Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name MDVSA-2013:087 First vendor Publication 2013-04-09
Vendor Mandriva Last vendor Modification 2013-04-09
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple security issues was identified and fixed in mozilla firefox:

Mozilla community member Tobias Schula reported that if gfx.color_management.enablev4 preference is enabled manually in about:config, some grayscale PNG images will be rendered incorrectly and cause memory corruption during PNG decoding when certain color profiles are in use. A crafted PNG image could use this flaw to leak data through rendered images drawing from random memory. By default, this preference is not enabled (CVE-2013-0792).

Security researcher Mariusz Mlynski reported a method to use browser navigations through history to load an arbitrary website with that page's baseURI property pointing to another site instead of the seemingly loaded one. The user will continue to see the incorrect site in the addressbar of the browser. This allows for a cross-site scripting (XSS) attack or the theft of data through a phishing attack (CVE-2013-0793).

Security researcher Cody Crews reported a mechanism to use the cloneNode method to bypass System Only Wrappers (SOW) and clone a protected node. This allows violation of the browser's same origin policy and could also lead to privilege escalation and the execution of arbitrary code (CVE-2013-0795).

Security researcher miaubiz used the Address Sanitizer tool to discover a crash in WebGL rendering when memory is freed that has not previously been allocated. This issue only affects Linux users who have Intel Mesa graphics drivers. The resulting crash could be potentially exploitable (CVE-2013-0796).

Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover an out-of-bounds write in Cairo graphics library. When certain values are passed to it during rendering, Cairo attempts to use negative boundaries or sizes for boxes, leading to a potentially exploitable crash in some instances (CVE-2013-0800).

Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2013-0788).

The mozilla firefox packages has been upgraded to the latest ESR version (17.0.5) which is unaffected by these security flaws.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2013:087

CWE : Common Weakness Enumeration

% Id Name
33 % CWE-264 Permissions, Privileges, and Access Controls
33 % CWE-200 Information Exposure
33 % CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:16182
 
Oval ID: oval:org.mitre.oval:def:16182
Title: DEPRECATED: The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (free of unallocated memory) via unspecified vectors.
Description: The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (free of unallocated memory) via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0796
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla Thunderbird ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16629
 
Oval ID: oval:org.mitre.oval:def:16629
Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0788
Version: 18
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Mozilla Firefox ESR
Mozilla Thunderbird ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16842
 
Oval ID: oval:org.mitre.oval:def:16842
Title: The System Only Wrapper (SOW) implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote attackers to bypass the Same Origin Policy or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.
Description: The System Only Wrapper (SOW) implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote attackers to bypass the Same Origin Policy or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0795
Version: 18
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Mozilla Firefox ESR
Mozilla Thunderbird ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16909
 
Oval ID: oval:org.mitre.oval:def:16909
Title: Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Description: Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0800
Version: 18
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Mozilla Firefox ESR
Mozilla Thunderbird ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16928
 
Oval ID: oval:org.mitre.oval:def:16928
Title: Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing.
Description: Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0793
Version: 18
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Mozilla Firefox ESR
Mozilla Thunderbird ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17021
 
Oval ID: oval:org.mitre.oval:def:17021
Title: Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a grayscale PNG image.
Description: Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a grayscale PNG image.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0792
Version: 13
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla SeaMonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17889
 
Oval ID: oval:org.mitre.oval:def:17889
Title: USN-1786-1 -- firefox vulnerabilities
Description: Firefox could be made to crash or run programs as your login if it opened a malicious website.
Family: unix Class: patch
Reference(s): USN-1786-1
CVE-2013-0788
CVE-2013-0789
CVE-2013-0791
CVE-2013-0792
CVE-2013-0793
CVE-2013-0794
CVE-2013-0795
CVE-2013-0796
CVE-2013-0800
Version: 7
Platform(s): Ubuntu 12.10
Ubuntu 12.04
Ubuntu 11.10
Ubuntu 10.04
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18184
 
Oval ID: oval:org.mitre.oval:def:18184
Title: USN-1791-1 -- thunderbird vulnerabilities
Description: Several security issues were fixed in Thunderbird.
Family: unix Class: patch
Reference(s): USN-1791-1
CVE-2013-0788
CVE-2013-0791
CVE-2013-0793
CVE-2013-0795
CVE-2013-0796
CVE-2013-0800
Version: 7
Platform(s): Ubuntu 12.10
Ubuntu 12.04
Ubuntu 11.10
Ubuntu 10.04
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18278
 
Oval ID: oval:org.mitre.oval:def:18278
Title: USN-1786-2 -- unity-firefox-extension update
Description: This update provides a compatible version of Unity Firefox Extension for Firefox 20.
Family: unix Class: patch
Reference(s): USN-1786-2
CVE-2013-0788
CVE-2013-0789
CVE-2013-0791
CVE-2013-0792
CVE-2013-0793
CVE-2013-0794
CVE-2013-0795
CVE-2013-0796
CVE-2013-0800
Version: 7
Platform(s): Ubuntu 12.10
Product(s): unity-firefox-extension
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21149
 
Oval ID: oval:org.mitre.oval:def:21149
Title: RHSA-2013:0696: firefox security update (Critical)
Description: Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Family: unix Class: patch
Reference(s): RHSA-2013:0696-01
CESA-2013:0696
CVE-2013-0788
CVE-2013-0793
CVE-2013-0795
CVE-2013-0796
CVE-2013-0800
Version: 73
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21181
 
Oval ID: oval:org.mitre.oval:def:21181
Title: RHSA-2013:0697: thunderbird security update (Important)
Description: Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Family: unix Class: patch
Reference(s): RHSA-2013:0697-01
CESA-2013:0697
CVE-2013-0788
CVE-2013-0793
CVE-2013-0795
CVE-2013-0796
CVE-2013-0800
Version: 73
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22867
 
Oval ID: oval:org.mitre.oval:def:22867
Title: DEPRECATED: ELSA-2013:0696: firefox security update (Critical)
Description: Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Family: unix Class: patch
Reference(s): ELSA-2013:0696-01
CVE-2013-0788
CVE-2013-0793
CVE-2013-0795
CVE-2013-0796
CVE-2013-0800
Version: 26
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23187
 
Oval ID: oval:org.mitre.oval:def:23187
Title: DEPRECATED: ELSA-2013:0697: thunderbird security update (Important)
Description: Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Family: unix Class: patch
Reference(s): ELSA-2013:0697-01
CVE-2013-0788
CVE-2013-0793
CVE-2013-0795
CVE-2013-0796
CVE-2013-0800
Version: 26
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23948
 
Oval ID: oval:org.mitre.oval:def:23948
Title: ELSA-2013:0697: thunderbird security update (Important)
Description: Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Family: unix Class: patch
Reference(s): ELSA-2013:0697-01
CVE-2013-0788
CVE-2013-0793
CVE-2013-0795
CVE-2013-0796
CVE-2013-0800
Version: 25
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23978
 
Oval ID: oval:org.mitre.oval:def:23978
Title: ELSA-2013:0696: firefox security update (Critical)
Description: Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Family: unix Class: patch
Reference(s): ELSA-2013:0696-01
CVE-2013-0788
CVE-2013-0793
CVE-2013-0795
CVE-2013-0796
CVE-2013-0800
Version: 25
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27026
 
Oval ID: oval:org.mitre.oval:def:27026
Title: DEPRECATED: ELSA-2013-0696 -- firefox security update (critical)
Description: firefox [17.0.5-1.0.1] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [17.0.5-1] - Update to 17.0.5 ESR xulrunner [17.0.5-1.0.1.el6_4] - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNER_VERSION from SOURCE21 [17.0.5-1] - Update to 17.0.5 ESR [17.0.3-3] - Added fix for rhbz#916180 - Wrong library directory reference in /usr/bin/xulrunner
Family: unix Class: patch
Reference(s): ELSA-2013-0696
CVE-2013-0796
CVE-2013-0800
CVE-2013-0795
CVE-2013-0788
CVE-2013-0793
Version: 4
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27364
 
Oval ID: oval:org.mitre.oval:def:27364
Title: DEPRECATED: ELSA-2013-0697 -- thunderbird security update (important)
Description: [17.0.5-1.0.1.el6_4] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [17.0.5-1] - Update to 17.0.5 ESR
Family: unix Class: patch
Reference(s): ELSA-2013-0697
CVE-2013-0800
CVE-2013-0796
CVE-2013-0788
CVE-2013-0795
CVE-2013-0793
Version: 4
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): thunderbird
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 331
Application 23
Application 185
Application 224
Application 19
Os 4
Os 1
Os 4
Os 2
Os 5
Os 2

Nessus® Vulnerability Scanner

Date Description
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-0850-1.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-574.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-400.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-309.nasl - Type : ACT_GATHER_INFO
2013-09-28 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201309-23.nasl - Type : ACT_GATHER_INFO
2013-07-18 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_firefox-20130628-130702.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2013-0697.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0696.nasl - Type : ACT_GATHER_INFO
2013-07-07 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2720.nasl - Type : ACT_GATHER_INFO
2013-06-03 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2699.nasl - Type : ACT_GATHER_INFO
2013-05-29 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_firefox-20130516-8578.nasl - Type : ACT_GATHER_INFO
2013-05-29 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_firefox-20130516-130517.nasl - Type : ACT_GATHER_INFO
2013-05-29 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_firefox-20130516-130516.nasl - Type : ACT_GATHER_INFO
2013-04-22 Name : The remote Fedora host is missing a security update.
File : fedora_2013-4871.nasl - Type : ACT_GATHER_INFO
2013-04-16 Name : The remote Fedora host is missing a security update.
File : fedora_2013-4957.nasl - Type : ACT_GATHER_INFO
2013-04-16 Name : The remote Fedora host is missing a security update.
File : fedora_2013-4983.nasl - Type : ACT_GATHER_INFO
2013-04-09 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_firefox-20130404-8537.nasl - Type : ACT_GATHER_INFO
2013-04-09 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_firefox-20130404-130404.nasl - Type : ACT_GATHER_INFO
2013-04-09 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1791-1.nasl - Type : ACT_GATHER_INFO
2013-04-08 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_949764339c7411e2a9fcd43d7e0c7c02.nasl - Type : ACT_GATHER_INFO
2013-04-05 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1786-2.nasl - Type : ACT_GATHER_INFO
2013-04-05 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1786-1.nasl - Type : ACT_GATHER_INFO
2013-04-04 Name : The remote Windows host contains a web browser that is potentially affected b...
File : seamonkey_217.nasl - Type : ACT_GATHER_INFO
2013-04-04 Name : The remote Windows host contains a mail client that is potentially affected b...
File : mozilla_thunderbird_1705_esr.nasl - Type : ACT_GATHER_INFO
2013-04-04 Name : The remote Windows host contains a mail client that is potentially affected b...
File : mozilla_thunderbird_1705.nasl - Type : ACT_GATHER_INFO
2013-04-04 Name : The remote Windows host contains a web browser that is potentially affected b...
File : mozilla_firefox_20.nasl - Type : ACT_GATHER_INFO
2013-04-04 Name : The remote Windows host contains a web browser that is potentially affected b...
File : mozilla_firefox_1705_esr.nasl - Type : ACT_GATHER_INFO
2013-04-04 Name : The remote Mac OS X host contains a mail client that is potentially affected ...
File : macosx_thunderbird_17_0_5_esr.nasl - Type : ACT_GATHER_INFO
2013-04-04 Name : The remote Mac OS X host contains a mail client that is potentially affected ...
File : macosx_thunderbird_17_0_5.nasl - Type : ACT_GATHER_INFO
2013-04-04 Name : The remote Mac OS X host contains a web browser that is potentially affected ...
File : macosx_firefox_20.nasl - Type : ACT_GATHER_INFO
2013-04-04 Name : The remote Mac OS X host contains a web browser that is potentially affected ...
File : macosx_firefox_17_0_5_esr.nasl - Type : ACT_GATHER_INFO
2013-04-03 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2013-0697.nasl - Type : ACT_GATHER_INFO
2013-04-03 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130402_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-04-03 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130402_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-04-03 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0697.nasl - Type : ACT_GATHER_INFO
2013-04-03 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0696.nasl - Type : ACT_GATHER_INFO
2013-04-03 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-0696.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2013-04-09 21:18:24
  • First insertion