Executive Summary

Summary
Title Sun Alert 266148 Multiple Security Vulnerabilities in Firefox Versions Prior to 3.5.2 May Allow Execution of Arbitrary Code or Application Crash
Informations
Name SUN-266148 First vendor Publication 2009-08-21
Vendor Sun Last vendor Modification 2009-08-21
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Product: OpenSolaris

Multiple security vulnerabilities with varying impacts affect Firefox (see firefox(1)) versions prior to 3.5.2 as shipped with OpenSolaris. These vulnerabilities may allow an unprivileged remote user to execute arbitrary code on the system where Firefox is being run or to crash the Firefox application which is a type of Denial of Service (DoS).

The following URL provides additional details about the vulnerabilities addressed in Firefox versions 3.5.1 and 3.5.2:


The following Mozilla advisories describe the vulnerabilities:


The following are the CVE identifiers that pertain to this security issue:


State: Resolved
First released: 21-Aug-2009

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_266148_multiple_security

CWE : Common Weakness Enumeration

% Id Name
29 % CWE-399 Resource Management Errors
29 % CWE-94 Failure to Control Generation of Code ('Code Injection')
29 % CWE-20 Improper Input Validation
14 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10197
 
Oval ID: oval:org.mitre.oval:def:10197
Title: Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service (data stream corruption) via a long domain name in a reply.
Description: Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service (data stream corruption) via a long domain name in a reply.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2470
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10473
 
Oval ID: oval:org.mitre.oval:def:10473
Title: Mozilla Firefox before 3.0.12 and 3.5 before 3.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a Flash object, a slow script dialog, and the unloading of the Flash plugin, which triggers attempted use of a deleted object.
Description: Mozilla Firefox before 3.0.12 and 3.5 before 3.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a Flash object, a slow script dialog, and the unloading of the Flash plugin, which triggers attempted use of a deleted object.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2467
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13678
 
Oval ID: oval:org.mitre.oval:def:13678
Title: DSA-1873-1 xulrunner -- programming error
Description: Juan Pablo Lopez Yacubian discovered that incorrect handling of invalid URLs could be used for spoofing the location bar and the SSL certificate status of a web page. Xulrunner is no longer supported for the old stable distribution. For the stable distribution, this problem has been fixed in version 1.9.0.13-0lenny1. For the unstable distribution, this problem has been fixed in version 1.9.0.13-1. We recommend that you upgrade your xulrunner packages.
Family: unix Class: patch
Reference(s): DSA-1873-1
CVE-2009-2654
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13717
 
Oval ID: oval:org.mitre.oval:def:13717
Title: USN-811-1 -- firefox-3.0, xulrunner-1.9 vulnerability
Description: Juan Pablo Lopez Yacubian discovered that Firefox did not properly display invalid URLs. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attack. Furthermore, if the malicious website had a valid SSL certificate, Firefox would display the spoofed page as trusted.
Family: unix Class: patch
Reference(s): USN-811-1
CVE-2009-2654
Version: 5
Platform(s): Ubuntu 8.10
Ubuntu 8.04
Ubuntu 9.04
Product(s): firefox-3.0
xulrunner-1.9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22634
 
Oval ID: oval:org.mitre.oval:def:22634
Title: ELSA-2009:1219: libvorbis security update (Important)
Description: libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg file.
Family: unix Class: patch
Reference(s): ELSA-2009:1219-01
CVE-2009-2663
Version: 6
Platform(s): Oracle Linux 5
Product(s): libvorbis
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22806
 
Oval ID: oval:org.mitre.oval:def:22806
Title: ELSA-2009:1162: firefox security update (Critical)
Description: The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial of service (assertion failure and application exit) or possibly execute arbitrary code via a crafted .js file, related to a "memory safety bug." NOTE: this was originally reported as affecting versions before 3.0.13.
Family: unix Class: patch
Reference(s): ELSA-2009:1162-01
CVE-2009-2462
CVE-2009-2463
CVE-2009-2464
CVE-2009-2465
CVE-2009-2466
CVE-2009-2467
CVE-2009-2469
CVE-2009-2470
CVE-2009-2471
CVE-2009-2472
CVE-2009-2664
Version: 49
Platform(s): Oracle Linux 5
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29188
 
Oval ID: oval:org.mitre.oval:def:29188
Title: RHSA-2009:1162 -- firefox security update (Critical)
Description: Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.
Family: unix Class: patch
Reference(s): RHSA-2009:1162
CESA-2009:1162-CentOS 5
CVE-2009-2462
CVE-2009-2463
CVE-2009-2464
CVE-2009-2465
CVE-2009-2466
CVE-2009-2467
CVE-2009-2469
CVE-2009-2470
CVE-2009-2471
CVE-2009-2472
CVE-2009-2664
Version: 3
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 4
CentOS Linux 5
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29217
 
Oval ID: oval:org.mitre.oval:def:29217
Title: RHSA-2009:1219 -- libvorbis security update (Important)
Description: Updated libvorbis packages that fix one security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The libvorbis packages contain runtime libraries for use in programs that support Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent-and royalty-free, general-purpose compressed audio format.
Family: unix Class: patch
Reference(s): RHSA-2009:1219
CESA-2009:1219-CentOS 5
CESA-2009:1219-CentOS 3
CVE-2009-2663
Version: 3
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 5
CentOS Linux 3
Product(s): libvorbis
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8148
 
Oval ID: oval:org.mitre.oval:def:8148
Title: DSA-1873 xulrunner -- programming error
Description: Juan Pablo Lopez Yacubian discovered that incorrect handling of invalid URLs could be used for spoofing the location bar and the SSL certificate status of a web page. Xulrunner is no longer supported for the old stable distribution (etch).
Family: unix Class: patch
Reference(s): DSA-1873
CVE-2009-2654
Version: 3
Platform(s): Debian GNU/Linux 5.0
Product(s): xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9506
 
Oval ID: oval:org.mitre.oval:def:9506
Title: libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg file.
Description: libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg file.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2663
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9686
 
Oval ID: oval:org.mitre.oval:def:9686
Title: Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page.
Description: Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2654
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9806
 
Oval ID: oval:org.mitre.oval:def:9806
Title: The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial of service (assertion failure and application exit) or possibly execute arbitrary code via a crafted .js file, related to a "memory safety bug." NOTE: this was originally reported as affecting versions before 3.0.13.
Description: The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial of service (assertion failure and application exit) or possibly execute arbitrary code via a crafted .js file, related to a "memory safety bug." NOTE: this was originally reported as affecting versions before 3.0.13.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2664
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 201

SAINT Exploits

Description Link
Mozilla Firefox JIT Escape Function Memory Corruption More info here

OpenVAS Exploits

Date Description
2011-08-09 Name : CentOS Update for thunderbird CESA-2010:0153 centos5 i386
File : nvt/gb_CESA-2010_0153_thunderbird_centos5_i386.nasl
2011-08-09 Name : CentOS Update for seamonkey CESA-2009:1432 centos3 i386
File : nvt/gb_CESA-2009_1432_seamonkey_centos3_i386.nasl
2011-08-09 Name : CentOS Update for seamonkey CESA-2009:1431 centos4 i386
File : nvt/gb_CESA-2009_1431_seamonkey_centos4_i386.nasl
2011-08-09 Name : CentOS Update for firefox CESA-2009:1430 centos5 i386
File : nvt/gb_CESA-2009_1430_firefox_centos5_i386.nasl
2011-08-09 Name : CentOS Update for firefox CESA-2009:1430 centos4 i386
File : nvt/gb_CESA-2009_1430_firefox_centos4_i386.nasl
2011-08-09 Name : CentOS Update for libvorbis CESA-2009:1219 centos5 i386
File : nvt/gb_CESA-2009_1219_libvorbis_centos5_i386.nasl
2011-08-09 Name : CentOS Update for libvorbis CESA-2009:1219 centos3 i386
File : nvt/gb_CESA-2009_1219_libvorbis_centos3_i386.nasl
2011-08-09 Name : CentOS Update for firefox CESA-2009:1162 centos5 i386
File : nvt/gb_CESA-2009_1162_firefox_centos5_i386.nasl
2010-03-22 Name : RedHat Update for thunderbird RHSA-2010:0154-02
File : nvt/gb_RHSA-2010_0154-02_thunderbird.nasl
2010-03-22 Name : CentOS Update for thunderbird CESA-2010:0154 centos4 i386
File : nvt/gb_CESA-2010_0154_thunderbird_centos4_i386.nasl
2009-12-30 Name : Mandriva Security Advisory MDVSA-2009:339 (firefox)
File : nvt/mdksa_2009_339.nasl
2009-12-03 Name : FreeBSD Ports: libvorbis
File : nvt/freebsd_libvorbis1.nasl
2009-12-03 Name : Debian Security Advisory DSA 1939-1 (libvorbis)
File : nvt/deb_1939_1.nasl
2009-11-17 Name : Fedora Core 11 FEDORA-2009-11243 (libvorbis)
File : nvt/fcore_2009_11243.nasl
2009-11-17 Name : Fedora Core 10 FEDORA-2009-11169 (libvorbis)
File : nvt/fcore_2009_11169.nasl
2009-10-27 Name : SuSE Security Advisory SUSE-SA:2009:048 (MozillaFirefox)
File : nvt/suse_sa_2009_048.nasl
2009-10-13 Name : SLES10: Security update for Mozilla Firefox
File : nvt/sles10_MozillaFirefox2.nasl
2009-10-11 Name : SLES11: Security update for MozillaFirefox
File : nvt/sles11_MozillaFirefox4.nasl
2009-10-11 Name : SLES11: Security update for Mozilla Firefox
File : nvt/sles11_MozillaFirefox5.nasl
2009-09-15 Name : CentOS Security Advisory CESA-2009:1432 (seamonkey)
File : nvt/ovcesa2009_1432.nasl
2009-09-15 Name : CentOS Security Advisory CESA-2009:1431 (seamonkey)
File : nvt/ovcesa2009_1431.nasl
2009-09-15 Name : CentOS Security Advisory CESA-2009:1430 (seamonkey)
File : nvt/ovcesa2009_1430.nasl
2009-09-15 Name : RedHat Security Advisory RHSA-2009:1432
File : nvt/RHSA_2009_1432.nasl
2009-09-15 Name : RedHat Security Advisory RHSA-2009:1431
File : nvt/RHSA_2009_1431.nasl
2009-09-15 Name : RedHat Security Advisory RHSA-2009:1430
File : nvt/RHSA_2009_1430.nasl
2009-09-09 Name : Gentoo Security Advisory GLSA 200909-02 (libvorbis)
File : nvt/glsa_200909_02.nasl
2009-09-02 Name : CentOS Security Advisory CESA-2009:1219 (libvorbis)
File : nvt/ovcesa2009_1219.nasl
2009-09-02 Name : Ubuntu USN-825-1 (libvorbis)
File : nvt/ubuntu_825_1.nasl
2009-09-02 Name : RedHat Security Advisory RHSA-2009:1219
File : nvt/RHSA_2009_1219.nasl
2009-09-02 Name : Debian Security Advisory DSA 1873-1 (xulrunner)
File : nvt/deb_1873_1.nasl
2009-08-17 Name : Mandrake Security Advisory MDVSA-2009:198 (firefox)
File : nvt/mdksa_2009_198.nasl
2009-08-17 Name : Fedora Core 11 FEDORA-2009-8279 (xulrunner)
File : nvt/fcore_2009_8279.nasl
2009-08-17 Name : Fedora Core 10 FEDORA-2009-8288 (perl-Gtk2-MozEmbed)
File : nvt/fcore_2009_8288.nasl
2009-08-17 Name : Fedora Core 10 FEDORA-2009-8445 (libvorbis)
File : nvt/fcore_2009_8445.nasl
2009-08-17 Name : FreeBSD Ports: firefox, linux-firefox-devel
File : nvt/freebsd_firefox40.nasl
2009-08-17 Name : Mandrake Security Advisory MDVSA-2009:185 (firefox)
File : nvt/mdksa_2009_185.nasl
2009-08-17 Name : Mandrake Security Advisory MDVSA-2009:182 (firefox)
File : nvt/mdksa_2009_182.nasl
2009-08-17 Name : Ubuntu USN-811-1 (xulrunner-1.9)
File : nvt/ubuntu_811_1.nasl
2009-08-07 Name : Mozilla Firefox Chrome Privilege Escalation Vulnerability Aug-09 (Linux)
File : nvt/gb_firefox_chrome_priv_esc_vuln_aug09_lin.nasl
2009-08-07 Name : Mozilla Firefox SOCKS5 Proxy Server DoS Vulnerability Aug-09 (Win)
File : nvt/gb_firefox_socks5_proxy_dos_vuln_aug09_win.nasl
2009-08-07 Name : Mozilla Firefox SOCKS5 Proxy Server DoS Vulnerability Aug-09 (Linux)
File : nvt/gb_firefox_socks5_proxy_dos_vuln_aug09_lin.nasl
2009-08-07 Name : Mozilla Firefox Multiple Memory Corruption Vulnerabilities Aug-09 (Win)
File : nvt/gb_firefox_mult_mem_crptn_vuln_aug09_win.nasl
2009-08-07 Name : Mozilla Firefox Multiple Memory Corruption Vulnerabilities Aug-09 (Linux)
File : nvt/gb_firefox_mult_mem_crptn_vuln_aug09_lin.nasl
2009-08-07 Name : Mozilla Firefox Chrome Privilege Escalation Vulnerability Aug-09 (Win)
File : nvt/gb_firefox_chrome_priv_esc_vuln_aug09_win.nasl
2009-07-29 Name : RedHat Security Advisory RHSA-2009:1162
File : nvt/RHSA_2009_1162.nasl
2009-07-29 Name : Ubuntu USN-805-1 (ruby1.9)
File : nvt/ubuntu_805_1.nasl
2009-07-29 Name : Ubuntu USN-798-1 (xulrunner-1.9)
File : nvt/ubuntu_798_1.nasl
2009-07-29 Name : Debian Security Advisory DSA 1840-1 (xulrunner)
File : nvt/deb_1840_1.nasl
2009-07-29 Name : SuSE Security Advisory SUSE-SA:2009:039 (MozillaFirefox)
File : nvt/suse_sa_2009_039.nasl
2009-07-29 Name : Fedora Core 11 FEDORA-2009-7898 (firefox)
File : nvt/fcore_2009_7898.nasl
2009-07-29 Name : Fedora Core 10 FEDORA-2009-7961 (blam)
File : nvt/fcore_2009_7961.nasl
2009-07-29 Name : FreeBSD Ports: firefox35
File : nvt/freebsd_firefox350.nasl
2009-07-29 Name : CentOS Security Advisory CESA-2009:1162 (firefox)
File : nvt/ovcesa2009_1162.nasl
2009-07-23 Name : Mozilla Firefox Remote Code Execution Vulnerabilities July-09 (Win)
File : nvt/secpod_firefox_code_exec_vuln_jul09_win.nasl
2009-07-23 Name : Mozilla Firefox Remote Code Execution Vulnerabilities July-09 (Linux)
File : nvt/secpod_firefox_code_exec_vuln_jul09_lin.nasl
2009-07-17 Name : Mozilla Firefox JavaScript Compiler Code Execution Vulnerability (Win)
File : nvt/gb_firefox_js_compiler_code_exec_vuln_win.nasl
2009-07-17 Name : Mozilla Firefox JavaScript Compiler Code Execution Vulnerability (Linux)
File : nvt/gb_firefox_js_compiler_code_exec_vuln_lin.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
56722 libvorbis vorbis_codebook.c vorbis_book_decodevv_add Function Memory Corruption

56721 Mozilla Firefox Browser Engine /js/src/jstracer.cpp TraceRecorder::snapshot F...

56719 Mozilla Firefox JavaScript Engine /js/src/jsinterp.c JSFUN_HEAVYWEIGHT Memory...

56718 Mozilla Firefox content/base/src/nsDocument.cpp Add-on Handling Cached Securi...

56717 Mozilla Firefox window.open() Invalid URL Document Content / SSL Status Spoofing

56716 Mozilla Firefox SOCKS5 Proxy DNS Response Handling Data Corruption Issue

56227 Mozilla Firefox Slow Script Dialog Navigation Flash Unloading Arbitrary Code ...

55846 Mozilla Firefox Just-in-time (JIT) JavaScript Compiler js/src/jstracer.cpp fo...

A memory corruption flaw exists in Firefox. The Just-in-Time (JIT) compiler can enter a corrupt state following native function calls resulting in memory corruption. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Snort® IPS/IDS

Date Description
2014-01-10 Possible generic javascript heap spray attempt
RuleID : 20137 - Revision : 12 - Type : INDICATOR-OBFUSCATION
2014-01-10 Possible generic javascript heap spray attempt
RuleID : 18168 - Revision : 14 - Type : INDICATOR-SHELLCODE
2014-01-10 Possible generic javascript heap spray attempt
RuleID : 18167 - Revision : 14 - Type : INDICATOR-SHELLCODE
2014-01-10 Mozilla Firefox oversized SOCKS5 DNS reply memory corruption attempt
RuleID : 16612 - Revision : 5 - Type : BROWSER-FIREFOX
2014-01-10 Mozilla Firefox JIT escape function memory corruption attempt
RuleID : 15997 - Revision : 11 - Type : BROWSER-FIREFOX
2014-01-10 Mozilla Firefox location spoofing attempt via invalid window.open characters
RuleID : 15873 - Revision : 12 - Type : BROWSER-FIREFOX
2014-01-10 Possible generic javascript heap spray attempt
RuleID : 15698 - Revision : 15 - Type : INDICATOR-SHELLCODE
2014-01-10 Mozilla Firefox 3.5 TraceMonkey JavaScript engine uninitialized memory corrup...
RuleID : 15696 - Revision : 4 - Type : SPECIFIC-THREATS

Nessus® Vulnerability Scanner

Date Description
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1162.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1163.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1219.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1430.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1431.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2010-0154.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1432.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0153.nasl - Type : ACT_GATHER_INFO
2013-01-08 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO
2012-11-05 Name : The remote Scientific Linux host is missing a security update.
File : sl_20090722_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090818_libvorbis_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20090723_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20090723_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090909_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090909_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20100317_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libvorbis-100528.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_libvorbis-7057.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-338.nasl - Type : ACT_GATHER_INFO
2010-07-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_libvorbis-100528.nasl - Type : ACT_GATHER_INFO
2010-07-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_libvorbis-100528.nasl - Type : ACT_GATHER_INFO
2010-07-05 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12620.nasl - Type : ACT_GATHER_INFO
2010-07-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_libvorbis-100528.nasl - Type : ACT_GATHER_INFO
2010-05-11 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0154.nasl - Type : ACT_GATHER_INFO
2010-04-14 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-071.nasl - Type : ACT_GATHER_INFO
2010-03-29 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2010-0153.nasl - Type : ACT_GATHER_INFO
2010-03-19 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2010-0154.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1939.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1840.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1873.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1162.nasl - Type : ACT_GATHER_INFO
2009-12-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-339.nasl - Type : ACT_GATHER_INFO
2009-10-06 Name : The remote openSUSE host is missing a security update.
File : suse_MozillaFirefox-6495.nasl - Type : ACT_GATHER_INFO
2009-10-06 Name : The remote openSUSE host is missing a security update.
File : suse_MozillaFirefox-6379.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_MozillaFirefox-6433.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_MozillaFirefox-090812.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_MozillaFirefox-090724.nasl - Type : ACT_GATHER_INFO
2009-09-11 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1432.nasl - Type : ACT_GATHER_INFO
2009-09-11 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1431.nasl - Type : ACT_GATHER_INFO
2009-09-11 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1430.nasl - Type : ACT_GATHER_INFO
2009-09-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1430.nasl - Type : ACT_GATHER_INFO
2009-09-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1431.nasl - Type : ACT_GATHER_INFO
2009-09-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1432.nasl - Type : ACT_GATHER_INFO
2009-09-08 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200909-02.nasl - Type : ACT_GATHER_INFO
2009-08-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-825-1.nasl - Type : ACT_GATHER_INFO
2009-08-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1219.nasl - Type : ACT_GATHER_INFO
2009-08-20 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_MozillaFirefox-090812.nasl - Type : ACT_GATHER_INFO
2009-08-20 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_MozillaFirefox-090812.nasl - Type : ACT_GATHER_INFO
2009-08-20 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1219.nasl - Type : ACT_GATHER_INFO
2009-08-11 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-8445.nasl - Type : ACT_GATHER_INFO
2009-08-10 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-198.nasl - Type : ACT_GATHER_INFO
2009-08-05 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_49e8f2ee814711dea9940030843d3802.nasl - Type : ACT_GATHER_INFO
2009-08-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-811-1.nasl - Type : ACT_GATHER_INFO
2009-08-05 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-8288.nasl - Type : ACT_GATHER_INFO
2009-08-05 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-8279.nasl - Type : ACT_GATHER_INFO
2009-08-04 Name : The remote Windows host contains a web browser that is affected by multiple f...
File : mozilla_firefox_3013.nasl - Type : ACT_GATHER_INFO
2009-08-04 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_352.nasl - Type : ACT_GATHER_INFO
2009-07-31 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-182.nasl - Type : ACT_GATHER_INFO
2009-07-28 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_MozillaFirefox-090724.nasl - Type : ACT_GATHER_INFO
2009-07-28 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_MozillaFirefox-090724.nasl - Type : ACT_GATHER_INFO
2009-07-24 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-7961.nasl - Type : ACT_GATHER_INFO
2009-07-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-798-1.nasl - Type : ACT_GATHER_INFO
2009-07-23 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1163.nasl - Type : ACT_GATHER_INFO
2009-07-23 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-7898.nasl - Type : ACT_GATHER_INFO
2009-07-22 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_3012.nasl - Type : ACT_GATHER_INFO
2009-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1162.nasl - Type : ACT_GATHER_INFO
2009-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1163.nasl - Type : ACT_GATHER_INFO
2009-07-20 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_c1ef9b3372a611de82ea0030843d3802.nasl - Type : ACT_GATHER_INFO
2009-07-17 Name : The remote Windows host contains a web browser that is affected by multiple f...
File : mozilla_firefox_351.nasl - Type : ACT_GATHER_INFO