Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4215 | Version: | 22 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16739 | |||
Oval ID: | oval:org.mitre.oval:def:16739 | ||
Title: | Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image. | ||
Description: | Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4202 | Version: | 22 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16748 | |||
Oval ID: | oval:org.mitre.oval:def:16748 | ||
Title: | The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via function calls involving certain values of the level parameter. | ||
Description: | The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via function calls involving certain values of the level parameter. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5833 | Version: | 21 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16833 | |||
Oval ID: | oval:org.mitre.oval:def:16833 | ||
Title: | The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 does not properly restrict the context of HTML markup and Cascading Style Sheets (CSS) token sequences, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted stylesheet. | ||
Description: | The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 does not properly restrict the context of HTML markup and Cascading Style Sheets (CSS) token sequences, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted stylesheet. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4210 | Version: | 8 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Firefox ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16849 | |||
Oval ID: | oval:org.mitre.oval:def:16849 | ||
Title: | Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors. | ||
Description: | Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5829 | Version: | 19 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16880 | |||
Oval ID: | oval:org.mitre.oval:def:16880 | ||
Title: | Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame name-attribute value to access the location property, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a binary plugin. | ||
Description: | Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame name-attribute value to access the location property, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a binary plugin. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4209 | Version: | 18 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16884 | |||
Oval ID: | oval:org.mitre.oval:def:16884 | ||
Title: | Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-5840. | ||
Description: | Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-5840. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4214 | Version: | 19 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16902 | |||
Oval ID: | oval:org.mitre.oval:def:16902 | ||
Title: | Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
Description: | Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4216 | Version: | 19 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16904 | |||
Oval ID: | oval:org.mitre.oval:def:16904 | ||
Title: | Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4214. | ||
Description: | Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4214. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5840 | Version: | 22 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16955 | |||
Oval ID: | oval:org.mitre.oval:def:16955 | ||
Title: | The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document. | ||
Description: | The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4207 | Version: | 18 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16968 | |||
Oval ID: | oval:org.mitre.oval:def:16968 | ||
Title: | Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors. | ||
Description: | Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5839 | Version: | 22 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18575 | |||
Oval ID: | oval:org.mitre.oval:def:18575 | ||
Title: | DSA-2583-1 iceweasel - several | ||
Description: | Multiple vulnerabilities have been found in Iceweasel, the Debian web browser based on Mozilla Firefox: | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2583-1 CVE-2012-4201 CVE-2012-4207 CVE-2012-4216 CVE-2012-5829 CVE-2012-5842 | Version: | 7 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | iceweasel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19855 | |||
Oval ID: | oval:org.mitre.oval:def:19855 | ||
Title: | DSA-2588-1 icedove - several | ||
Description: | Multiple vulnerabilities have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2588-1 CVE-2012-4201 CVE-2012-4207 CVE-2012-4216 CVE-2012-5829 CVE-2012-5842 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | icedove |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20112 | |||
Oval ID: | oval:org.mitre.oval:def:20112 | ||
Title: | DSA-2584-1 iceape - several | ||
Description: | Multiple vulnerabilities have been found in Iceape, the Debian Internet suite based on Mozilla Seamonkey. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2584-1 CVE-2012-4201 CVE-2012-4207 CVE-2012-4216 CVE-2012-5829 CVE-2012-5842 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | iceape |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21071 | |||
Oval ID: | oval:org.mitre.oval:def:21071 | ||
Title: | RHSA-2012:1482: firefox security update (Critical) | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1482-01 CESA-2012:1482 CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4210 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 | Version: | 211 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21630 | |||
Oval ID: | oval:org.mitre.oval:def:21630 | ||
Title: | RHSA-2012:1483: thunderbird security update (Critical) | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1483-01 CESA-2012:1483 CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 | Version: | 198 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23148 | |||
Oval ID: | oval:org.mitre.oval:def:23148 | ||
Title: | DEPRECATED: ELSA-2012:1483: thunderbird security update (Critical) | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1483-01 CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 | Version: | 66 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23314 | |||
Oval ID: | oval:org.mitre.oval:def:23314 | ||
Title: | ELSA-2012:1483: thunderbird security update (Critical) | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1483-01 CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 | Version: | 65 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23474 | |||
Oval ID: | oval:org.mitre.oval:def:23474 | ||
Title: | DEPRECATED: ELSA-2012:1482: firefox security update (Critical) | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1482-01 CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4210 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 | Version: | 70 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23820 | |||
Oval ID: | oval:org.mitre.oval:def:23820 | ||
Title: | ELSA-2012:1482: firefox security update (Critical) | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1482-01 CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4210 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 | Version: | 69 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26852 | |||
Oval ID: | oval:org.mitre.oval:def:26852 | ||
Title: | DEPRECATED: ELSA-2012-1483 -- thunderbird security update (critical) | ||
Description: | [10.0.11-1.0.1.el6_3] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [10.0.11-1] - Update to 10.0.11 ESR | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1483 CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27829 | |||
Oval ID: | oval:org.mitre.oval:def:27829 | ||
Title: | DEPRECATED: ELSA-2012-1482 -- firefox security update (critical) | ||
Description: | firefox [10.0.11-1.0.1.el6_3] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [10.0.11-1] - Update to 10.0.11 ESR xulrunner [10.0.11-1.0.1.el6_3] - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [10.0.11-1] - Update to 10.0.11 ESR | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1482 CVE-2012-4201 CVE-2012-4202 CVE-2012-4207 CVE-2012-4209 CVE-2012-4210 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2013-09-18 | Name : Debian Security Advisory DSA 2588-1 (icedove - several vulnerabilities) File : nvt/deb_2588_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2584-1 (iceape - several vulnerabilities) File : nvt/deb_2584_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2583-1 (iceweasel - several vulnerabilities) File : nvt/deb_2583_1.nasl |
2013-04-01 | Name : Mozilla Firefox ESR Code Execution Vulnerabilities - November12 (Mac OS X) File : nvt/gb_mozilla_firefox_esr_code_exec_vuln_nov12_macosx.nasl |
2013-04-01 | Name : Mozilla Firefox ESR Code Execution Vulnerabilities - November12 (Windows) File : nvt/gb_mozilla_firefox_esr_code_exec_vuln_nov12_win.nasl |
2012-12-06 | Name : Fedora Update for seamonkey FEDORA-2012-18931 File : nvt/gb_fedora_2012_18931_seamonkey_fc16.nasl |
2012-12-06 | Name : Fedora Update for seamonkey FEDORA-2012-18952 File : nvt/gb_fedora_2012_18952_seamonkey_fc17.nasl |
2012-12-04 | Name : Ubuntu Update for firefox USN-1638-3 File : nvt/gb_ubuntu_USN_1638_3.nasl |
2012-11-26 | Name : Mozilla Firefox ESR Multiple Vulnerabilities-01 November12 (Windows) File : nvt/gb_mozilla_firefox_esr_mult_vuln01_nov12_win.nasl |
2012-11-26 | Name : Mozilla Thunderbird Multiple Vulnerabilities-01 November12 (Windows) File : nvt/gb_mozilla_thunderbird_mult_vuln01_nov12_win.nasl |
2012-11-26 | Name : Mozilla Thunderbird ESR Multiple Vulnerabilities-01 November12 (Windows) File : nvt/gb_mozilla_thunderbird_esr_mult_vuln01_nov12_win.nasl |
2012-11-26 | Name : Mozilla SeaMonkey Multiple Vulnerabilities-01 November12 (Windows) File : nvt/gb_mozilla_seamonkey_mult_vuln01_nov12_win.nasl |
2012-11-26 | Name : Mozilla Firefox Multiple Vulnerabilities-01 November12 (Windows) File : nvt/gb_mozilla_prdts_mult_vuln01_nov12_win.nasl |
2012-11-26 | Name : Mozilla Firefox Multiple Vulnerabilities-01 November12 (Mac OS X) File : nvt/gb_mozilla_prdts_mult_vuln01_nov12_macosx.nasl |
2012-11-26 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox72.nasl |
2012-11-26 | Name : Mozilla Firefox Code Execution Vulnerabilities - November12 (Windows) File : nvt/gb_mozilla_firefox_code_exec_vuln_nov12_win.nasl |
2012-11-26 | Name : Mozilla Firefox Code Execution Vulnerabilities - November12 (Mac OS X) File : nvt/gb_mozilla_firefox_code_exec_vuln_nov12_macosx.nasl |
2012-11-23 | Name : RedHat Update for thunderbird RHSA-2012:1483-01 File : nvt/gb_RHSA-2012_1483-01_thunderbird.nasl |
2012-11-23 | Name : RedHat Update for firefox RHSA-2012:1482-01 File : nvt/gb_RHSA-2012_1482-01_firefox.nasl |
2012-11-23 | Name : Ubuntu Update for thunderbird USN-1636-1 File : nvt/gb_ubuntu_USN_1636_1.nasl |
2012-11-23 | Name : Ubuntu Update for firefox USN-1638-1 File : nvt/gb_ubuntu_USN_1638_1.nasl |
2012-11-23 | Name : Ubuntu Update for ubufox USN-1638-2 File : nvt/gb_ubuntu_USN_1638_2.nasl |
2012-11-23 | Name : CentOS Update for thunderbird CESA-2012:1483 centos6 File : nvt/gb_CESA-2012_1483_thunderbird_centos6.nasl |
2012-11-23 | Name : CentOS Update for thunderbird CESA-2012:1483 centos5 File : nvt/gb_CESA-2012_1483_thunderbird_centos5.nasl |
2012-11-23 | Name : CentOS Update for firefox CESA-2012:1482 centos6 File : nvt/gb_CESA-2012_1482_firefox_centos6.nasl |
2012-11-23 | Name : CentOS Update for firefox CESA-2012:1482 centos5 File : nvt/gb_CESA-2012_1482_firefox_centos5.nasl |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-0306-1.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-817.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-818.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-819.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-820.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-17.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2012-1483.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1482.nasl - Type : ACT_GATHER_INFO |
2013-02-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1681-4.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-201301-130110.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-20121121-121123.nasl - Type : ACT_GATHER_INFO |
2013-01-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1681-3.nasl - Type : ACT_GATHER_INFO |
2013-01-20 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox-201301-8426.nasl - Type : ACT_GATHER_INFO |
2013-01-15 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_18_0.nasl - Type : ACT_GATHER_INFO |
2013-01-15 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_215.nasl - Type : ACT_GATHER_INFO |
2013-01-15 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_180.nasl - Type : ACT_GATHER_INFO |
2013-01-10 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_a4ed66325aa911e28fcbc8600054b392.nasl - Type : ACT_GATHER_INFO |
2013-01-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1681-1.nasl - Type : ACT_GATHER_INFO |
2013-01-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1681-2.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-12-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2588.nasl - Type : ACT_GATHER_INFO |
2012-12-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2584.nasl - Type : ACT_GATHER_INFO |
2012-12-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2583.nasl - Type : ACT_GATHER_INFO |
2012-12-04 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1638-3.nasl - Type : ACT_GATHER_INFO |
2012-12-04 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18894.nasl - Type : ACT_GATHER_INFO |
2012-12-04 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18931.nasl - Type : ACT_GATHER_INFO |
2012-12-04 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18952.nasl - Type : ACT_GATHER_INFO |
2012-11-29 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox-20121121-8381.nasl - Type : ACT_GATHER_INFO |
2012-11-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2012-1483.nasl - Type : ACT_GATHER_INFO |
2012-11-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1638-2.nasl - Type : ACT_GATHER_INFO |
2012-11-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1638-1.nasl - Type : ACT_GATHER_INFO |
2012-11-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1636-1.nasl - Type : ACT_GATHER_INFO |
2012-11-23 | Name : The remote Scientific Linux host is missing a security update. File : sl_20121120_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-11-23 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121120_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-11-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1482.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_214.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1483.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1482.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_170.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_10011.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_170.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_10011.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_10_0_11.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_17_0.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_10_0_11.nasl - Type : ACT_GATHER_INFO |
2012-11-21 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_d23119df335d11e2b64cc8600054b392.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2012-11-21 17:24:46 |
|
2012-11-21 17:23:04 |
|