Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title thunderbird security update
Informations
Name RHSA-2007:0108 First vendor Publication 2007-03-13
Vendor RedHat Last vendor Modification 2007-03-13
Severity (Vendor) Critical Revision 02

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 5.

This update has been rated as having critical security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64

3. Problem description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

Several flaws were found in the way Thunderbird processed certain malformed JavaScript code. A malicious HTML mail message could execute JavaScript code in such a way that may result in Thunderbird crashing or executing arbitrary code as the user running Thunderbird. JavaScript support is disabled by default in Thunderbird; these issues are not exploitable unless the user has enabled JavaScript. (CVE-2007-0775, CVE-2007-0777)

Several cross-site scripting (XSS) flaws were found in the way Thunderbird processed certain malformed HTML mail messages. A malicious HTML mail message could display misleading information which may result in a user unknowingly divulging sensitive information such as a password. (CVE-2006-6077, CVE-2007-0995, CVE-2007-0996)

A flaw was found in the way Thunderbird processed text/enhanced and text/richtext formatted mail message. A specially crafted mail message could execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2007-1282)

A flaw was found in the way Thunderbird cached web content on the local disk. A malicious HTML mail message may be able to inject arbitrary HTML into a browsing session if the user reloads a targeted site. (CVE-2007-0778)

A flaw was found in the way Thunderbird displayed certain web content. A malicious HTML mail message could generate content which could overlay user interface elements such as the hostname and security indicators, tricking a user into thinking they are visiting a different site. (CVE-2007-0779)

Two flaws were found in the way Thunderbird displayed blocked popup windows. If a user can be convinced to open a blocked popup, it is possible to read arbitrary local files, or conduct an XSS attack against the user. (CVE-2007-0780, CVE-2007-0800)

Two buffer overflow flaws were found in the Network Security Services (NSS) code for processing the SSLv2 protocol. Connecting to a malicious secure web server could cause the execution of arbitrary code as the user running Thunderbird. (CVE-2007-0008, CVE-2007-0009)

A flaw was found in the way Thunderbird handled the "location.hostname" value during certain browser domain checks. This flaw could allow a malicious HTML mail message to set domain cookies for an arbitrary site, or possibly perform an XSS attack. (CVE-2007-0981)

Users of Thunderbird are advised to apply this update, which contains Thunderbird version 1.5.0.10 that corrects these issues.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

230562 - CVE-2007-0775 Multiple Thunderbird flaws (CVE-2007-0777, CVE-2007-0995, CVE-2007-0996, CVE-2006-6077, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0008, CVE-2007-0009, CVE-2007-0981, CVE-2007-1282)

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2007-0108.html

CWE : Common Weakness Enumeration

% Id Name
29 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
29 % CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)
14 % CWE-264 Permissions, Privileges, and Access Controls
14 % CWE-200 Information Exposure
14 % CWE-189 Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10012
 
Oval ID: oval:org.mitre.oval:def:10012
Title: Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via certain vectors.
Description: Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via certain vectors.
Family: unix Class: vulnerability
Reference(s): CVE-2007-0775
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10031
 
Oval ID: oval:org.mitre.oval:def:10031
Title: The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password.
Description: The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password.
Family: unix Class: vulnerability
Reference(s): CVE-2006-6077
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10086
 
Oval ID: oval:org.mitre.oval:def:10086
Title: The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.
Description: The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.
Family: unix Class: vulnerability
Reference(s): CVE-2007-0996
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10164
 
Oval ID: oval:org.mitre.oval:def:10164
Title: Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.
Description: Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.
Family: unix Class: vulnerability
Reference(s): CVE-2007-0995
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10174
 
Oval ID: oval:org.mitre.oval:def:10174
Title: Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values.
Description: Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values.
Family: unix Class: vulnerability
Reference(s): CVE-2007-0009
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10502
 
Oval ID: oval:org.mitre.oval:def:10502
Title: Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the "Master Secret", which results in a heap-based overflow.
Description: Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the "Master Secret", which results in a heap-based overflow.
Family: unix Class: vulnerability
Reference(s): CVE-2007-0008
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10654
 
Oval ID: oval:org.mitre.oval:def:10654
Title: Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocked popup.
Description: Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocked popup.
Family: unix Class: vulnerability
Reference(s): CVE-2007-0800
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11313
 
Oval ID: oval:org.mitre.oval:def:11313
Title: Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line.
Description: Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line.
Family: unix Class: vulnerability
Reference(s): CVE-2007-1282
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11331
 
Oval ID: oval:org.mitre.oval:def:11331
Title: The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption.
Description: The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption.
Family: unix Class: vulnerability
Reference(s): CVE-2007-0777
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21788
 
Oval ID: oval:org.mitre.oval:def:21788
Title: ELSA-2007:0097: firefox security update (Critical)
Description: The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.
Family: unix Class: patch
Reference(s): ELSA-2007:0097-02
CVE-2006-6077
CVE-2007-0008
CVE-2007-0009
CVE-2007-0775
CVE-2007-0777
CVE-2007-0778
CVE-2007-0779
CVE-2007-0780
CVE-2007-0800
CVE-2007-0981
CVE-2007-0994
CVE-2007-0995
CVE-2007-0996
Version: 57
Platform(s): Oracle Linux 5
Product(s): devhelp
firefox
yelp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22262
 
Oval ID: oval:org.mitre.oval:def:22262
Title: ELSA-2007:0108: thunderbird security update (Critical)
Description: Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line.
Family: unix Class: patch
Reference(s): ELSA-2007:0108-02
CVE-2006-6077
CVE-2007-0008
CVE-2007-0009
CVE-2007-0775
CVE-2007-0777
CVE-2007-0778
CVE-2007-0779
CVE-2007-0780
CVE-2007-0800
CVE-2007-0981
CVE-2007-0995
CVE-2007-0996
CVE-2007-1282
Version: 57
Platform(s): Oracle Linux 5
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8757
 
Oval ID: oval:org.mitre.oval:def:8757
Title: GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom cursor.
Description: GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom cursor.
Family: unix Class: vulnerability
Reference(s): CVE-2007-0779
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9151
 
Oval ID: oval:org.mitre.oval:def:9151
Title: The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors when the target page is reloaded from the cache.
Description: The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors when the target page is reloaded from the cache.
Family: unix Class: vulnerability
Reference(s): CVE-2007-0778
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9730
 
Oval ID: oval:org.mitre.oval:def:9730
Title: Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.
Description: Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.
Family: unix Class: vulnerability
Reference(s): CVE-2007-0981
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9884
 
Oval ID: oval:org.mitre.oval:def:9884
Title: browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI.
Description: browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI.
Family: unix Class: vulnerability
Reference(s): CVE-2007-0780
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 74
Application 37
Application 16
Application 43
Application 1
Os 3
Os 2

ExploitDB Exploits

id Description
2007-02-20 Mozilla Firefox <= 2.0.0.1 (location.hostname) Cross-Domain Vulnerability

OpenVAS Exploits

Date Description
2009-10-10 Name : SLES9: Security update for Mozilla suite
File : nvt/sles9p5012115.nasl
2009-04-09 Name : Mandriva Update for mozilla-firefox MDKSA-2007:050 (mozilla-firefox)
File : nvt/gb_mandriva_MDKSA_2007_050.nasl
2009-04-09 Name : Mandriva Update for mozilla-firefox MDKSA-2007:050-1 (mozilla-firefox)
File : nvt/gb_mandriva_MDKSA_2007_050_1.nasl
2009-04-09 Name : Mandriva Update for mozilla-thunderbird MDKSA-2007:052 (mozilla-thunderbird)
File : nvt/gb_mandriva_MDKSA_2007_052.nasl
2009-03-23 Name : Ubuntu Update for mozilla-thunderbird vulnerabilities USN-431-1
File : nvt/gb_ubuntu_USN_431_1.nasl
2009-03-23 Name : Ubuntu Update for firefox regression USN-428-2
File : nvt/gb_ubuntu_USN_428_2.nasl
2009-03-23 Name : Ubuntu Update for firefox vulnerabilities USN-428-1
File : nvt/gb_ubuntu_USN_428_1.nasl
2009-02-27 Name : Fedora Update for nspr FEDORA-2007-278
File : nvt/gb_fedora_2007_278_nspr_fc5.nasl
2009-02-27 Name : Fedora Update for nss FEDORA-2007-278
File : nvt/gb_fedora_2007_278_nss_fc5.nasl
2009-02-27 Name : Fedora Update for nspr FEDORA-2007-279
File : nvt/gb_fedora_2007_279_nspr_fc6.nasl
2009-02-27 Name : Fedora Update for nss FEDORA-2007-279
File : nvt/gb_fedora_2007_279_nss_fc6.nasl
2009-01-28 Name : SuSE Update for MozillaFirefox,seamonkey SUSE-SA:2007:019
File : nvt/gb_suse_2007_019.nasl
2009-01-28 Name : SuSE Update for mozilla,MozillaThunderbird,seamonkey SUSE-SA:2007:022
File : nvt/gb_suse_2007_022.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200703-04 (mozilla-firefox)
File : nvt/glsa_200703_04.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200703-08 (seamonkey)
File : nvt/glsa_200703_08.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200703-18 (mozilla-thunderbird)
File : nvt/glsa_200703_18.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200703-22 (nss)
File : nvt/glsa_200703_22.nasl
2008-09-04 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox26.nasl
2008-01-17 Name : Debian Security Advisory DSA 1336-1 (mozilla-firefox)
File : nvt/deb_1336_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
33812 Mozilla Multiple Products Child Frame Inheritance XSS

33810 Mozilla Multiple Products enhanced / richtext Mail Handling Overflow

32115 Mozilla Multiple Products JavaScript Engine Memory Corruption

A memory corruption flaw exists in multiple Mozilla products. This issue is due to a error in the Javascript engine. With a malformed Javascript applet, an attacker can cause a denial of service and possibly arbitrary code exection resulting in a loss of integrity.
32114 Mozilla Multiple Products Layout Engine Memory Corruption

A memory corruption flaw exists in multiple Mozilla products. This issue is due to a error in the layout engine. With specially crafted HTML code, an attacker can cause a denial of service and possibly arbitrary code exection resulting in a loss of integrity.
32112 Mozilla Multiple Products Cross Domain Charset Inheritance Weakness

32111 Mozilla Multiple Products HTML Tag Attribute Trailing Character Content Filte...

Mozilla Firefox and SeaMonkey parsers improperly ignore invalid trailing characters in HTML tag attribute names. This allows remote attackers to bypass web site content filters that use regular expressions and execute arbitrary scripting code resulting in a loss of integrity.
32110 Mozilla Multiple Products Cache Collision Information Disclosure

Mozilla Firefox and Mozilla SeaMonkey contain a flaw that may lead to an unauthorized information disclosure. The issue is due to a hash collision that can cause page data to be appended to the wrong page cache, allowing a remote attacker to obtain sensitive information and resulting in a loss of confidentiality.
32109 Mozilla Multiple Products CSS3 Hotspot Custom Cursor Spoofing

32108 Mozilla Multiple Products Blocked Popup Arbitrary File Access

Mozilla Firefox contains a flaw that may allow user-assisted remote attackers to obtain sensitive information. The issue is triggered when the victim visits a malicious web page and manually allows a blocked popup, which causes normal URL permission checks to be bypassed. This permits the attacker to bypass security zone restrictions and read arbitrary files on the system, resulting in a loss of confidentiality.
32107 Mozilla Multiple Products Blocked Popup XSS

Mozilla Firefox and Mozilla SeaMonkey contain a flaw that may allow a remote attacker to perform cross-site scripting attacks. The issue is due to improper validation of user-supplied input by the browser.js script. The flaw is triggered when the victim visits the attacker's site which is constructed so that it frames the target site plus another frame whose source is the same data: URL as the victim site. If the attacker can then convince the victim to open a specially-crafted javascript: URL popup from the data: frame the popup could inject a malicious script, which would be executed in a victim's web browser within the security context of the hosting web site, resulting in a loss of confidentiality and/or integrity.
32106 Mozilla Network Security Services SSLv2 Server Remote Overflow

A remote overflow exists in Mozilla Foundation's Network Security Services (NSS) libraries. The vulnerability is due to inadequate error checking in the Network Security Services (NSS) code that is responsible for handling the Client Master Key. A remote attacker can exploit the vulnerability with a specially-crafted SSLv2 certificate containing a Client Master Key with invalid length values. This may result in a stack-based buffer overflow allowing the attacker to crash the affected server or to execute arbitrary code in the context of the affected server, resulting in a loss of availability and/or integrity.
32105 Mozilla Multiple Products NSS SSLv2 Client Overflow

A remote overflow exists in multiple versions of Mozilla Firefox, Mozilla Network Security Services (NSS), Mozilla SeaMonkey, and Mozilla Thunderbird. The vulnerability is due to an error in the Network Security Services (NSS) code that can occur when processing certain SSLv2 server messages. The products fail to properly process SSL server certificates which possess an RSA public key that is too small to encrypt the entire SSLv2 "Master Secret". This may result in a heap-based overflow and may allow an attacker execution of arbitrary code, resulting in a loss of integrity and/or availability.
32104 Mozilla Multiple Products location.hostname Null Byte URI Security Bypass

Mozilla Firefox, Mozilla SeaMonkey, and other Mozilla-based browsers contain a flaw that may allow a remote attacker to bypass security restrictions and gain knowledge of sensitive information. The issue is due to Mozilla-based browsers improperly handling writes to the 'location.hostname' DOM property. The flaw is triggered when a malicious web page writes a hostname value containing NULL characters ('\x00') to the 'location.hostname' DOM property, allowing for alteration of the 'document.domain' in order to bypass the same-origin policy for cross-frame/cross-window data access. This may allow an attacker the ability to manipulate authentication cookies for third party web pages and tamper with the way these sites are displayed or how they work, resulting in a loss of confidentiality.
30641 Multiple Browser Password Manager Crafted Form Cross-Site Password Disclosure

Information Assurance Vulnerability Management (IAVM)

Date Description
2014-01-16 IAVM : 2014-A-0009 - Multiple Vulnerabilities in Oracle Fusion Middleware
Severity : Category I - VMSKEY : V0043395

Snort® IPS/IDS

Date Description
2018-02-27 Mozilla Network Security Services heap underflow exploit attempt
RuleID : 45539 - Revision : 1 - Type : SERVER-OTHER
2018-02-27 Mozilla Network Security Services heap underflow exploit attempt
RuleID : 45538 - Revision : 1 - Type : SERVER-OTHER
2018-02-27 Mozilla Network Security Services heap underflow exploit attempt
RuleID : 45537 - Revision : 1 - Type : SERVER-OTHER
2017-09-21 Mozilla Firefox memory corruption attempt
RuleID : 44049 - Revision : 2 - Type : BROWSER-FIREFOX
2017-09-21 Mozilla Firefox memory corruption attempt
RuleID : 44048 - Revision : 2 - Type : BROWSER-FIREFOX
2017-09-21 Mozilla Firefox memory corruption attempt
RuleID : 44047 - Revision : 2 - Type : BROWSER-FIREFOX
2017-09-21 Mozilla Firefox memory corruption attempt
RuleID : 44046 - Revision : 2 - Type : BROWSER-FIREFOX
2017-09-21 Mozilla Firefox invalid watchpoint memory corruption attempt
RuleID : 44045 - Revision : 2 - Type : BROWSER-FIREFOX
2017-09-21 Mozilla Firefox invalid watchpoint memory corruption attempt
RuleID : 44044 - Revision : 2 - Type : BROWSER-FIREFOX
2017-09-21 Mozilla browsers JavaScript argument passing code execution attempt
RuleID : 44043 - Revision : 1 - Type : BROWSER-FIREFOX
2016-03-14 Mozilla Firefox location.hostname DOM modification bypass attempt
RuleID : 37453 - Revision : 2 - Type : BROWSER-FIREFOX
2014-01-10 Mozilla browsers JavaScript argument passing code execution attempt
RuleID : 16005 - Revision : 12 - Type : BROWSER-FIREFOX
2014-01-10 Mozilla Network Security Services SSLv2 stack overflow attempt
RuleID : 11672 - Revision : 8 - Type : BROWSER-OTHER

Nessus® Vulnerability Scanner

Date Description
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0077-2.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0077.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2007-0078.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2007-0079.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2007-0108.nasl - Type : ACT_GATHER_INFO
2007-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_MozillaFirefox-2683.nasl - Type : ACT_GATHER_INFO
2007-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-431-1.nasl - Type : ACT_GATHER_INFO
2007-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-428-1.nasl - Type : ACT_GATHER_INFO
2007-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-428-2.nasl - Type : ACT_GATHER_INFO
2007-10-17 Name : The remote openSUSE host is missing a security update.
File : suse_MozillaThunderbird-2734.nasl - Type : ACT_GATHER_INFO
2007-10-17 Name : The remote openSUSE host is missing a security update.
File : suse_MozillaFirefox-2699.nasl - Type : ACT_GATHER_INFO
2007-10-17 Name : The remote openSUSE host is missing a security update.
File : suse_MozillaFirefox-2647.nasl - Type : ACT_GATHER_INFO
2007-10-17 Name : The remote openSUSE host is missing a security update.
File : suse_seamonkey-2691.nasl - Type : ACT_GATHER_INFO
2007-10-17 Name : The remote openSUSE host is missing a security update.
File : suse_seamonkey-2811.nasl - Type : ACT_GATHER_INFO
2007-07-27 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1336.nasl - Type : ACT_GATHER_INFO
2007-05-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-0097.nasl - Type : ACT_GATHER_INFO
2007-04-06 Name : The remote Windows host uses a library that may allow remote code execution.
File : sun_java_es_nss_code_exec.nasl - Type : ACT_GATHER_INFO
2007-03-26 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200703-22.nasl - Type : ACT_GATHER_INFO
2007-03-19 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200703-18.nasl - Type : ACT_GATHER_INFO
2007-03-12 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2007-066-04.nasl - Type : ACT_GATHER_INFO
2007-03-12 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2007-066-03.nasl - Type : ACT_GATHER_INFO
2007-03-12 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2007-066-05.nasl - Type : ACT_GATHER_INFO
2007-03-12 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200703-08.nasl - Type : ACT_GATHER_INFO
2007-03-07 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2007-052.nasl - Type : ACT_GATHER_INFO
2007-03-06 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200703-04.nasl - Type : ACT_GATHER_INFO
2007-03-06 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2007-0078.nasl - Type : ACT_GATHER_INFO
2007-03-06 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2007-0078.nasl - Type : ACT_GATHER_INFO
2007-03-06 Name : The remote Fedora Core host is missing a security update.
File : fedora_2007-308.nasl - Type : ACT_GATHER_INFO
2007-03-06 Name : The remote Fedora Core host is missing a security update.
File : fedora_2007-309.nasl - Type : ACT_GATHER_INFO
2007-03-02 Name : The remote Windows host contains a mail client that is affected by multiple v...
File : mozilla_thunderbird_15010.nasl - Type : ACT_GATHER_INFO
2007-03-02 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2007-050.nasl - Type : ACT_GATHER_INFO
2007-02-28 Name : A web browser on the remote host is prone to multiple flaws.
File : seamonkey_108.nasl - Type : ACT_GATHER_INFO
2007-02-28 Name : The remote Fedora Core host is missing one or more security updates.
File : fedora_2007-293.nasl - Type : ACT_GATHER_INFO
2007-02-27 Name : The remote Fedora Core host is missing a security update.
File : fedora_2007-281.nasl - Type : ACT_GATHER_INFO
2007-02-27 Name : The remote Fedora Core host is missing one or more security updates.
File : fedora_2007-279.nasl - Type : ACT_GATHER_INFO
2007-02-27 Name : The remote Fedora Core host is missing one or more security updates.
File : fedora_2007-278.nasl - Type : ACT_GATHER_INFO
2007-02-26 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_12bd6ecfc43011db95c5000c6ec775d9.nasl - Type : ACT_GATHER_INFO
2007-02-26 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2007-0079.nasl - Type : ACT_GATHER_INFO
2007-02-26 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2007-0079.nasl - Type : ACT_GATHER_INFO
2007-02-26 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-0077.nasl - Type : ACT_GATHER_INFO
2007-02-26 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2007-0077.nasl - Type : ACT_GATHER_INFO
2007-02-24 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_15010.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:50:30
  • Multiple Updates