Executive Summary

Summary
Title Updated mozilla packages fix security issues
Informations
Name RHSA-2004:421 First vendor Publication 2004-08-04
Vendor RedHat Last vendor Modification 2004-08-04
Severity (Vendor) N/A Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated mozilla packages based on version 1.4.3 that fix a number of security issues for Red Hat Enterprise Linux are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor.

A number of flaws have been found in Mozilla 1.4 that have been fixed in the Mozilla 1.4.3 release:

Zen Parse reported improper input validation to the SOAPParameter object constructor leading to an integer overflow and controllable heap corruption. Malicious JavaScript could be written to utilize this flaw and could allow arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0722 to this issue.

During a source code audit, Chris Evans discovered a buffer overflow and integer overflows which affect the libpng code inside Mozilla. An attacker could create a carefully crafted PNG file in such a way that it would cause Mozilla to crash or execute arbitrary code when the image was viewed. (CAN-2004-0597, CAN-2004-0599)

Zen Parse reported a flaw in the POP3 capability. A malicious POP3 server could send a carefully crafted response that would cause a heap overflow and potentially allow execution of arbitrary code as the user running Mozilla. (CAN-2004-0757)

Marcel Boesch found a flaw that allows a CA certificate to be imported with a DN the same as that of the built-in CA root certificates, which can cause a denial of service to SSL pages, as the malicious certificate is treated as invalid. (CAN-2004-0758)

Met - Martin Hassman reported a flaw in Mozilla that could allow malicious Javascript code to upload local files from a users machine without requiring confirmation. (CAN-2004-0759)

Mindlock Security reported a flaw in ftp URI handling. By using a NULL character (%00) in a ftp URI, Mozilla can be confused into opening a resource as a different MIME type. (CAN-2004-0760)

Mozilla does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates website spoofing and other attacks, also known as the frame injection vulnerability. (CAN-2004-0718)

Tolga Tarhan reported a flaw that can allow a malicious webpage to use a redirect sequence to spoof the security lock icon that makes a webpage appear to be encrypted. (CAN-2004-0761)

Jesse Ruderman reported a security issue that affects a number of browsers including Mozilla that could allow malicious websites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box. (CAN-2004-0762)

Emmanouel Kellinis discovered a caching flaw in Mozilla which allows malicious websites to spoof certificates of trusted websites via redirects and Javascript that uses the "onunload" method. (CAN-2004-0763)

Mozilla allowed malicious websites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files. (CAN-2004-0764)

The cert_TestHostName function in Mozilla only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN). This flaw could be used for spoofing if an attacker had control of machines on a default DNS search path. (CAN-2004-0765)

All users are advised to update to these erratum packages which contain a snapshot of Mozilla 1.4.3 including backported fixes and are not vulnerable to these issues.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info):

127338 - CAN-2004-0718 frame injection (spoofing) vuln in Mozilla before 1.7 127186 - CAN-2004-0758 Overriding built-in certificate leading to error -8182 (DoS), especially exploitable by email

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2004-421.html

CAPEC : Common Attack Pattern Enumeration & Classification

Id Name
CAPEC-64 Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-72 URL Encoding

CWE : Common Weakness Enumeration

% Id Name

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10032
 
Oval ID: oval:org.mitre.oval:def:10032
Title: Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box.
Description: Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0762
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10304
 
Oval ID: oval:org.mitre.oval:def:10304
Title: Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service to SSL pages because the malicious certificate is treated as invalid.
Description: Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service to SSL pages because the malicious certificate is treated as invalid.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0758
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10938
 
Oval ID: oval:org.mitre.oval:def:10938
Title: Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (application crash) via a malformed PNG image.
Description: Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (application crash) via a malformed PNG image.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0599
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11042
 
Oval ID: oval:org.mitre.oval:def:11042
Title: Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.
Description: Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0757
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11090
 
Oval ID: oval:org.mitre.oval:def:11090
Title: Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI.
Description: Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0760
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11153
 
Oval ID: oval:org.mitre.oval:def:11153
Title: Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an input type="file" tag.
Description: Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an <input type="file"> tag.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0759
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11162
 
Oval ID: oval:org.mitre.oval:def:11162
Title: The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN), which allows remote attackers to spoof trusted certificates.
Description: The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN), which allows remote attackers to spoof trusted certificates.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0765
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11284
 
Oval ID: oval:org.mitre.oval:def:11284
Title: Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Description: Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0597
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1227
 
Oval ID: oval:org.mitre.oval:def:1227
Title: Mozilla FTP URI MIME Type Exploit Vulnerability
Description: Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0760
Version: 1
Platform(s): Sun Solaris 8
Product(s): mozilla
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1479
 
Oval ID: oval:org.mitre.oval:def:1479
Title: Integer Overflow in libpng via Malformed PNG Image
Description: Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (application crash) via a malformed PNG image.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0599
Version: 1
Platform(s): Sun Solaris 7
Product(s): libpng
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:2274
 
Oval ID: oval:org.mitre.oval:def:2274
Title: Windows Messenger 5 libpng Buffer Overflow
Description: Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0597
Version: 7
Platform(s): Microsoft Windows 2000
Product(s): Microsoft Data Access Components 2.8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:2378
 
Oval ID: oval:org.mitre.oval:def:2378
Title: Multiple Buffer Overflows in libpng
Description: Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0597
Version: 1
Platform(s): Sun Solaris 7
Product(s): libpng
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:2418
 
Oval ID: oval:org.mitre.oval:def:2418
Title: Mozilla, Firefox, Thunderbird User Interface Hijacking Vulnerability
Description: Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0764
Version: 1
Platform(s): Sun Solaris 8
Product(s): mozilla
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:3134
 
Oval ID: oval:org.mitre.oval:def:3134
Title: Mozilla CA Certificate DoS
Description: Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service to SSL pages because the malicious certificate is treated as invalid.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0758
Version: 1
Platform(s): Sun Solaris 8
Product(s): mozilla
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:3250
 
Oval ID: oval:org.mitre.oval:def:3250
Title: Mozilla, Firefox, Thunderbird POP3 SendUidl Buffer Overflow
Description: Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0757
Version: 1
Platform(s): Sun Solaris 8
Product(s): mozilla
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:3603
 
Oval ID: oval:org.mitre.oval:def:3603
Title: Mozilla, Firefox, Thunderbird Security Lock Icon Spoof Vulnerability
Description: Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0761
Version: 1
Platform(s): Sun Solaris 8
Product(s): mozilla
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:3989
 
Oval ID: oval:org.mitre.oval:def:3989
Title: Mozilla Firefox Certificate Spoofing Vulnerability
Description: Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0763
Version: 1
Platform(s): Sun Solaris 8
Product(s): mozilla
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:4403
 
Oval ID: oval:org.mitre.oval:def:4403
Title: Mozilla, Firefox, Thunderbird XPInstall Security Vulnerability
Description: Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0762
Version: 1
Platform(s): Sun Solaris 8
Product(s): mozilla
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:4492
 
Oval ID: oval:org.mitre.oval:def:4492
Title: Adobe Acrobat Reader libpng Buffer Overflow
Description: Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0597
Version: 2
Platform(s): Microsoft Windows 98
Microsoft Windows ME
Microsoft Windows NT
Microsoft Windows 2000
Microsoft Windows XP
Product(s): Adobe Acrobat Reader
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:4629
 
Oval ID: oval:org.mitre.oval:def:4629
Title: Mozilla, Netscape SOAPParameter Integer Overflow
Description: Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0722
Version: 1
Platform(s): Sun Solaris 8
Product(s): mozilla
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:4756
 
Oval ID: oval:org.mitre.oval:def:4756
Title: Mozilla, Firebird, Firefox Frame Injection Vulnerability
Description: The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0718
Version: 1
Platform(s): Sun Solaris 8
Product(s): mozilla
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:594
 
Oval ID: oval:org.mitre.oval:def:594
Title: Windows Messenger 6 libpng Buffer Overflow
Description: Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0597
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Product(s): MSN Messenger
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7709
 
Oval ID: oval:org.mitre.oval:def:7709
Title: libpng buffer overflow
Description: Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0597
Version: 9
Platform(s): Microsoft Windows 98
Microsoft Windows ME
Microsoft Windows NT
Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Product(s): MSN Messenger 4.7
MSN Messenger 6.1
MSN Messenger 6.2
Adobe Acrobat Reader
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9240
 
Oval ID: oval:org.mitre.oval:def:9240
Title: Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted.
Description: Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0761
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9378
 
Oval ID: oval:org.mitre.oval:def:9378
Title: Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.
Description: Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0722
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9419
 
Oval ID: oval:org.mitre.oval:def:9419
Title: Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files.
Description: Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0764
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9436
 
Oval ID: oval:org.mitre.oval:def:9436
Title: Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method.
Description: Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0763
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9997
 
Oval ID: oval:org.mitre.oval:def:9997
Title: The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
Description: The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0718
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 17
Application 2
Application 1
Application 1
Application 23
Application 52
Application 11
Application 2
Os 1
Os 1

OpenVAS Exploits

Date Description
2009-10-10 Name : SLES9: Security update for Mozilla
File : nvt/sles9p5016546.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200507-14 (mozilla)
File : nvt/glsa_200507_14.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200408-22 (mozilla)
File : nvt/glsa_200408_22.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200408-03 (libpng)
File : nvt/glsa_200408_03.nasl
2008-09-04 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox14.nasl
2008-09-04 Name : FreeBSD Ports: thunderbird
File : nvt/freebsd_thunderbird2.nasl
2008-09-04 Name : FreeBSD Ports: thunderbird
File : nvt/freebsd_thunderbird1.nasl
2008-09-04 Name : FreeBSD Ports: png
File : nvt/freebsd_png.nasl
2008-09-04 Name : FreeBSD Ports: mozilla
File : nvt/freebsd_mozilla0.nasl
2008-09-04 Name : FreeBSD Ports: mozilla
File : nvt/freebsd_mozilla.nasl
2008-09-04 Name : FreeBSD Ports: kdelibs
File : nvt/freebsd_kdelibs1.nasl
2008-09-04 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox9.nasl
2008-09-04 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox18.nasl
2008-09-04 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox13.nasl
2008-09-04 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox12.nasl
2008-09-04 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox11.nasl
2008-09-04 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox10.nasl
2008-09-04 Name : FreeBSD Ports: ImageMagick, ImageMagick-nox11
File : nvt/freebsd_ImageMagick3.nasl
2008-01-17 Name : Debian Security Advisory DSA 536-1 (libpng)
File : nvt/deb_536_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 810-1 (mozilla)
File : nvt/deb_810_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 777-1 (mozilla)
File : nvt/deb_777_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 775-1 (mozilla)
File : nvt/deb_775_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 571-1 (libpng3)
File : nvt/deb_571_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 570-1 (libpng)
File : nvt/deb_570_1.nasl
2005-11-03 Name : Mozilla/Firefox security manager certificate handling DoS
File : nvt/mozilla_certif_handle_dos.nasl
2005-11-03 Name : Mozilla/Firefox user interface spoofing
File : nvt/mozilla_firefox_xul_spoof.nasl
0000-00-00 Name : Slackware Advisory SSA:2004-223-02 imagemagick
File : nvt/esoft_slk_ssa_2004_223_02.nasl
0000-00-00 Name : Slackware Advisory SSA:2004-223-01 Mozilla
File : nvt/esoft_slk_ssa_2004_223_01.nasl
0000-00-00 Name : Slackware Advisory SSA:2004-222-01 libpng
File : nvt/esoft_slk_ssa_2004_222_01.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
59835 Netscape Cross-domain Frame Injection Content Spoofing

59834 Mozilla Multiple Browser Cross-domain Frame Injection Content Spoofing

59316 Netscape SOAPParameter Object Constructor Overflow

8326 libpng png_handle_tRNS Remote Overflow

A remote overflow exists in libpng. The library function png_handle_tRNS fails to perform a length check on PNG images resulting in a buffer overflow. With a specially crafted PNG file, an attacker can cause the execution of code resulting in a loss of integrity.
8316 libpng pngrutil.c Multiple Function Progressive Display Image Reading Overflow

A potential local integer overflow exists in libpng. The library function png_push_read_chunk contains code that might be susceptible to integer overflows. It is currently unknown how dangerous this code might be. With a specially crafted request, an attacker might cause crashes or execution of code resulting in a loss of availability.
8315 libpng png_read_png Integer Overflow

A local overflow exists in libpng. The library function png_read_png fails to validate the height of input PNG files resulting in a possible integer overflow. With a specially crafted request, an attacker might cause a crash of the applicatioin resulting in a loss of availability.
8314 libpng png_handle_sPLT Local Overflow

A local overflow exists in libpng. The library function png_handle_sPLT fails to validate input resulting in a possible integer overflow. With a specially crafted request, an attacker might theoretically cause execution of code resulting in a loss of integrity.
8312 libpng png_handle_sBIT() Local Overflow

A local overflow exists in libpng. The library function png_handle_sBIT relies on checks in other functions to perform input validation resulting in a possible buffer overflow. With a specially crafted PNG file, an attacker might cause execution of code resulting in a loss of integrity.
8311 Mozilla Browsers chrome/XML User Interface Spoofing

8310 Mozilla Browsers onunload Method SSL Certificate Spoofing

8309 Mozilla Browsers XPInstall Security Dialog Arbitrary Extension Installation

An attackers website can inject arbitrary Mozilla extensions by tricking the user into interactively accepting security dialog boxes without seeing the dialog box.
8308 Mozilla Browsers Redirect Sequence Security Icon Spoof

Mozilla based products contain a flaw that may allow a malicious user to spoof the SSL security icon. The issue is triggered when a specially crafted web paged is used to redirect the SSL information from another site. It is possible that the flaw may allow normal users to believe a page is encrypted when it truly is not resulting in a potential loss of confidentiality.
8307 Mozilla Browsers FTP URI Null Character MIME Type Spoofing Arbitrary Code Exe...

Mozilla based browsers contain a flaw that allows a remote code injection. This flaw exists because the application does not properly validate input before opening. This could allow a user to create a specially crafted URL containing NULL characters that would spoof the MIME type and potentially execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
8305 Mozilla Browsers Arbitrary File Upload

Mozilla contains a flaw that may allow a malicious user to capture or upload a file from a users machine. The issue is triggered when a user loads a malicious web page which uses a specially crafted javascript. It is possible that the flaw may allow an attacker to retrieve files from known locations without the user being notified, resulting in a loss of confidentiality.
8304 Mozilla Browsers cert_TestHostName Certificate Spoofing

Mozilla contains a flaw that may allow a malicious user to spoof a trusted certificate. The issue is triggered when Mozilla fails to securely verfiy the hostname on certificates for non-Fully Qualified Domain Names (FQDN.) It is possible that the flaw may allow the attacker to spoof the hostname resulting in a loss of integrity.
8303 Mozilla Browsers SendUidl POP3 Overflow

Mozilla contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a maliciously configured POP3 server overwrites heap memory in the users browser. It is possible that the flaw may allow remote code execution allowing system access and resulting in a loss of confidentiality and integrity.
8281 Mozilla Browsers SOAPParameter Object Constructor Overflow

Mozilla/Netscape contains a flaw that may allow a malicious user to corrupt heap information. The issue is triggered when an integer overflow in the SOAPParameter object constructor occurs. It is possible that the flaw may allow the remote execution of arbitrary code resulting in a loss of integrity and/or availability.
8238 Mozilla Browsers onunload SSL Certificate Spoofing

Mozilla and Mozilla Firefox contains a flaw that may allow a malicious user to spoof SSL certification. The issue is triggered when using "onunload" inside a < body> tag and redirection using http-equiv refresh metatag, document.write() and document.close(), which will spoof a trusted website. By sending a specially crafted webpage, a remote attacker can represent the malicious Web site as that of a trusted site, resulting in a loss of integrity.
7939 Mozilla Multiple Browsers CA Certificate SSL Page DoS

Mozilla browsers contain a flaw that may allow a denial of service on stored certificates. The issue is triggered when receiving certificates with existing DN and different serial number as a built-in CA root cert occurs, and will result in the built-in CA root cert being overwritten. Ultimately this may result in loss of availability for sites using the original built-in CA root cert.
7466 Mozilla XPInstall Dialog Box Arbitrary Command Execution

Snort® IPS/IDS

Date Description
2018-01-17 Mozilla Firefox SOAPParameter integer overflow attempt
RuleID : 45184 - Revision : 1 - Type : BROWSER-FIREFOX
2018-01-17 Mozilla Firefox SOAPParameter integer overflow attempt
RuleID : 45183 - Revision : 1 - Type : BROWSER-FIREFOX
2018-01-17 Mozilla Firefox SOAPParameter integer overflow attempt
RuleID : 45182 - Revision : 1 - Type : BROWSER-FIREFOX
2018-01-17 Mozilla Firefox SOAPParameter integer overflow attempt
RuleID : 45181 - Revision : 1 - Type : BROWSER-FIREFOX
2018-01-17 Mozilla Firefox SOAPParameter integer overflow attempt
RuleID : 45180 - Revision : 1 - Type : BROWSER-FIREFOX
2018-01-17 Mozilla Firefox SOAPParameter integer overflow attempt
RuleID : 45179 - Revision : 1 - Type : BROWSER-FIREFOX
2018-01-17 Mozilla Firefox SOAPParameter integer overflow attempt
RuleID : 45178 - Revision : 1 - Type : BROWSER-FIREFOX
2018-01-17 Mozilla Firefox SOAPParameter integer overflow attempt
RuleID : 45177 - Revision : 1 - Type : BROWSER-FIREFOX
2018-01-10 Mozilla SSL certificate spoofing attempt
RuleID : 45127 - Revision : 1 - Type : BROWSER-FIREFOX
2014-01-10 Microsoft Multiple Products PNG large image height download attempt
RuleID : 3133-community - Revision : 15 - Type : FILE-IMAGE
2014-01-10 Microsoft Multiple Products PNG large image height download attempt
RuleID : 3133 - Revision : 15 - Type : FILE-IMAGE
2014-01-10 libpng tRNS overflow attempt
RuleID : 2673-community - Revision : 12 - Type : FILE-IMAGE
2014-01-10 libpng tRNS overflow attempt
RuleID : 2673 - Revision : 12 - Type : FILE-IMAGE

Nessus® Vulnerability Scanner

Date Description
2011-10-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_641859e8eca111d8b913000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_a4fd8f5305eb11d9b45d000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_c1d97a8b05ed11d9b45d000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_f9e3e60be65011d89b0a000347a4fa7d.nasl - Type : ACT_GATHER_INFO
2007-02-18 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2006-213.nasl - Type : ACT_GATHER_INFO
2007-02-18 Name : The remote Mandrake Linux host is missing a security update.
File : mandrake_MDKSA-2006-212.nasl - Type : ACT_GATHER_INFO
2006-07-05 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2005-586.nasl - Type : ACT_GATHER_INFO
2006-07-03 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2005-587.nasl - Type : ACT_GATHER_INFO
2006-01-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-155-1.nasl - Type : ACT_GATHER_INFO
2006-01-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-149-1.nasl - Type : ACT_GATHER_INFO
2006-01-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1-1.nasl - Type : ACT_GATHER_INFO
2005-10-05 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2005-128.nasl - Type : ACT_GATHER_INFO
2005-09-13 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-810.nasl - Type : ACT_GATHER_INFO
2005-08-18 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-775.nasl - Type : ACT_GATHER_INFO
2005-08-18 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-777.nasl - Type : ACT_GATHER_INFO
2005-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2005-587.nasl - Type : ACT_GATHER_INFO
2005-07-22 Name : The remote Fedora Core host is missing a security update.
File : fedora_2005-616.nasl - Type : ACT_GATHER_INFO
2005-07-22 Name : The remote Fedora Core host is missing a security update.
File : fedora_2005-619.nasl - Type : ACT_GATHER_INFO
2005-07-21 Name : The remote Fedora Core host is missing a security update.
File : fedora_2005-605.nasl - Type : ACT_GATHER_INFO
2005-07-21 Name : The remote Fedora Core host is missing a security update.
File : fedora_2005-603.nasl - Type : ACT_GATHER_INFO
2005-07-21 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2005-586.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_abe47a5ae23c11d89b0a000347a4fa7d.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : A web browser installed on the remote host contains multiple vulnerabilities.
File : mozilla_179.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_e9f9d2320cb211d98a8a000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_105.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2004-222-01.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_a7e0d783131b11d9bc4a000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_7c188c550cb011d98a8a000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2004-223-01.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2004-223-02.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_5360a659131c11d9bc4a000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_6e7408810cae11d98a8a000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_8d8238830ca911d98a8a000c41e2cdad.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_730db824e21611d89b0a000347a4fa7d.nasl - Type : ACT_GATHER_INFO
2005-02-08 Name : Arbitrary code can be executed on the remote host through the Media Player.
File : smb_nt_ms05-009.nasl - Type : ACT_GATHER_INFO
2004-11-10 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-570.nasl - Type : ACT_GATHER_INFO
2004-11-10 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-571.nasl - Type : ACT_GATHER_INFO
2004-09-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-536.nasl - Type : ACT_GATHER_INFO
2004-09-06 Name : The remote Windows host has a web browser installed that is affected by a den...
File : mozilla_certif_handle_dos.nasl - Type : ACT_GATHER_INFO
2004-08-30 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200408-03.nasl - Type : ACT_GATHER_INFO
2004-08-30 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200408-22.nasl - Type : ACT_GATHER_INFO
2004-08-22 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2004-082.nasl - Type : ACT_GATHER_INFO
2004-08-22 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2004-079.nasl - Type : ACT_GATHER_INFO
2004-08-12 Name : The remote device is missing a vendor-supplied security patch
File : freebsd_kdelibs_3233.nasl - Type : ACT_GATHER_INFO
2004-08-10 Name : The remote host is missing a Mac OS X update that fixes a security issue.
File : macosx_SecUpd20040809.nasl - Type : ACT_GATHER_INFO
2004-08-05 Name : The remote Fedora Core host is missing a security update.
File : fedora_2004-238.nasl - Type : ACT_GATHER_INFO
2004-08-05 Name : The remote Fedora Core host is missing a security update.
File : fedora_2004-237.nasl - Type : ACT_GATHER_INFO
2004-08-05 Name : The remote Fedora Core host is missing a security update.
File : fedora_2004-239.nasl - Type : ACT_GATHER_INFO
2004-08-05 Name : The remote Fedora Core host is missing a security update.
File : fedora_2004-236.nasl - Type : ACT_GATHER_INFO
2004-08-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2004-402.nasl - Type : ACT_GATHER_INFO
2004-08-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2004-421.nasl - Type : ACT_GATHER_INFO
2004-08-04 Name : The remote host is missing a vendor-supplied security patch
File : suse_SA_2004_023.nasl - Type : ACT_GATHER_INFO
2004-08-03 Name : The remote Windows host contains a web browser that has a code execution vuln...
File : mozilla_firefox_cache_file.nasl - Type : ACT_GATHER_INFO
2004-08-02 Name : The remote Windows host has a web browser installed that is affected by multi...
File : mozilla_firefox_xul_spoof.nasl - Type : ACT_GATHER_INFO
2004-08-02 Name : The remote Windows host contains a web browser that is affected by an integer...
File : mozilla_soapparameter_overflow.nasl - Type : ACT_GATHER_INFO
2004-07-06 Name : The remote host is using an unsupported version of Mac OS X.
File : macosx_version.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:48:37
  • Multiple Updates