Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Sun Alert 264308 Multiple Security Vulnerabilities in Firefox Versions Prior to 3.5b4 May Allow Execution of Arbitrary Code or Access to Unauthorized Data
Informations
Name SUN-264308 First vendor Publication 2009-07-29
Vendor Sun Last vendor Modification 2009-07-29
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Product: OpenSolaris

Multiple security vulnerabilities with varying impacts affect Firefox (see firefox(1)) versions prior to 3.5b4 as shipped with OpenSolaris. These vulnerabilities may allow an unprivileged remote user to execute arbitrary code on the system where Firefox is being run, cause a Denial of Service (DoS) crash to the Firefox application, gain unauthorized access to sensitive data, execute arbitrary scripting code within a user's browsing session via Cross-Site Scripting (XSS) exploits to read or modify data from other web sites, obtain sensitive data from the user or information stored in cookies, or to perform Cross-Site Request Forgery (CSRF) attacks.

Additional vulnerabilities may allow a remote user to mislead a Firefox user into incorrectly trusting a site by providing a URL in the location bar which may appear to be another URL, or to bypass various security policies that are active in the browser to perform unauthorized activities such as reading local files or initiating network connections.

The following URL provides additional details about the vulnerabilities addressed in Firefox versions prior to 3.5b4.
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html

The Mozilla advisories that describe the vulnerabilities are as follows:

MFSA2009-14   MFSA2009-16   MFSA2009-17   MFSA2009-18   MFSA2009-19
MFSA2009-20   MFSA2009-21   MFSA2009-22   MFSA2009-25   MFSA2009-27
MFSA2009-28   MFSA2009-29   MFSA2009-30   MFSA2009-31   MFSA2009-32
MFSA2009-36

The CVE identifiers that pertain to this security issue are as follows:


State: Resolved
First released: 29-Jul-2009

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_264308_multiple_security

CWE : Common Weakness Enumeration

% Id Name
20 % CWE-16 Configuration
15 % CWE-399 Resource Management Errors
10 % CWE-264 Permissions, Privileges, and Access Controls
10 % CWE-189 Numeric Errors (CWE/SANS Top 25)
10 % CWE-94 Failure to Control Generation of Code ('Code Injection')
10 % CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)
10 % CWE-20 Improper Input Validation
5 % CWE-362 Race Condition
5 % CWE-287 Improper Authentication
5 % CWE-200 Information Exposure

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10106
 
Oval ID: oval:org.mitre.oval:def:10106
Title: The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy, (3) nsComputedDOMStyle::GetWidth, (4) the xslt_attributeset_ImportSameName.html test case for the XSLT stylesheet compiler, (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBindingAncestor, (7) PL_DHashTableOperate and nsEditor::EndUpdateViewBatch, and (8) gfxSkipCharsIterator::SetOffsets, and other vectors.
Description: The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy, (3) nsComputedDOMStyle::GetWidth, (4) the xslt_attributeset_ImportSameName.html test case for the XSLT stylesheet compiler, (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBindingAncestor, (7) PL_DHashTableOperate and nsEditor::EndUpdateViewBatch, and (8) gfxSkipCharsIterator::SetOffsets, and other vectors.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1302
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10110
 
Oval ID: oval:org.mitre.oval:def:10110
Title: The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMANENT attribute.
Description: The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMANENT attribute.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1305
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10137
 
Oval ID: oval:org.mitre.oval:def:10137
Title: Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location value in Firefox.
Description: Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location value in Firefox.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1194
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10150
 
Oval ID: oval:org.mitre.oval:def:10150
Title: The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.
Description: The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1306
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10428
 
Oval ID: oval:org.mitre.oval:def:10428
Title: Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing.
Description: Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1308
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10436
 
Oval ID: oval:org.mitre.oval:def:10436
Title: Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote attackers to spoof the location bar via an IDN with invalid Unicode characters that are displayed as whitespace, as demonstrated by the \u115A through \u115E characters.
Description: Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote attackers to spoof the location bar via an IDN with invalid Unicode characters that are displayed as whitespace, as demonstrated by the \u115A through \u115E characters.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1834
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10628
 
Oval ID: oval:org.mitre.oval:def:10628
Title: Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-free vulnerability for memory associated with a destroyed Java object.
Description: Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-free vulnerability for memory associated with a destroyed Java object.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1837
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10939
 
Oval ID: oval:org.mitre.oval:def:10939
Title: Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODE_FILEONLY save of the inner frame.
Description: Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODE_FILEONLY save of the inner frame.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1311
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10972
 
Oval ID: oval:org.mitre.oval:def:10972
Title: The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI.
Description: The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1307
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11080
 
Oval ID: oval:org.mitre.oval:def:11080
Title: The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted event handler, related to an incorrect context for this event handler.
Description: The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted event handler, related to an incorrect context for this event handler.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1838
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11520
 
Oval ID: oval:org.mitre.oval:def:11520
Title: Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox before 3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element.
Description: Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox before 3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1310
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11764
 
Oval ID: oval:org.mitre.oval:def:11764
Title: Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.
Description: Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1836
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13364
 
Oval ID: oval:org.mitre.oval:def:13364
Title: USN-764-1 -- firefox-3.0, xulrunner-1.9 vulnerabilities
Description: Several flaws were discovered in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that Firefox displayed certain Unicode characters which could be visually confused with punctuation in valid web addresses in the location bar. An attacker could exploit this to spoof the location bar, such as in a phishing attack. Several flaws were discovered in the way Firefox processed malformed URI schemes. If a user were tricked into viewing a malicious website, a remote attacker could execute arbitrary JavaScript or steal private data. Cefn Hoile discovered Firefox did not adequately protect against embedded third-party stylesheets. An attacker could exploit this to perform script injection attacks using XBL bindings. Paolo Amadini discovered that Firefox would submit POST data when reloading an inner frame of a web page. If a user were tricked into viewing a malicious website, a remote attacker could steal private data
Family: unix Class: patch
Reference(s): USN-764-1
CVE-2009-1302
CVE-2009-1303
CVE-2009-1304
CVE-2009-1305
CVE-2009-0652
CVE-2009-1306
CVE-2009-1307
CVE-2009-1309
CVE-2009-1310
CVE-2009-1312
CVE-2009-1308
CVE-2009-1311
Version: 5
Platform(s): Ubuntu 8.10
Ubuntu 8.04
Ubuntu 9.04
Product(s): firefox-3.0
xulrunner-1.9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13378
 
Oval ID: oval:org.mitre.oval:def:13378
Title: DSA-1830-1 icedove -- several vulnerabilities
Description: Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0040 The execution of arbitrary code might be possible via a crafted PNG file that triggers a free of an uninitialised pointer in the png_read_png function, pCAL chunk handling, or setup of 16-bit gamma tables. CVE-2009-0352 It is possible to execute arbitrary code via vectors related to the layout engine. CVE-2009-0353 It is possible to execute arbitrary code via vectors related to the JavaScript engine. CVE-2009-0652 Bjoern Hoehrmann and Moxie Marlinspike discovered a possible spoofing attack via Unicode box drawing characters in internationalised domain names. CVE-2009-0771 Memory corruption and assertion failures have been discovered in the layout engine, leading to the possible execution of arbitrary code. CVE-2009-0772 The layout engine allows the execution of arbitrary code ia vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection. CVE-2009-0773 The JavaScript engine is prone to the execution of arbitrary code via several vectors. CVE-2009-0774 The layout engine allows the execution of arbitrary code via vectors related to gczeal. CVE-2009-0776 Georgi Guninski discovered that it is possible to obtain xml data via an issue related to the nsIRDFService. CVE-2009-1302 The browser engine is prone to a possible memory corruption via several vectors. CVE-2009-1303 The browser engine is prone to a possible memory corruption via the nsSVGElement::BindToTree function. CVE-2009-1307 Gregory Fleischer discovered that it is possible to bypass the Same Origin Policy when opening a Flash file via the view-source: scheme. CVE-2009-1832 The possible arbitrary execution of code was discovered via vectors involving "double frame construction." CVE-2009-1392 Several issues were discovered in the browser engine as used by icedove, which could lead to the possible execution of arbitrary code. CVE-2009-1836 Shuo Chen, Ziqing Mao, Yi-Min Wang and Ming Zhang reported a potential man-in-the-middle attack, when using a proxy due to insufficient checks on a certain proxy response. CVE-2009-1838 moz_bug_r_a4 discovered that it is possible to execute arbitrary JavaScript with chrome privileges due to an error in the garbage-collection implementation. CVE-2009-1841 moz_bug_r_a4 reported that it is possible for scripts from page content to run with elevated privileges and thus potentially executing arbitrary code with the object's chrome privileges. No CVE id yet Bernd Jendrissek discovered a potentially exploitable crash when viewing a multipart/alternative mail message with a text/enhanced part. For the stable distribution, these problems have been fixed in version 2.0.0.22-0lenny1. As indicated in the Etch release notes, security support for the Mozilla products in the oldstable distribution needed to be stopped before the end of the regular Etch security maintenance life cycle. You are strongly encouraged to upgrade to stable or switch to a still supported mail client. For the testing distribution these problems will be fixed soon. For the unstable distribution, these problems have been fixed in version 2.0.0.22-1. We recommend that you upgrade your icedove packages.
Family: unix Class: patch
Reference(s): DSA-1830-1
CVE-2009-0040
CVE-2009-0352
CVE-2009-0353
CVE-2009-0652
CVE-2009-0771
CVE-2009-0772
CVE-2009-0773
CVE-2009-0774
CVE-2009-0776
CVE-2009-1302
CVE-2009-1303
CVE-2009-1307
CVE-2009-1832
CVE-2009-1392
CVE-2009-1836
CVE-2009-1838
CVE-2009-1841
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): icedove
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13425
 
Oval ID: oval:org.mitre.oval:def:13425
Title: DSA-1820-1 xulrunner -- several vulnerabilities
Description: Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-1392 Several issues in the browser engine have been discovered, which can result in the execution of arbitrary code. CVE-2009-1832 It is possible to execute arbitrary code via vectors involving "double frame construction." CVE-2009-1833 Jesse Ruderman and Adam Hauner discovered a problem in the JavaScript engine, which could lead to the execution of arbitrary code. CVE-2009-1834 Pavel Cvrcek discovered a potential issue leading to a spoofing attack on the location bar related to certain invalid unicode characters. CVE-2009-1835 Gregory Fleischer discovered that it is possible to read arbitrary cookies via a crafted HTML document. CVE-2009-1836 Shuo Chen, Ziqing Mao, Yi-Min Wang and Ming Zhang reported a potential man-in-the-middle attack, when using a proxy due to insufficient checks on a certain proxy response. CVE-2009-1837 Jakob Balle and Carsten Eiram reported a race condition in the NPObjWrapper_NewResolve function that can be used to execute arbitrary code. CVE-2009-1838 moz_bug_r_a4 discovered that it is possible to execute arbitrary JavaScript with chrome privileges due to an error in the garbage-collection implementation. CVE-2009-1839 Adam Barth and Collin Jackson reported a potential privilege escalation when loading a file::resource via the location bar. CVE-2009-1840 Wladimir Palant discovered that it is possible to bypass access restrictions due to a lack of content policy check, when loading a script file into a XUL document. CVE-2009-1841 moz_bug_r_a4 reported that it is possible for scripts from page content to run with elevated privileges and thus potentially executing arbitrary code with the object’s chrome privileges. For the stable distribution, these problems have been fixed in version 1.9.0.11-0lenny1. As indicated in the Etch release notes, security support for the Mozilla products in the oldstable distribution needed to be stopped before the end of the regular Etch security maintenance life cycle. You are strongly encouraged to upgrade to stable or switch to a still supported browser. For the testing distribution, these problems will be fixed soon. For the unstable distribution, these problems have been fixed in version 1.9.0.11-1. We recommend that you upgrade your xulrunner packages.
Family: unix Class: patch
Reference(s): DSA-1820-1
CVE-2009-1392
CVE-2009-1832
CVE-2009-1833
CVE-2009-1834
CVE-2009-1835
CVE-2009-1836
CVE-2009-1837
CVE-2009-1838
CVE-2009-1839
CVE-2009-1840
CVE-2009-1841
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13435
 
Oval ID: oval:org.mitre.oval:def:13435
Title: DSA-1797-1 xulrunner -- several
Description: Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0652 Moxie Marlinspike discovered that Unicode box drawing characters inside of internationalised domain names could be used for phishing attacks. CVE-2009-1302 Olli Pettay, Martijn Wargers, Mats Palmgren, Oleg Romashin, Jesse Ruderman and Gary Kwong reported crashes in the in the layout engine, which might allow the execution of arbitrary code. CVE-2009-1303 Olli Pettay, Martijn Wargers, Mats Palmgren, Oleg Romashin, Jesse Ruderman and Gary Kwong reported crashes in the in the layout engine, which might allow the execution of arbitrary code. CVE-2009-1304 Igor Bukanov and Bob Clary discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. CVE-2009-1305 Igor Bukanov and Bob Clary discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. CVE-2009-1306 Daniel Veditz discovered that the Content-Disposition: header is ignored within the jar: URI scheme. CVE-2009-1307 Gregory Fleischer discovered that the same-origin policy for Flash files is inproperly enforced for files loaded through the view-source scheme, which may result in bypass of cross-domain policy restrictions. CVE-2009-1308 Cefn Hoile discovered that sites, which allow the embedding of third-party stylesheets are vulnerable to cross-site scripting attacks through XBL bindings. CVE-2009-1309 "moz_bug_r_a4" discovered bypasses of the same-origin policy in the XMLHttpRequest Javascript API and the XPCNativeWrapper. CVE-2009-1311 Paolo Amadini discovered that incorrect handling of POST data when saving a web site with an embedded frame may lead to information disclosure. CVE-2009-1312 It was discovered that Iceweasel allows Refresh: headers to redirect to Javascript URIs, resulting in cross-site scripting. For the stable distribution, these problems have been fixed in version 1.9.0.9-0lenny2. As indicated in the Etch release notes, security support for the Mozilla products in the oldstable distribution needed to be stopped before the end of the regular Etch security maintenance life cycle. You are strongly encouraged to upgrade to stable or switch to a still supported browser. For the unstable distribution, these problems have been fixed in version 1.9.0.9-1. We recommend that you upgrade your xulrunner packages.
Family: unix Class: patch
Reference(s): DSA-1797-1
CVE-2009-0652
CVE-2009-1302
CVE-2009-1303
CVE-2009-1304
CVE-2009-1305
CVE-2009-1306
CVE-2009-1307
CVE-2009-1308
CVE-2009-1309
CVE-2009-1311
CVE-2009-1312
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13520
 
Oval ID: oval:org.mitre.oval:def:13520
Title: DSA-1798-1 pango1.0 -- integer overflow
Description: Will Drewry discovered that pango, a system for layout and rendering of internationalised text, is prone to an integer overflow via long glyphstrings. This could cause the execution of arbitrary code when displaying crafted data through an application using the pango library. For the stable distribution, this problem has been fixed in version 1.20.5-3+lenny1. For the oldstable distribution, this problem has been fixed in version 1.14.8-5+etch1. For the testing distribution and the unstable distribution , this problem has been fixed in version 1.24-1. We recommend that you upgrade your pango1.0 packages.
Family: unix Class: patch
Reference(s): DSA-1798-1
CVE-2009-1194
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): pango1.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13845
 
Oval ID: oval:org.mitre.oval:def:13845
Title: USN-773-1 -- pango1.0 vulnerability
Description: Will Drewry discovered that Pango incorrectly handled rendering text with long glyphstrings. If a user were tricked into displaying specially crafted data with applications linked against Pango, such as Firefox, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.
Family: unix Class: patch
Reference(s): USN-773-1
CVE-2009-1194
Version: 5
Platform(s): Ubuntu 8.04
Ubuntu 6.06
Ubuntu 8.10
Product(s): pango1.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13939
 
Oval ID: oval:org.mitre.oval:def:13939
Title: USN-779-1 -- firefox-3.0, xulrunner-1.9 vulnerabilities
Description: Several flaws were discovered in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Pavel Cvrcek discovered that Firefox would sometimes display certain invalid Unicode characters as whitespace. An attacker could exploit this to spoof the location bar, such as in a phishing attack. Gregory Fleischer, Adam Barth and Collin Jackson discovered that Firefox would allow access to local files from resources loaded via the file: protocol. If a user were tricked into downloading then opening a malicious file, an attacker could steal potentially sensitive information. Shuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang discovered that Firefox did not properly handle error responses when connecting to a proxy server. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. Wladimir Palant discovered Firefox did not check content-loading policies when loading external script files into XUL documents. As a result, Firefox might load malicious content under certain circumstances. It was discovered that Firefox could be made to run scripts with elevated privileges. If a user were tricked into viewing a malicious website, an attacker could cause a chrome privileged object, such as the browser sidebar, to run arbitrary code via interactions with the attacker controlled website
Family: unix Class: patch
Reference(s): USN-779-1
CVE-2009-1392
CVE-2009-1832
CVE-2009-1833
CVE-2009-1837
CVE-2009-1838
CVE-2009-1834
CVE-2009-1835
CVE-2009-1839
CVE-2009-1836
CVE-2009-1840
CVE-2009-1841
Version: 5
Platform(s): Ubuntu 8.10
Ubuntu 8.04
Ubuntu 9.04
Product(s): firefox-3.0
xulrunner-1.9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14001
 
Oval ID: oval:org.mitre.oval:def:14001
Title: USN-782-1 -- thunderbird vulnerabilities
Description: Several flaws were discovered in the JavaScript engine of Thunderbird. If a user had JavaScript enabled and were tricked into viewing malicious web content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Several flaws were discovered in the way Thunderbird processed malformed URI schemes. If a user were tricked into viewing a malicious website and had JavaScript and plugins enabled, a remote attacker could execute arbitrary JavaScript or steal private data. Cefn Hoile discovered Thunderbird did not adequately protect against embedded third-party stylesheets. If JavaScript were enabled, an attacker could exploit this to perform script injection attacks using XBL bindings. Shuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang discovered that Thunderbird did not properly handle error responses when connecting to a proxy server. If a user had JavaScript enabled while using Thunderbird to view websites and a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. It was discovered that Thunderbird could be made to run scripts with elevated privileges. If a user had JavaScript enabled while having certain non-default add-ons installed and were tricked into viewing a malicious website, an attacker could cause a chrome privileged object, such as the browser sidebar, to run arbitrary code via interactions with the attacker controlled website
Family: unix Class: patch
Reference(s): USN-782-1
CVE-2009-1303
CVE-2009-1305
CVE-2009-1392
CVE-2009-1833
CVE-2009-1838
CVE-2009-1306
CVE-2009-1307
CVE-2009-1309
CVE-2009-1308
CVE-2009-1836
CVE-2009-1841
Version: 5
Platform(s): Ubuntu 8.10
Ubuntu 8.04
Ubuntu 9.04
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21861
 
Oval ID: oval:org.mitre.oval:def:21861
Title: ELSA-2009:0436: firefox security update (Critical)
Description: Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header. NOTE: it was later reported that Firefox 3.6 a1 pre and Mozilla 1.7.x and earlier are also affected.
Family: unix Class: patch
Reference(s): ELSA-2009:0436-02
CVE-2009-0652
CVE-2009-1302
CVE-2009-1303
CVE-2009-1304
CVE-2009-1305
CVE-2009-1306
CVE-2009-1307
CVE-2009-1308
CVE-2009-1309
CVE-2009-1310
CVE-2009-1311
CVE-2009-1312
Version: 53
Platform(s): Oracle Linux 5
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22762
 
Oval ID: oval:org.mitre.oval:def:22762
Title: ELSA-2009:0476: pango security update (Important)
Description: Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location value in Firefox.
Family: unix Class: patch
Reference(s): ELSA-2009:0476-01
CVE-2009-1194
Version: 6
Platform(s): Oracle Linux 5
Product(s): pango
evolution28-pango
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22817
 
Oval ID: oval:org.mitre.oval:def:22817
Title: ELSA-2009:1095: firefox security update (Critical)
Description: js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object, as demonstrated by the browser sidebar and the FeedWriter.
Family: unix Class: patch
Reference(s): ELSA-2009:1095-01
CVE-2009-1392
CVE-2009-1832
CVE-2009-1833
CVE-2009-1834
CVE-2009-1835
CVE-2009-1836
CVE-2009-1837
CVE-2009-1838
CVE-2009-1839
CVE-2009-1840
CVE-2009-1841
Version: 49
Platform(s): Oracle Linux 5
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28946
 
Oval ID: oval:org.mitre.oval:def:28946
Title: RHSA-2009:0476 -- pango security update (Important)
Description: Updated pango and evolution28-pango packages that fix an integer overflow flaw are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pango is a library used for the layout and rendering of internationalized text.
Family: unix Class: patch
Reference(s): RHSA-2009:0476
CESA-2009:0476-CentOS 3
CESA-2009:0476-CentOS 5
CVE-2009-1194
Version: 3
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 3
CentOS Linux 5
Product(s): pango
evolution28-pango
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29267
 
Oval ID: oval:org.mitre.oval:def:29267
Title: RHSA-2009:0436 -- firefox security update (Critical)
Description: Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305)
Family: unix Class: patch
Reference(s): RHSA-2009:0436
CESA-2009:0436-CentOS 5
CVE-2009-0652
CVE-2009-1302
CVE-2009-1303
CVE-2009-1304
CVE-2009-1305
CVE-2009-1306
CVE-2009-1307
CVE-2009-1308
CVE-2009-1309
CVE-2009-1310
CVE-2009-1311
CVE-2009-1312
Version: 3
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 4
CentOS Linux 5
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29396
 
Oval ID: oval:org.mitre.oval:def:29396
Title: RHSA-2009:1095 -- firefox security update (Critical)
Description: Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1392, CVE-2009-1832, CVE-2009-1833, CVE-2009-1837, CVE-2009-1838, CVE-2009-1841)
Family: unix Class: patch
Reference(s): RHSA-2009:1095
CESA-2009:1095-CentOS 5
CVE-2009-1392
CVE-2009-1832
CVE-2009-1833
CVE-2009-1834
CVE-2009-1835
CVE-2009-1836
CVE-2009-1837
CVE-2009-1838
CVE-2009-1839
CVE-2009-1840
CVE-2009-1841
Version: 3
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 4
CentOS Linux 5
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5265
 
Oval ID: oval:org.mitre.oval:def:5265
Title: Mozilla Seamonkey Multiple XSS Vulnerabilities
Description: Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1309
Version: 2
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5319
 
Oval ID: oval:org.mitre.oval:def:5319
Title: Mozilla Thunderbird Memory corruption Vulnerabilities
Description: The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckRedeclaration.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1304
Version: 6
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5480
 
Oval ID: oval:org.mitre.oval:def:5480
Title: Mozilla Seamonkey Memory corruption Vulnerabilities
Description: The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckRedeclaration.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1304
Version: 2
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5527
 
Oval ID: oval:org.mitre.oval:def:5527
Title: Mozilla Firefox Denial of Service Vulnerability
Description: The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy, (3) nsComputedDOMStyle::GetWidth, (4) the xslt_attributeset_ImportSameName.html test case for the XSLT stylesheet compiler, (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBindingAncestor, (7) PL_DHashTableOperate and nsEditor::EndUpdateViewBatch, and (8) gfxSkipCharsIterator::SetOffsets, and other vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1302
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5591
 
Oval ID: oval:org.mitre.oval:def:5591
Title: Mozilla Thunderbird Multiple XSS Vulnerabilities
Description: Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1309
Version: 6
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5810
 
Oval ID: oval:org.mitre.oval:def:5810
Title: Mozilla Seamonkey Denial of Service Vulnerability
Description: The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1303
Version: 2
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5933
 
Oval ID: oval:org.mitre.oval:def:5933
Title: Mozilla Seamonkey arbitrary code execution Vulnerability
Description: The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1307
Version: 2
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5992
 
Oval ID: oval:org.mitre.oval:def:5992
Title: Mozilla Firefox Denial of Service Vulnerability
Description: The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1303
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6015
 
Oval ID: oval:org.mitre.oval:def:6015
Title: Mozilla Firefox Memory corruption Vulnerabilities
Description: The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckRedeclaration.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1304
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6021
 
Oval ID: oval:org.mitre.oval:def:6021
Title: Mozilla Firefox Cross Site Scripting Vulnerability
Description: The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1306
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6064
 
Oval ID: oval:org.mitre.oval:def:6064
Title: Mozilla Firefox XSS Vulnerability
Description: Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header. NOTE: it was later reported that Firefox 3.6 a1 pre and Mozilla 1.7.x and earlier are also affected.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1312
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6070
 
Oval ID: oval:org.mitre.oval:def:6070
Title: Mozilla Seamonkey Denial of Service Vulnerability
Description: The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy, (3) nsComputedDOMStyle::GetWidth, (4) the xslt_attributeset_ImportSameName.html test case for the XSLT stylesheet compiler, (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBindingAncestor, (7) PL_DHashTableOperate and nsEditor::EndUpdateViewBatch, and (8) gfxSkipCharsIterator::SetOffsets, and other vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1302
Version: 2
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6090
 
Oval ID: oval:org.mitre.oval:def:6090
Title: Mozilla Thunderbird DoS and Memory Corruption Vulnerability
Description: The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMANENT attribute.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1305
Version: 6
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6131
 
Oval ID: oval:org.mitre.oval:def:6131
Title: Mozilla Seamonkey XSS Vulnerability
Description: Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header. NOTE: it was later reported that Firefox 3.6 a1 pre and Mozilla 1.7.x and earlier are also affected.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1312
Version: 2
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6139
 
Oval ID: oval:org.mitre.oval:def:6139
Title: Mozilla Firefox Multiple XSS Vulnerabilities
Description: Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1309
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6151
 
Oval ID: oval:org.mitre.oval:def:6151
Title: Mozilla Thunderbird Denial of Service Vulnerability
Description: The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1303
Version: 6
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6154
 
Oval ID: oval:org.mitre.oval:def:6154
Title: Mozilla Firefox arbitrary code execution Vulnerability
Description: The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1307
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6170
 
Oval ID: oval:org.mitre.oval:def:6170
Title: Mozilla Thunderbird Denial of Service Vulnerability
Description: The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy, (3) nsComputedDOMStyle::GetWidth, (4) the xslt_attributeset_ImportSameName.html test case for the XSLT stylesheet compiler, (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBindingAncestor, (7) PL_DHashTableOperate and nsEditor::EndUpdateViewBatch, and (8) gfxSkipCharsIterator::SetOffsets, and other vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1302
Version: 6
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6173
 
Oval ID: oval:org.mitre.oval:def:6173
Title: Mozilla Seamonkey XSS and arbitrary injection Vulnerabilities
Description: Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1308
Version: 2
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6185
 
Oval ID: oval:org.mitre.oval:def:6185
Title: Mozilla Firefox XSS and arbitrary injection Vulnerabilities
Description: Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1308
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6194
 
Oval ID: oval:org.mitre.oval:def:6194
Title: Mozilla Seamonkey Cross Site Scripting Vulnerability
Description: The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1306
Version: 2
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6200
 
Oval ID: oval:org.mitre.oval:def:6200
Title: Mozilla Seamonkey Information Disclosure Vulnerability
Description: Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODE_FILEONLY save of the inner frame.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1311
Version: 2
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6222
 
Oval ID: oval:org.mitre.oval:def:6222
Title: Mozilla Firefox Information Disclosure Vulnerability
Description: Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODE_FILEONLY save of the inner frame.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1311
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6232
 
Oval ID: oval:org.mitre.oval:def:6232
Title: Mozilla Firefox DoS and Memory Corruption Vulnerability
Description: The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMANENT attribute.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1305
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6242
 
Oval ID: oval:org.mitre.oval:def:6242
Title: Mozilla Firefox XSS nadn HTML injection Vulnerabilities
Description: Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox before 3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1310
Version: 6
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6248
 
Oval ID: oval:org.mitre.oval:def:6248
Title: Mozilla Seamonkey DoS and Memory Corruption Vulnerability
Description: The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMANENT attribute.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1305
Version: 2
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6266
 
Oval ID: oval:org.mitre.oval:def:6266
Title: Mozilla Thunderbird arbitrary code execution Vulnerability
Description: The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1307
Version: 6
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6296
 
Oval ID: oval:org.mitre.oval:def:6296
Title: Mozilla Thunderbird XSS and arbitrary injection Vulnerabilities
Description: Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1308
Version: 6
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6312
 
Oval ID: oval:org.mitre.oval:def:6312
Title: Mozilla Thunderbird Cross Site Scripting Vulnerability
Description: The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1306
Version: 6
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6646
 
Oval ID: oval:org.mitre.oval:def:6646
Title: Mozilla Thunderbird, Firefox and Seamonkey Denial of Service Vulnerability
Description: The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1303
Version: 17
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6710
 
Oval ID: oval:org.mitre.oval:def:6710
Title: Mozilla Thunderbird, Firefox and Seamonkey Cross Site Scripting Vulnerability
Description: The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1306
Version: 17
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6731
 
Oval ID: oval:org.mitre.oval:def:6731
Title: Mozilla Firefox and Seamonkey XSS Vulnerability
Description: Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header. NOTE: it was later reported that Firefox 3.6 a1 pre and Mozilla 1.7.x and earlier are also affected.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1312
Version: 10
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Seamonkey
Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6831
 
Oval ID: oval:org.mitre.oval:def:6831
Title: Mozilla Firefox, Thunderbird, and Seamonkey Multiple XSS Vulnerabilities
Description: Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1309
Version: 17
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6920
 
Oval ID: oval:org.mitre.oval:def:6920
Title: DSA-1797 xulrunner -- several vulnerabilities
Description: Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: Moxie Marlinspike discovered that Unicode box drawing characters inside of internationalised domain names could be used for phishing attacks. Olli Pettay, Martijn Wargers, Mats Palmgren, Oleg Romashin, Jesse Ruderman and Gary Kwong reported crashes in the layout engine, which might allow the execution of arbitrary code. Olli Pettay, Martijn Wargers, Mats Palmgren, Oleg Romashin, Jesse Ruderman and Gary Kwong reported crashes in the layout engine, which might allow the execution of arbitrary code. Igor Bukanov and Bob Clary discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. Igor Bukanov and Bob Clary discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. Daniel Veditz discovered that the Content-Disposition: header is ignored within the jar: URI scheme. Gregory Fleischer discovered that the same-origin policy for Flash files is inproperly enforced for files loaded through the view-source scheme, which may result in bypass of cross-domain policy restrictions. Cefn Hoile discovered that sites, which allow the embedding of third-party stylesheets are vulnerable to cross-site scripting attacks through XBL bindings. "moz_bug_r_a4" discovered bypasses of the same-origin policy in the XMLHttpRequest Javascript API and the XPCNativeWrapper. Paolo Amadini discovered that incorrect handling of POST data when saving a web site with an embedded frame may lead to information disclosure. It was discovered that Iceweasel allows Refresh: headers to redirect to Javascript URIs, resulting in cross-site scripting.
Family: unix Class: patch
Reference(s): DSA-1797
CVE-2009-0652
CVE-2009-1302
CVE-2009-1303
CVE-2009-1304
CVE-2009-1305
CVE-2009-1306
CVE-2009-1307
CVE-2009-1308
CVE-2009-1309
CVE-2009-1311
CVE-2009-1312
Version: 3
Platform(s): Debian GNU/Linux 5.0
Product(s): xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6921
 
Oval ID: oval:org.mitre.oval:def:6921
Title: Mozilla Firefox, Thunderbird and Seamonkey DoS and Memory Corruption Vulnerability
Description: The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMANENT attribute.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1305
Version: 17
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7008
 
Oval ID: oval:org.mitre.oval:def:7008
Title: Mozilla Thunderbird, Firefox and Seamonkey arbitrary code execution Vulnerability
Description: The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1307
Version: 17
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Thunderbird
Mozilla Seamonkey
Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7030
 
Oval ID: oval:org.mitre.oval:def:7030
Title: Mozilla Thunderbird, Seamonkey and Firefox Denial of Service Vulnerability
Description: The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy, (3) nsComputedDOMStyle::GetWidth, (4) the xslt_attributeset_ImportSameName.html test case for the XSLT stylesheet compiler, (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBindingAncestor, (7) PL_DHashTableOperate and nsEditor::EndUpdateViewBatch, and (8) gfxSkipCharsIterator::SetOffsets, and other vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1302
Version: 17
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Thunderbird
Mozilla Seamonkey
Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7235
 
Oval ID: oval:org.mitre.oval:def:7235
Title: Mozilla Firefox and Seamonkey Information Disclosure Vulnerability
Description: Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODE_FILEONLY save of the inner frame.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1311
Version: 10
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7248
 
Oval ID: oval:org.mitre.oval:def:7248
Title: DSA-1798 pango1.0 -- integer overflow
Description: Will Drewry discovered that pango, a system for layout and rendering of internationalised text, is prone to an integer overflow via long glyphstrings. This could cause the execution of arbitrary code when displaying crafted data through an application using the pango library.
Family: unix Class: patch
Reference(s): DSA-1798
CVE-2009-1194
Version: 3
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): pango1.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7285
 
Oval ID: oval:org.mitre.oval:def:7285
Title: Mozilla Thunderbird, Firefox and Seamonkey XSS and arbitrary injection Vulnerabilities
Description: Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1308
Version: 17
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Thunderbird
Mozilla Seamonkey
Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7516
 
Oval ID: oval:org.mitre.oval:def:7516
Title: Mozilla Firefox, Thunderbird and Seamonkey Memory corruption Vulnerabilities
Description: The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckRedeclaration.
Family: windows Class: vulnerability
Reference(s): CVE-2009-1304
Version: 17
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7872
 
Oval ID: oval:org.mitre.oval:def:7872
Title: DSA-1820 xulrunner -- several vulnerabilities
Description: Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: Several issues in the browser engine have been discovered, which can result in the execution of arbitrary code. (MFSA 2009-24) It is possible to execute arbitrary code via vectors involving "double frame construction." (MFSA 2009-24) Jesse Ruderman and Adam Hauner discovered a problem in the JavaScript engine, which could lead to the execution of arbitrary code. (MFSA 2009-24) Pavel Cvrcek discovered a potential issue leading to a spoofing attack on the location bar related to certain invalid unicode characters. (MFSA 2009-25) Gregory Fleischer discovered that it is possible to read arbitrary cookies via a crafted HTML document. (MFSA 2009-26) Shuo Chen, Ziqing Mao, Yi-Min Wang and Ming Zhang reported a potential man-in-the-middle attack, when using a proxy due to insufficient checks on a certain proxy response. (MFSA 2009-27) Jakob Balle and Carsten Eiram reported a race condition in the NPObjWrapper_NewResolve function that can be used to execute arbitrary code. (MFSA 2009-28) moz_bug_r_a4 discovered that it is possible to execute arbitrary JavaScript with chrome privileges due to an error in the garbage-collection implementation. (MFSA 2009-29) Adam Barth and Collin Jackson reported a potential privilege escalation when loading a file::resource via the location bar. (MFSA 2009-30) Wladimir Palant discovered that it is possible to bypass access restrictions due to a lack of content policy check, when loading a script file into a XUL document. (MFSA 2009-31) moz_bug_r_a4 reported that it is possible for scripts from page content to run with elevated privileges and thus potentially executing arbitrary code with the object's chrome privileges. (MFSA 2009-32)
Family: unix Class: patch
Reference(s): DSA-1820
CVE-2009-1392
CVE-2009-1832
CVE-2009-1833
CVE-2009-1834
CVE-2009-1835
CVE-2009-1836
CVE-2009-1837
CVE-2009-1838
CVE-2009-1839
CVE-2009-1840
CVE-2009-1841
Version: 3
Platform(s): Debian GNU/Linux 5.0
Product(s): xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8036
 
Oval ID: oval:org.mitre.oval:def:8036
Title: DSA-1830 icedove -- several vulnerabilities
Description: Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: The execution of arbitrary code might be possible via a crafted PNG file that triggers a free of an uninitialised pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables. (MFSA 2009-10) It is possible to execute arbitrary code via vectors related to the layout engine. (MFSA 2009-01) It is possible to execute arbitrary code via vectors related to the JavaScript engine. (MFSA 2009-01) Bjoern Hoehrmann and Moxie Marlinspike discovered a possible spoofing attack via Unicode box drawing characters in internationalised domain names. (MFSA 2009-15) Memory corruption and assertion failures have been discovered in the layout engine, leading to the possible execution of arbitrary code. (MFSA 2009-07) The layout engine allows the execution of arbitrary code in vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection. (MFSA 2009-07) The JavaScript engine is prone to the execution of arbitrary code via several vectors. (MFSA 2009-07) The layout engine allows the execution of arbitrary code via vectors related to gczeal. (MFSA 2009-07) Georgi Guninski discovered that it is possible to obtain xml data via an issue related to the nsIRDFService. (MFSA 2009-09) The browser engine is prone to a possible memory corruption via several vectors. (MFSA 2009-14) The browser engine is prone to a possible memory corruption via the nsSVGElement::BindToTree function. (MFSA 2009-14) Gregory Fleischer discovered that it is possible to bypass the Same Origin Policy when opening a Flash file via the view-source: scheme. (MFSA 2009-17) The possible arbitrary execution of code was discovered via vectors involving "double frame construction." (MFSA 2009-24) Several issues were discovered in the browser engine as used by icedove, which could lead to the possible execution of arbitrary code. (MFSA 2009-24) Shuo Chen, Ziqing Mao, Yi-Min Wang and Ming Zhang reported a potential man-in-the-middle attack, when using a proxy due to insufficient checks on a certain proxy response. (MFSA 2009-27) moz_bug_r_a4 discovered that it is possible to execute arbitrary JavaScript with chrome privileges due to an error in the garbage collection implementation. (MFSA 2009-29) moz_bug_r_a4 reported that it is possible for scripts from page content to run with elevated privileges and thus potentially executing arbitrary code with the object's chrome privileges. (MFSA 2009-32) Bernd Jendrissek discovered a potentially exploitable crash when viewing a multipart/alternative mail message with a text/enhanced part. (MFSA 2009-33)
Family: unix Class: patch
Reference(s): DSA-1830
CVE-2009-0040
CVE-2009-0352
CVE-2009-0353
CVE-2009-0652
CVE-2009-0771
CVE-2009-0772
CVE-2009-0773
CVE-2009-0774
CVE-2009-0776
CVE-2009-1302
CVE-2009-1303
CVE-2009-1307
CVE-2009-1832
CVE-2009-1392
CVE-2009-1836
CVE-2009-1838
CVE-2009-1841
Version: 3
Platform(s): Debian GNU/Linux 5.0
Product(s): icedove
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9256
 
Oval ID: oval:org.mitre.oval:def:9256
Title: Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack.
Description: Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1839
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9448
 
Oval ID: oval:org.mitre.oval:def:9448
Title: Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check content policy before loading a script file into a XUL document, which allows remote attackers to bypass intended access restrictions via a crafted HTML document, as demonstrated by a "web bug" in an e-mail message, or web script or an advertisement in a web page.
Description: Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check content policy before loading a script file into a XUL document, which allows remote attackers to bypass intended access restrictions via a crafted HTML document, as demonstrated by a "web bug" in an e-mail message, or web script or an advertisement in a web page.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1840
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9455
 
Oval ID: oval:org.mitre.oval:def:9455
Title: The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree.
Description: The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1303
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9494
 
Oval ID: oval:org.mitre.oval:def:9494
Title: Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.
Description: Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1309
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9535
 
Oval ID: oval:org.mitre.oval:def:9535
Title: The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckRedeclaration.
Description: The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckRedeclaration.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1304
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9815
 
Oval ID: oval:org.mitre.oval:def:9815
Title: js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object, as demonstrated by the browser sidebar and the FeedWriter.
Description: js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object, as demonstrated by the browser sidebar and the FeedWriter.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1841
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9818
 
Oval ID: oval:org.mitre.oval:def:9818
Title: Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header. NOTE: it was later reported that Firefox 3.6 a1 pre and Mozilla 1.7.x and earlier are also affected.
Description: Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header. NOTE: it was later reported that Firefox 3.6 a1 pre and Mozilla 1.7.x and earlier are also affected.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1312
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 179
Application 41
Application 86
Application 32

OpenVAS Exploits

Date Description
2011-08-09 Name : CentOS Update for pango CESA-2009:0476 centos5 i386
File : nvt/gb_CESA-2009_0476_pango_centos5_i386.nasl
2011-08-09 Name : CentOS Update for firefox CESA-2009:0436 centos4 i386
File : nvt/gb_CESA-2009_0436_firefox_centos4_i386.nasl
2011-08-09 Name : CentOS Update for firefox CESA-2009:0436 centos5 i386
File : nvt/gb_CESA-2009_0436_firefox_centos5_i386.nasl
2011-08-09 Name : CentOS Update for seamonkey CESA-2009:0437-02 centos2 i386
File : nvt/gb_CESA-2009_0437-02_seamonkey_centos2_i386.nasl
2011-08-09 Name : CentOS Update for seamonkey CESA-2009:0437 centos4 i386
File : nvt/gb_CESA-2009_0437_seamonkey_centos4_i386.nasl
2011-08-09 Name : CentOS Update for evolution28-pango CESA-2009:0476 centos4 i386
File : nvt/gb_CESA-2009_0476_evolution28-pango_centos4_i386.nasl
2011-08-09 Name : CentOS Update for pango CESA-2009:0476 centos3 i386
File : nvt/gb_CESA-2009_0476_pango_centos3_i386.nasl
2011-08-09 Name : CentOS Update for firefox CESA-2009:1095 centos5 i386
File : nvt/gb_CESA-2009_1095_firefox_centos5_i386.nasl
2011-08-09 Name : CentOS Update for seamonkey CESA-2009:1096 centos3 i386
File : nvt/gb_CESA-2009_1096_seamonkey_centos3_i386.nasl
2011-08-09 Name : CentOS Update for thunderbird CESA-2009:1126 centos5 i386
File : nvt/gb_CESA-2009_1126_thunderbird_centos5_i386.nasl
2010-05-12 Name : Mac OS X Security Update 2009-005
File : nvt/macosx_secupd_2009-005.nasl
2009-12-10 Name : Mandriva Security Advisory MDVSA-2009:158-3 (pango)
File : nvt/mdksa_2009_158_3.nasl
2009-11-23 Name : Mandriva Security Advisory MDVSA-2009:158-2 (pango)
File : nvt/mdksa_2009_158_2.nasl
2009-11-17 Name : Mandriva Security Advisory MDVSA-2009:158-1 (pango)
File : nvt/mdksa_2009_158_1.nasl
2009-10-11 Name : SLES11: Security update for pango
File : nvt/sles11_pango.nasl
2009-10-11 Name : SLES11: Security update for Mozilla
File : nvt/sles11_mozilla-xulrunn.nasl
2009-10-11 Name : SLES11: Security update for MozillaFirefox
File : nvt/sles11_MozillaFirefox4.nasl
2009-10-11 Name : SLES11: Security update for MozillaFirefox
File : nvt/sles11_MozillaFirefox3.nasl
2009-10-11 Name : SLES11: Security update for MozillaFirefox
File : nvt/sles11_MozillaFirefox1.nasl
2009-10-10 Name : SLES9: Security update for epiphany
File : nvt/sles9p5059920.nasl
2009-09-15 Name : Debian Security Advisory DSA 1886-1 (iceweasel)
File : nvt/deb_1886_1.nasl
2009-08-17 Name : Mandrake Security Advisory MDVSA-2009:185 (firefox)
File : nvt/mdksa_2009_185.nasl
2009-08-17 Name : Mandrake Security Advisory MDVSA-2009:182 (firefox)
File : nvt/mdksa_2009_182.nasl
2009-08-17 Name : Mandrake Security Advisory MDVSA-2009:175 (pango)
File : nvt/mdksa_2009_175.nasl
2009-07-29 Name : Ubuntu USN-802-1 (apache2)
File : nvt/ubuntu_802_1.nasl
2009-07-29 Name : Fedora Core 11 FEDORA-2009-7614 (seamonkey)
File : nvt/fcore_2009_7614.nasl
2009-07-29 Name : Fedora Core 10 FEDORA-2009-7567 (seamonkey)
File : nvt/fcore_2009_7567.nasl
2009-07-29 Name : Ubuntu USN-801-1 (tiff)
File : nvt/ubuntu_801_1.nasl
2009-07-29 Name : SuSE Security Advisory SUSE-SA:2009:039 (MozillaFirefox)
File : nvt/suse_sa_2009_039.nasl
2009-07-29 Name : Debian Security Advisory DSA 1830-1 (icedove)
File : nvt/deb_1830_1.nasl
2009-07-29 Name : Ubuntu USN-799-1 (dbus)
File : nvt/ubuntu_799_1.nasl
2009-07-06 Name : SuSE Security Summary SUSE-SR:2009:012
File : nvt/suse_sr_2009_012.nasl
2009-06-30 Name : CentOS Security Advisory CESA-2009:1126 (thunderbird)
File : nvt/ovcesa2009_1126.nasl
2009-06-30 Name : Mandrake Security Advisory MDVSA-2009:141 (mozilla-thunderbird)
File : nvt/mdksa_2009_141.nasl
2009-06-30 Name : Ubuntu USN-792-1 (openssl)
File : nvt/ubuntu_792_1.nasl
2009-06-30 Name : RedHat Security Advisory RHSA-2009:1125
File : nvt/RHSA_2009_1125.nasl
2009-06-30 Name : RedHat Security Advisory RHSA-2009:1126
File : nvt/RHSA_2009_1126.nasl
2009-06-30 Name : Ubuntu USN-782-1 (thunderbird)
File : nvt/ubuntu_782_1.nasl
2009-06-23 Name : Ubuntu USN-779-1 (xulrunner-1.9)
File : nvt/ubuntu_779_1.nasl
2009-06-23 Name : SuSE Security Advisory SUSE-SA:2009:034 (MozillaFirefox)
File : nvt/suse_sa_2009_034.nasl
2009-06-23 Name : Mandrake Security Advisory MDVSA-2009:134 (firefox)
File : nvt/mdksa_2009_134.nasl
2009-06-23 Name : CentOS Security Advisory CESA-2009:1095 (firefox)
File : nvt/ovcesa2009_1095.nasl
2009-06-23 Name : Fedora Core 9 FEDORA-2009-6411 (firefox)
File : nvt/fcore_2009_6411.nasl
2009-06-23 Name : Fedora Core 10 FEDORA-2009-6366 (firefox)
File : nvt/fcore_2009_6366.nasl
2009-06-23 Name : Debian Security Advisory DSA 1820-1 (xulrunner)
File : nvt/deb_1820_1.nasl
2009-06-16 Name : Mozilla Thunderbird Multiple Vulnerability Jun-09 (Win)
File : nvt/gb_thunderbird_mult_vuln_jun09_win.nasl
2009-06-16 Name : Mozilla Thunderbird Multiple Vulnerability Jun-09 (Linux)
File : nvt/gb_thunderbird_mult_vuln_jun09_lin.nasl
2009-06-16 Name : Mozilla Seamonkey Multiple Vulnerability Jun-09 (Win)
File : nvt/gb_seamonkey_mult_vuln_jun09_win.nasl
2009-06-16 Name : Mozilla Seamonkey Multiple Vulnerability Jun-09 (Linux)
File : nvt/gb_seamonkey_mult_vuln_jun09_lin.nasl
2009-06-16 Name : Mozilla Firefox Multiple Vulnerability Jun-09 (Win)
File : nvt/gb_firefox_mult_vuln_jun09_win.nasl
2009-06-16 Name : Mozilla Firefox Multiple Vulnerability Jun-09 (Linux)
File : nvt/gb_firefox_mult_vuln_jun09_lin.nasl
2009-06-15 Name : RedHat Security Advisory RHSA-2009:1095
File : nvt/RHSA_2009_1095.nasl
2009-06-15 Name : RedHat Security Advisory RHSA-2009:1096
File : nvt/RHSA_2009_1096.nasl
2009-06-15 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox39.nasl
2009-06-15 Name : CentOS Security Advisory CESA-2009:1096 (seamonkey)
File : nvt/ovcesa2009_1096.nasl
2009-06-05 Name : Ubuntu USN-771-1 (libmodplug)
File : nvt/ubuntu_771_1.nasl
2009-06-05 Name : Ubuntu USN-772-1 (mpfr)
File : nvt/ubuntu_772_1.nasl
2009-06-05 Name : Ubuntu USN-773-1 (pango1.0)
File : nvt/ubuntu_773_1.nasl
2009-06-05 Name : Ubuntu USN-763-1 (xine-lib)
File : nvt/ubuntu_763_1.nasl
2009-06-05 Name : Mandrake Security Advisory MDVSA-2009:111 (firefox)
File : nvt/mdksa_2009_111.nasl
2009-06-05 Name : Ubuntu USN-764-1 (xulrunner-1.9)
File : nvt/ubuntu_764_1.nasl
2009-05-25 Name : CentOS Security Advisory CESA-2009:0437 (seamonkey)
File : nvt/ovcesa2009_0437.nasl
2009-05-22 Name : Pango Integer Buffer Overflow Vulnerability
File : nvt/secpod_pango_bof_vuln.nasl
2009-05-20 Name : SuSE Security Summary SUSE-SR:2009:010
File : nvt/suse_sr_2009_010.nasl
2009-05-20 Name : Mandrake Security Advisory MDVSA-2009:111-1 (firefox)
File : nvt/mdksa_2009_111_1.nasl
2009-05-20 Name : FreeBSD Ports: pango, linux-pango, linux-f8-pango
File : nvt/freebsd_pango.nasl
2009-05-11 Name : Debian Security Advisory DSA 1797-1 (xulrunner)
File : nvt/deb_1797_1.nasl
2009-05-11 Name : Debian Security Advisory DSA 1798-1 (pango1.0)
File : nvt/deb_1798_1.nasl
2009-05-11 Name : CentOS Security Advisory CESA-2009:0476 (pango)
File : nvt/ovcesa2009_0476.nasl
2009-05-11 Name : RedHat Security Advisory RHSA-2009:0476
File : nvt/RHSA_2009_0476.nasl
2009-04-30 Name : Mozilla Thunderbird Multiple Vulnerabilities Apr-09 (Win)
File : nvt/secpod_thunderbird_mult_vuln_apr09_win.nasl
2009-04-30 Name : Mozilla Thunderbird Multiple Vulnerabilities Apr-09 (Linux)
File : nvt/secpod_thunderbird_mult_vuln_apr09_lin.nasl
2009-04-30 Name : Mozilla Seamonkey Multiple Vulnerabilities Apr-09 (Win)
File : nvt/secpod_seamonkey_mult_vuln_apr09_win.nasl
2009-04-30 Name : Mozilla Seamonkey Multiple Vulnerabilities Apr-09 (Linux)
File : nvt/secpod_seamonkey_mult_vuln_apr09_lin.nasl
2009-04-30 Name : Mozilla Firefox Multiple Vulnerabilities Apr-09 (Win)
File : nvt/secpod_firefox_mult_vuln_apr09_win.nasl
2009-04-30 Name : Mozilla Firefox Multiple Vulnerabilities Apr-09 (Linux)
File : nvt/secpod_firefox_mult_vuln_apr09_lin.nasl
2009-04-28 Name : RedHat Security Advisory RHSA-2009:0437
File : nvt/RHSA_2009_0437.nasl
2009-04-28 Name : Fedora Core 9 FEDORA-2009-3875 (firefox)
File : nvt/fcore_2009_3875.nasl
2009-04-28 Name : Fedora Core 10 FEDORA-2009-3893 (epiphany)
File : nvt/fcore_2009_3893.nasl
2009-04-28 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox38.nasl
2009-04-28 Name : CentOS Security Advisory CESA-2009:0437-02 (seamonkey)
File : nvt/ovcesa2009_0437_02.nasl
2009-04-28 Name : CentOS Security Advisory CESA-2009:0436 (firefox)
File : nvt/ovcesa2009_0436.nasl
2009-04-28 Name : RedHat Security Advisory RHSA-2009:0436
File : nvt/RHSA_2009_0436.nasl
0000-00-00 Name : Slackware Advisory SSA:2009-167-01 mozilla-firefox
File : nvt/esoft_slk_ssa_2009_167_01.nasl
0000-00-00 Name : Slackware Advisory SSA:2009-176-01 seamonkey
File : nvt/esoft_slk_ssa_2009_176_01.nasl
0000-00-00 Name : Slackware Advisory SSA:2009-178-01 mozilla-thunderbird
File : nvt/esoft_slk_ssa_2009_178_01.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
56385 Apple Mac OS X CoreGraphics Font Glyph Rendering Overflow

55164 Mozilla Firefox xul.dll nsJSNPRuntime.cpp NPObjWrapper_NewResolve Function Ra...

55163 Mozilla Firefox Location Bar file: URL Principal Assocation Access Restrictio...

55162 Mozilla Multiple Products Invalid Unicode Character Title Bar Spoofing

55160 Mozilla Multiple Products Proxy Server CONNECT Response Manipulation SSL MiTM...

55159 Mozilla Multiple Products xpcwrappedjsclass.cpp JavaScript Chrome Privilege E...

55158 Mozilla Multiple Products XUL Document Script Loading Content Policy Bypass

55157 Mozilla Multiple Products Garbage-collection Implementation Crafted Event Han...

54279 Pango pango/glyphstring.c pango_glyph_string_set_size Function Overflow

53972 Mozilla Multiple Products nsAsyncInstantiateEvent::Run() Frame Handling Memor...

53971 Mozilla Multiple Products nsSVGElement::BindToTree svg Handling Memory Corrup...

53970 Mozilla Multiple Products js_FindPropertyHelper Error Condition JavaScript En...

53969 Mozilla Multiple Products JavaScript Engine gvar Optimization JSOP_DEFVAR Hea...

53968 Mozilla Multiple Products XMLHttpRequest Document Creation Principal-based Se...

53967 Mozilla Multiple Products js_CheckRedeclaration Shared Object Handling JavaSc...

53966 Mozilla Multiple Products gfxSkipCharsIterator::SetOffsets Memory Corruption

53965 Mozilla Multiple Products nsStyleContext::Destroy() DOMAttrModified Window Ha...

53964 Mozilla Multiple Products PL_DHashTableOperate / nsEditor::EndUpdateViewBatch...

53963 Mozilla Multiple Products XSLT Stylesheet Compiling Memory Corruption

53962 Mozilla Multiple Products nsComputedDOMStyle::GetWidth Memory Corruption

53961 Mozilla Multiple Products nsXULDocument::SynchronizeBroadcastListener Memory ...

53960 Mozilla Multiple Products IsBindingAncestor Frame Handling Memory Corruption

53959 Mozilla Multiple Products XPCNativeWrapper.toString XSS

53958 Mozilla Multiple Products view-source: Scheme Adobe Flash Same-origin Policy ...

53957 Mozilla Multiple Products jar Scheme Content-disposition Header Bypass

53955 Mozilla Multiple Products Third-party Stylesheet XBL Binding XSS

53954 Mozilla Firefox MozSearch Plugins Empty Search Page Manipulation Weakness

53953 Mozilla Firefox Inner Frame Saving Cross Site POST Request Disclosure

53952 Mozilla Multiple Products Server Refresh Header XSS

Nessus® Vulnerability Scanner

Date Description
2014-05-19 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201405-13.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1162.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2009-1125.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1096.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1095.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0476.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0437.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0436.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2009-1126.nasl - Type : ACT_GATHER_INFO
2013-01-08 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20090625_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090611_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090611_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090508_pango_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090421_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090421_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2010-10-21 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_firefox3-pango-7097.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_pango-6800.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1830.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1886.nasl - Type : ACT_GATHER_INFO
2010-02-15 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_pango-100119.nasl - Type : ACT_GATHER_INFO
2010-02-15 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_pango-100119.nasl - Type : ACT_GATHER_INFO
2010-02-12 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_pango-100127.nasl - Type : ACT_GATHER_INFO
2010-02-12 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12575.nasl - Type : ACT_GATHER_INFO
2010-02-12 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_pango-6801.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1162.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-0436.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1095.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2009-1126.nasl - Type : ACT_GATHER_INFO
2009-10-30 Name : The remote openSUSE host is missing a security update.
File : suse_seamonkey-6538.nasl - Type : ACT_GATHER_INFO
2009-10-22 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_seamonkey-091007.nasl - Type : ACT_GATHER_INFO
2009-10-22 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_seamonkey-091007.nasl - Type : ACT_GATHER_INFO
2009-10-07 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12519.nasl - Type : ACT_GATHER_INFO
2009-10-06 Name : The remote openSUSE host is missing a security update.
File : suse_MozillaFirefox-6379.nasl - Type : ACT_GATHER_INFO
2009-10-06 Name : The remote openSUSE host is missing a security update.
File : suse_MozillaThunderbird-6347.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_MozillaFirefox-090427.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_MozillaFirefox-090615.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_MozillaFirefox-090724.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_mozilla-xulrunner190-090427.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_pango-090428.nasl - Type : ACT_GATHER_INFO
2009-09-11 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2009-005.nasl - Type : ACT_GATHER_INFO
2009-08-11 Name : The remote host contains a web browser that is affected by several vulnerabil...
File : safari_4_0_3.nasl - Type : ACT_GATHER_INFO
2009-07-31 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-182.nasl - Type : ACT_GATHER_INFO
2009-07-28 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_MozillaFirefox-090724.nasl - Type : ACT_GATHER_INFO
2009-07-28 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_MozillaFirefox-090724.nasl - Type : ACT_GATHER_INFO
2009-07-24 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-158.nasl - Type : ACT_GATHER_INFO
2009-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1162.nasl - Type : ACT_GATHER_INFO
2009-07-22 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_3012.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_MozillaFirefox-090427.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_MozillaFirefox-090615.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_MozillaThunderbird-090710.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_mozilla-xulrunner190-090427.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_seamonkey-090617.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_MozillaFirefox-090615.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_MozillaFirefox-090427.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_pango-090512.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_mozilla-xulrunner190-090427.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_seamonkey-090617.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_MozillaThunderbird-090710.nasl - Type : ACT_GATHER_INFO
2009-07-17 Name : The remote Fedora host is missing a security update.
File : fedora_2009-7567.nasl - Type : ACT_GATHER_INFO
2009-07-17 Name : The remote Fedora host is missing a security update.
File : fedora_2009-7614.nasl - Type : ACT_GATHER_INFO
2009-06-28 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-178-01.nasl - Type : ACT_GATHER_INFO
2009-06-28 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-141.nasl - Type : ACT_GATHER_INFO
2009-06-26 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-176-01.nasl - Type : ACT_GATHER_INFO
2009-06-26 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-782-1.nasl - Type : ACT_GATHER_INFO
2009-06-26 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2009-1125.nasl - Type : ACT_GATHER_INFO
2009-06-23 Name : A web browser on the remote host is affected by multiple vulnerabilities.
File : seamonkey_1117.nasl - Type : ACT_GATHER_INFO
2009-06-23 Name : The remote Windows host contains a mail client that is affected by multiple v...
File : mozilla_thunderbird_20022.nasl - Type : ACT_GATHER_INFO
2009-06-19 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1820.nasl - Type : ACT_GATHER_INFO
2009-06-19 Name : The remote openSUSE host is missing a security update.
File : suse_seamonkey-6310.nasl - Type : ACT_GATHER_INFO
2009-06-18 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-134.nasl - Type : ACT_GATHER_INFO
2009-06-17 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-167-01.nasl - Type : ACT_GATHER_INFO
2009-06-16 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-6366.nasl - Type : ACT_GATHER_INFO
2009-06-16 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-6411.nasl - Type : ACT_GATHER_INFO
2009-06-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-779-1.nasl - Type : ACT_GATHER_INFO
2009-06-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1096.nasl - Type : ACT_GATHER_INFO
2009-06-15 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_da185955573811deb857000f20797ede.nasl - Type : ACT_GATHER_INFO
2009-06-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1096.nasl - Type : ACT_GATHER_INFO
2009-06-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1095.nasl - Type : ACT_GATHER_INFO
2009-06-12 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_3011.nasl - Type : ACT_GATHER_INFO
2009-05-26 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-0437.nasl - Type : ACT_GATHER_INFO
2009-05-13 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-111.nasl - Type : ACT_GATHER_INFO
2009-05-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_4b1722783f4611debecb001cc0377035.nasl - Type : ACT_GATHER_INFO
2009-05-11 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-0476.nasl - Type : ACT_GATHER_INFO
2009-05-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0476.nasl - Type : ACT_GATHER_INFO
2009-05-11 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1798.nasl - Type : ACT_GATHER_INFO
2009-05-11 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1797.nasl - Type : ACT_GATHER_INFO
2009-05-08 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-773-1.nasl - Type : ACT_GATHER_INFO
2009-04-27 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-3893.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-3875.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-764-1.nasl - Type : ACT_GATHER_INFO
2009-04-22 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_3b18e2372f1511de96720030843d3802.nasl - Type : ACT_GATHER_INFO
2009-04-22 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_309.nasl - Type : ACT_GATHER_INFO
2009-04-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0436.nasl - Type : ACT_GATHER_INFO
2009-04-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0437.nasl - Type : ACT_GATHER_INFO
2009-04-10 Name : A web browser on the remote host is affected by multiple vulnerabilities.
File : seamonkey_1116.nasl - Type : ACT_GATHER_INFO