Executive Summary

Summary
Title firefox security update
Informations
Name RHSA-2007:0979 First vendor Publication 2007-10-19
Vendor RedHat Last vendor Modification 2007-10-19
Severity (Vendor) Critical Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having critical security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

Mozilla Firefox is an open source Web browser.

Several flaws were found in the way in which Firefox processed certain malformed web content. A web page containing malicious content could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340)

Several flaws were found in the way in which Firefox displayed malformed web content. A web page containing specially-crafted content could potentially trick a user into surrendering sensitive information. (CVE-2007-1095, CVE-2007-3844, CVE-2007-3511, CVE-2007-5334)

A flaw was found in the Firefox sftp protocol handler. A malicious web page could access data from a remote sftp site, possibly stealing sensitive user data. (CVE-2007-5337)

A request-splitting flaw was found in the way in which Firefox generates a digest authentication request. If a user opened a specially-crafted URL, it was possible to perform cross-site scripting attacks, web cache poisoning, or other, similar exploits. (CVE-2007-2292)

All users of Firefox are advised to upgrade to these updated packages, which contain backported patches that correct these issues.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

246248 - firefox crashes when searching for word "do" 333991 - Mozilla products security update (CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340)

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2007-0979.html

CWE : Common Weakness Enumeration

% Id Name
43 % CWE-20 Improper Input Validation
29 % CWE-16 Configuration
14 % CWE-264 Permissions, Privileges, and Access Controls
14 % CWE-200 Information Exposure

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10195
 
Oval ID: oval:org.mitre.oval:def:10195
Title: CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allows remote attackers to conduct HTTP request splitting attacks via LF (%0a) bytes in the username attribute.
Description: CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allows remote attackers to conduct HTTP request splitting attacks via LF (%0a) bytes in the username attribute.
Family: unix Class: vulnerability
Reference(s): CVE-2007-2292
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10459
 
Oval ID: oval:org.mitre.oval:def:10459
Title: Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors.
Description: Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors.
Family: unix Class: vulnerability
Reference(s): CVE-2007-5339
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10965
 
Oval ID: oval:org.mitre.oval:def:10965
Title: Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed.
Description: Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed.
Family: unix Class: vulnerability
Reference(s): CVE-2007-5338
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11443
 
Oval ID: oval:org.mitre.oval:def:11443
Title: Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server.
Description: Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server.
Family: unix Class: vulnerability
Reference(s): CVE-2007-5337
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11482
 
Oval ID: oval:org.mitre.oval:def:11482
Title: Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the Window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attribute.
Description: Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the Window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attribute.
Family: unix Class: vulnerability
Reference(s): CVE-2007-5334
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11665
 
Oval ID: oval:org.mitre.oval:def:11665
Title: Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client.
Description: Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client.
Family: unix Class: vulnerability
Reference(s): CVE-2007-1095
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17494
 
Oval ID: oval:org.mitre.oval:def:17494
Title: USN-536-1 -- mozilla-thunderbird, thunderbird vulnerabilities
Description: Various flaws were discovered in the layout and JavaScript engines.
Family: unix Class: patch
Reference(s): USN-536-1
CVE-2007-5339
CVE-2007-5340
CVE-2006-2894
CVE-2007-3511
CVE-2007-1095
CVE-2007-2292
CVE-2007-5334
CVE-2007-5337
CVE-2007-5338
 Version: 7
Platform(s): Ubuntu 6.06
Ubuntu 6.10
Ubuntu 7.04
Ubuntu 7.10
 Product(s): mozilla-thunderbird
thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17867
 
Oval ID: oval:org.mitre.oval:def:17867
Title: DSA-1391-1 icedove - several vulnerabilities
Description: Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client.
Family: unix Class: patch
Reference(s): DSA-1391-1
CVE-2007-3734
CVE-2007-3735
CVE-2007-3844
CVE-2007-3845
CVE-2007-5339
CVE-2007-5340
 Version: 7
Platform(s): Debian GNU/Linux 4.0
 Product(s): icedove
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18655
 
Oval ID: oval:org.mitre.oval:def:18655
Title: DSA-1574-1 icedove - several vulnerabilities
Description: Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client.
Family: unix Class: patch
Reference(s): DSA-1574-1
CVE-2008-1233
CVE-2008-1234
CVE-2008-1235
CVE-2008-1236
CVE-2008-1237
CVE-2007-3738
CVE-2007-5338
 Version: 7
Platform(s): Debian GNU/Linux 4.0
 Product(s): icedove
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18729
 
Oval ID: oval:org.mitre.oval:def:18729
Title: DSA-1534-1 iceape
Description: Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite.
Family: unix Class: patch
Reference(s): DSA-1534-1
CVE-2007-4879
CVE-2008-1233
CVE-2008-1234
CVE-2008-1235
CVE-2008-1236
CVE-2008-1237
CVE-2008-1238
CVE-2008-1240
CVE-2008-1241
CVE-2007-3738
CVE-2007-5338
 Version: 7
Platform(s): Debian GNU/Linux 4.0
 Product(s): iceape
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18755
 
Oval ID: oval:org.mitre.oval:def:18755
Title: DSA-1532-1 xulrunner
Description: Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.
Family: unix Class: patch
Reference(s): DSA-1532-1
CVE-2007-4879
CVE-2008-1233
CVE-2008-1234
CVE-2008-1235
CVE-2008-1236
CVE-2008-1237
CVE-2008-1238
CVE-2008-1240
CVE-2008-1241
CVE-2007-3738
CVE-2007-5338
 Version: 7
Platform(s): Debian GNU/Linux 4.0
 Product(s): xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19906
 
Oval ID: oval:org.mitre.oval:def:19906
Title: DSA-1534-2 iceape - regression
Description: Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite.
Family: unix Class: patch
Reference(s): DSA-1534-2
CVE-2007-4879
CVE-2008-1233
CVE-2008-1234
CVE-2008-1235
CVE-2008-1236
CVE-2008-1237
CVE-2008-1238
CVE-2008-1240
CVE-2008-1241
CVE-2007-3738
CVE-2007-5338
 Version: 5
Platform(s): Debian GNU/Linux 4.0
 Product(s): iceape
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20297
 
Oval ID: oval:org.mitre.oval:def:20297
Title: DSA-1535-1 iceweasel
Description: Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser.
Family: unix Class: patch
Reference(s): DSA-1535-1
CVE-2007-4879
CVE-2008-1233
CVE-2008-1234
CVE-2008-1235
CVE-2008-1236
CVE-2008-1237
CVE-2008-1238
CVE-2008-1240
CVE-2008-1241
CVE-2007-3738
CVE-2007-5338
 Version: 5
Platform(s): Debian GNU/Linux 4.0
 Product(s): iceweasel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21818
 
Oval ID: oval:org.mitre.oval:def:21818
Title: ELSA-2007:0979: firefox security update (Critical)
Description: Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption.
Family: unix Class: patch
Reference(s): ELSA-2007:0979-02
CVE-2007-1095
CVE-2007-2292
CVE-2007-3511
CVE-2007-3844
CVE-2007-5334
CVE-2007-5337
CVE-2007-5338
CVE-2007-5339
CVE-2007-5340
 Version: 41
Platform(s): Oracle Linux 5
 Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22422
 
Oval ID: oval:org.mitre.oval:def:22422
Title: ELSA-2007:0981: thunderbird security update (Moderate)
Description: Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption.
Family: unix Class: patch
Reference(s): ELSA-2007:0981-02
CVE-2007-1095
CVE-2007-2292
CVE-2007-3511
CVE-2007-3844
CVE-2007-5334
CVE-2007-5337
CVE-2007-5338
CVE-2007-5339
CVE-2007-5340
 Version: 41
Platform(s): Oracle Linux 5
 Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7395
 
Oval ID: oval:org.mitre.oval:def:7395
Title: DSA-1535 iceweasel -- several vulnerabilities
Description: Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems: Peter Brodersen and Alexander Klink discovered that the autoselection of SSL client certificates could lead to users being tracked, resulting in a loss of privacy. moz_bug_r_a4 discovered that variants of CVE-2007-3738 and CVE-2007-5338 allow the execution of arbitrary code through XPCNativeWrapper. moz_bug_r_a4 discovered that insecure handling of event handlers could lead to cross-site scripting. Boris Zbarsky, Johnny Stenback and moz_bug_r_a4 discovered that incorrect principal handling could lead to cross-site scripting and the execution of arbitrary code. Tom Ferris, Seth Spitzer, Martin Wargers, John Daggett and Mats Palmgren discovered crashes in the layout engine, which might allow the execution of arbitrary code. georgi, tgirmann and Igor Bukanov discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. Gregory Fleischer discovered that HTTP Referrer headers were handled incorrectly in combination with URLs containing Basic Authentication credentials with empty usernames, resulting in potential Cross-Site Request Forgery attacks. Gregory Fleischer discovered that web content fetched through the jar: protocol can use Java to connect to arbitrary ports. This is only an issue in combination with the non-free Java plugin. Chris Thomas discovered that background tabs could generate XUL popups overlaying the current tab, resulting in potential spoofing attacks. The Mozilla products from the old stable distribution (sarge) are no longer supported.
Family: unix Class: patch
Reference(s): DSA-1535
CVE-2007-4879
CVE-2008-1233
CVE-2008-1234
CVE-2008-1235
CVE-2008-1236
CVE-2008-1237
CVE-2008-1238
CVE-2008-1240
CVE-2008-1241
CVE-2007-3738
CVE-2007-5338
 Version: 3
Platform(s): Debian GNU/Linux 4.0
 Product(s): iceweasel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7681
 
Oval ID: oval:org.mitre.oval:def:7681
Title: DSA-1574 icedove -- several vulnerabilities
Description: Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems: moz_bug_r_a4 discovered that variants of CVE-2007-3738 and CVE-2007-5338 allow the execution of arbitrary code through XPCNativeWrapper. moz_bug_r_a4 discovered that insecure handling of event handlers could lead to cross-site scripting. Boris Zbarsky, Johnny Stenback and moz_bug_r_a4 discovered that incorrect principal handling could lead to cross-site scripting and the execution of arbitrary code. Tom Ferris, Seth Spitzer, Martin Wargers, John Daggett and Mats Palmgren discovered crashes in the layout engine, which might allow the execution of arbitrary code. georgi, tgirmann and Igor Bukanov discovered crashes in the Javascript engine, which might allow the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-1574
CVE-2008-1233
CVE-2008-1234
CVE-2008-1235
CVE-2008-1236
CVE-2008-1237
CVE-2007-3738
CVE-2007-5338
 Version: 3
Platform(s): Debian GNU/Linux 4.0
 Product(s): icedove
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7869
 
Oval ID: oval:org.mitre.oval:def:7869
Title: DSA-1534 iceape -- several vulnerabilities
Description: Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite. The Common Vulnerabilities and Exposures project identifies the following problems: Peter Brodersen and Alexander Klink discovered that the autoselection of SSL client certificates could lead to users being tracked, resulting in a loss of privacy. moz_bug_r_a4 discovered that variants of CVE-2007-3738 and CVE-2007-5338 allow the execution of arbitrary code through XPCNativeWrapper. moz_bug_r_a4 discovered that insecure handling of event handlers could lead to cross-site scripting. Boris Zbarsky, Johnny Stenback and moz_bug_r_a4 discovered that incorrect principal handling could lead to cross-site scripting and the execution of arbitrary code. Tom Ferris, Seth Spitzer, Martin Wargers, John Daggett and Mats Palmgren discovered crashes in the layout engine, which might allow the execution of arbitrary code. Georgi, Tgirmann and Igor Bukanov discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. Gregory Fleischer discovered that HTTP Referrer headers were handled incorrectly in combination with URLs containing Basic Authentication credentials with empty usernames, resulting in potential Cross-Site Request Forgery attacks. Gregory Fleischer discovered that web content fetched through the jar: protocol can use Java to connect to arbitrary ports. This is only an issue in combination with the non-free Java plugin. Chris Thomas discovered that background tabs could generate XUL popups overlaying the current tab, resulting in potential spoofing attacks. The Mozilla products from the old stable distribution (sarge) are no longer supported.
Family: unix Class: patch
Reference(s): DSA-1534
CVE-2007-4879
CVE-2008-1233
CVE-2008-1234
CVE-2008-1235
CVE-2008-1236
CVE-2008-1237
CVE-2008-1238
CVE-2008-1240
CVE-2008-1241
CVE-2007-3738
CVE-2007-5338
 Version: 3
Platform(s): Debian GNU/Linux 4.0
 Product(s): iceape
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7955
 
Oval ID: oval:org.mitre.oval:def:7955
Title: DSA-1532 xulrunner -- several vulnerabilities
Description: Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems: Peter Brodersen and Alexander Klink discovered that the autoselection of SSL client certificates could lead to users being tracked, resulting in a loss of privacy. moz_bug_r_a4 discovered that variants of CVE-2007-3738 and CVE-2007-5338 allow the execution of arbitrary code through XPCNativeWrapper. moz_bug_r_a4 discovered that insecure handling of event handlers could lead to cross-site scripting. Boris Zbarsky, Johnny Stenback and moz_bug_r_a4 discovered that incorrect principal handling could lead to cross-site scripting and the execution of arbitrary code. Tom Ferris, Seth Spitzer, Martin Wargers, John Daggett and Mats Palmgren discovered crashes in the layout engine, which might allow the execution of arbitrary code. georgi, tgirmann and Igor Bukanov discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. Gregory Fleischer discovered that HTTP Referrer headers were handled incorrectly in combination with URLs containing Basic Authentication credentials with empty usernames, resulting in potential Cross-Site Request Forgery attacks. Gregory Fleischer discovered that web content fetched through the jar: protocol can use Java to connect to arbitrary ports. This is only an issue in combination with the non-free Java plugin. Chris Thomas discovered that background tabs could generate XUL popups overlaying the current tab, resulting in potential spoofing attacks. The Mozilla products from the old stable distribution (sarge) are no longer supported.
Family: unix Class: patch
Reference(s): DSA-1532
CVE-2007-4879
CVE-2008-1233
CVE-2008-1234
CVE-2008-1235
CVE-2008-1236
CVE-2008-1237
CVE-2008-1238
CVE-2008-1240
CVE-2008-1241
CVE-2007-3738
CVE-2007-5338
 Version: 3
Platform(s): Debian GNU/Linux 4.0
 Product(s): xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9493
 
Oval ID: oval:org.mitre.oval:def:9493
Title: Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting (XSS) attacks with chrome privileges via an addon that inserts a (1) javascript: or (2) data: link into an about:blank document loaded by chrome via (a) the window.open function or (b) a content.location assignment, aka "Cross Context Scripting." NOTE: this issue is caused by a CVE-2007-3089 regression.
Description: Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting (XSS) attacks with chrome privileges via an addon that inserts a (1) javascript: or (2) data: link into an about:blank document loaded by chrome via (a) the window.open function or (b) a content.location assignment, aka "Cross Context Scripting." NOTE: this issue is caused by a CVE-2007-3089 regression.
Family: unix Class: vulnerability
Reference(s): CVE-2007-3844
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9622
 
Oval ID: oval:org.mitre.oval:def:9622
Title: Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption.
Description: Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption.
Family: unix Class: vulnerability
Reference(s): CVE-2007-5340
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9763
 
Oval ID: oval:org.mitre.oval:def:9763
Title: The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.
Description: The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.
Family: unix Class: vulnerability
Reference(s): CVE-2007-3511
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 1
Application 94
Application 27
Application 64

OpenVAS Exploits

Date Description
2009-10-10 Name : SLES9: Security update for Mozilla
File : nvt/sles9p5018527.nasl
2009-05-05 Name : HP-UX Update for Thunderbird HPSBUX02156
File : nvt/gb_hp_ux_HPSBUX02156.nasl
2009-04-09 Name : Mandriva Update for mozilla-thunderbird MDVSA-2007:047 (mozilla-thunderbird)
File : nvt/gb_mandriva_MDVSA_2007_047.nasl
2009-04-09 Name : Mandriva Update for mozilla-firefox MDKSA-2007:202 (mozilla-firefox)
File : nvt/gb_mandriva_MDKSA_2007_202.nasl
2009-04-09 Name : Mandriva Update for mozilla-firefox MDKSA-2007:152 (mozilla-firefox)
File : nvt/gb_mandriva_MDKSA_2007_152.nasl
2009-03-23 Name : Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-536-1
File : nvt/gb_ubuntu_USN_536_1.nasl
2009-03-23 Name : Ubuntu Update for firefox vulnerabilities USN-535-1
File : nvt/gb_ubuntu_USN_535_1.nasl
2009-03-23 Name : Ubuntu Update for mozilla-thunderbird vulnerabilities USN-503-1
File : nvt/gb_ubuntu_USN_503_1.nasl
2009-03-23 Name : Ubuntu Update for firefox vulnerabilities USN-493-1
File : nvt/gb_ubuntu_USN_493_1.nasl
2009-02-27 Name : Fedora Update for firefox FEDORA-2007-2664
File : nvt/gb_fedora_2007_2664_firefox_fc7.nasl
2009-02-27 Name : Fedora Update for thunderbird FEDORA-2007-3431
File : nvt/gb_fedora_2007_3431_thunderbird_fc7.nasl
2009-02-27 Name : Fedora Update for thunderbird FEDORA-2007-3414
File : nvt/gb_fedora_2007_3414_thunderbird_fc8.nasl
2009-02-27 Name : Fedora Update for seamonkey FEDORA-2007-2795
File : nvt/gb_fedora_2007_2795_seamonkey_fc8.nasl
2009-02-27 Name : Fedora Update for seamonkey FEDORA-2007-2601
File : nvt/gb_fedora_2007_2601_seamonkey_fc7.nasl
2009-01-28 Name : SuSE Update for MozillaFirefox,mozilla,seamonkey SUSE-SA:2007:057
File : nvt/gb_suse_2007_057.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200711-24 (mozilla-thunderbird mozilla-thunderb...
File : nvt/glsa_200711_24.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200711-14 (firefox seamonkey xulrunner)
File : nvt/glsa_200711_14.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200708-09 (mozilla/thunderbird/firefox/xulrunner)
File : nvt/glsa_200708_09.nasl
2008-09-04 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox27.nasl
2008-05-27 Name : Debian Security Advisory DSA 1574-1 (icedove)
File : nvt/deb_1574_1.nasl
2008-04-30 Name : Debian Security Advisory DSA 1534-2 (iceape)
File : nvt/deb_1534_2.nasl
2008-04-07 Name : Debian Security Advisory DSA 1535-1 (iceweasel)
File : nvt/deb_1535_1.nasl
2008-04-07 Name : Debian Security Advisory DSA 1534-1 (iceape)
File : nvt/deb_1534_1.nasl
2008-04-07 Name : Debian Security Advisory DSA 1532-1 (xulrunner)
File : nvt/deb_1532_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1401-1 (iceape)
File : nvt/deb_1401_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1345-1 (xulrunner)
File : nvt/deb_1345_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1346-1 (iceape)
File : nvt/deb_1346_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1391-1 (icedove)
File : nvt/deb_1391_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1392-1 (xulrunner)
File : nvt/deb_1392_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1396-1 (icedove)
File : nvt/deb_1396_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1344-1 (iceweasel)
File : nvt/deb_1344_1.nasl
0000-00-00 Name : Slackware Advisory SSA:2007-213-01 firefox
File : nvt/esoft_slk_ssa_2007_213_01.nasl
0000-00-00 Name : Slackware Advisory SSA:2007-324-01 mozilla-thunderbird
File : nvt/esoft_slk_ssa_2007_324_01.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
38044 Mozilla Multiple Products JavaScript Engine Multiple Unspecified Memory Corr...
38043 Mozilla Multiple Products Browser Engine Multiple Unspecified Memory Corruption
38035 Mozilla Multiple Products XUL Page Title Bar Spoofing
38034 Mozilla Firefox on Linux gnome-vfs smb/sftp URI Arbitrary File Access
38033 Mozilla Multiple Products Script Object XPCNativeWrappers Pollution
38026 Mozilla Multiple Products Addon Chrome Cross-Context Scripting
37995 Mozilla Firefox Digest Authentication username Attribute CRLF Injection
37994 Mozilla Multiple Browsers onkeydown Event Window Focus Manipulation
33809 Mozilla Firefox JavaScript onUnload Handler Site Tailgating

Snort® IPS/IDS

Date Description
2014-01-10 Mozilla Firefox XBL Event Handler Tags Removal memory corruption attempt
RuleID : 15383 - Revision : 8 - Type : BROWSER-FIREFOX

Nessus® Vulnerability Scanner

Date Description
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0979.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0980.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2007-0981.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20071019_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20071019_seamonkey_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20071019_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2007-202.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-047.nasl - Type : ACT_GATHER_INFO
2008-05-13 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1574.nasl - Type : ACT_GATHER_INFO
2008-04-11 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1535.nasl - Type : ACT_GATHER_INFO
2008-03-31 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1532.nasl - Type : ACT_GATHER_INFO
2008-03-31 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1534.nasl - Type : ACT_GATHER_INFO
2008-01-10 Name : The remote openSUSE host is missing a security update.
File : suse_MozillaThunderbird-4874.nasl - Type : ACT_GATHER_INFO
2007-12-20 Name : The remote Windows host contains a mail client that is affected by multiple v...
File : mozilla_thunderbird_15014.nasl - Type : ACT_GATHER_INFO
2007-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_MozillaFirefox-4570.nasl - Type : ACT_GATHER_INFO
2007-12-13 Name : The remote openSUSE host is missing a security update.
File : suse_MozillaThunderbird-4811.nasl - Type : ACT_GATHER_INFO
2007-11-26 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2007-324-01.nasl - Type : ACT_GATHER_INFO
2007-11-20 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200711-24.nasl - Type : ACT_GATHER_INFO
2007-11-16 Name : The remote Fedora host is missing a security update.
File : fedora_2007-3414.nasl - Type : ACT_GATHER_INFO
2007-11-16 Name : The remote Fedora host is missing a security update.
File : fedora_2007-3431.nasl - Type : ACT_GATHER_INFO
2007-11-16 Name : The remote Windows host contains a mail client that is affected by multiple v...
File : mozilla_thunderbird_2009.nasl - Type : ACT_GATHER_INFO
2007-11-14 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200711-14.nasl - Type : ACT_GATHER_INFO
2007-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-536-1.nasl - Type : ACT_GATHER_INFO
2007-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-535-1.nasl - Type : ACT_GATHER_INFO
2007-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-503-1.nasl - Type : ACT_GATHER_INFO
2007-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-493-1.nasl - Type : ACT_GATHER_INFO
2007-11-07 Name : The remote Fedora host is missing a security update.
File : fedora_2007-2795.nasl - Type : ACT_GATHER_INFO
2007-11-06 Name : The remote Fedora host is missing a security update.
File : fedora_2007-2664.nasl - Type : ACT_GATHER_INFO
2007-11-06 Name : The remote Fedora host is missing a security update.
File : fedora_2007-2601.nasl - Type : ACT_GATHER_INFO
2007-11-06 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1401.nasl - Type : ACT_GATHER_INFO
2007-10-30 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1396.nasl - Type : ACT_GATHER_INFO
2007-10-26 Name : The remote openSUSE host is missing a security update.
File : suse_seamonkey-4596.nasl - Type : ACT_GATHER_INFO
2007-10-25 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2007-0979.nasl - Type : ACT_GATHER_INFO
2007-10-25 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2007-0980.nasl - Type : ACT_GATHER_INFO
2007-10-25 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2007-0981.nasl - Type : ACT_GATHER_INFO
2007-10-25 Name : The remote openSUSE host is missing a security update.
File : suse_seamonkey-4594.nasl - Type : ACT_GATHER_INFO
2007-10-25 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2007-0981.nasl - Type : ACT_GATHER_INFO
2007-10-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-0980.nasl - Type : ACT_GATHER_INFO
2007-10-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-0979.nasl - Type : ACT_GATHER_INFO
2007-10-25 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1391.nasl - Type : ACT_GATHER_INFO
2007-10-25 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1392.nasl - Type : ACT_GATHER_INFO
2007-10-25 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_e24797af803d11dcb787003048705d5a.nasl - Type : ACT_GATHER_INFO
2007-10-24 Name : A web browser on the remote host is prone to multiple flaws.
File : seamonkey_115.nasl - Type : ACT_GATHER_INFO
2007-10-24 Name : The remote openSUSE host is missing a security update.
File : suse_MozillaFirefox-4572.nasl - Type : ACT_GATHER_INFO
2007-10-24 Name : The remote openSUSE host is missing a security update.
File : suse_MozillaFirefox-4574.nasl - Type : ACT_GATHER_INFO
2007-10-19 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_2008.nasl - Type : ACT_GATHER_INFO
2007-08-15 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200708-09.nasl - Type : ACT_GATHER_INFO
2007-08-13 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1345.nasl - Type : ACT_GATHER_INFO
2007-08-13 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1344.nasl - Type : ACT_GATHER_INFO
2007-08-13 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1346.nasl - Type : ACT_GATHER_INFO
2007-08-04 Name : A web browser on the remote host is prone to multiple flaws.
File : seamonkey_114.nasl - Type : ACT_GATHER_INFO
2007-08-02 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2007-213-01.nasl - Type : ACT_GATHER_INFO
2007-08-02 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2007-152.nasl - Type : ACT_GATHER_INFO
2007-08-02 Name : The remote Windows host contains a mail client that is affected by multiple v...
File : mozilla_thunderbird_2006.nasl - Type : ACT_GATHER_INFO
2007-07-31 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_2006.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:51:07
  • Multiple Updates