Executive Summary
Summary | |
---|---|
Title | Sun Alert 272909 Multiple Security Vulnerabilities in Firefox Versions Before 3.5.5 May Allow Execution of Arbitrary Code or Unauthorized Access to Certain Data |
Informations | |||
---|---|---|---|
Name | SUN-272909 | First vendor Publication | 2009-11-24 |
Vendor | Sun | Last vendor Modification | 2009-11-24 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Original Source
Url : http://blogs.sun.com/security/entry/sun_alert_272909_multiple_security |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-8 | Buffer Overflow in an API Call |
CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
CAPEC-10 | Buffer Overflow via Environment Variables |
CAPEC-14 | Client-side Injection-induced Buffer Overflow |
CAPEC-24 | Filter Failure through Buffer Overflow |
CAPEC-42 | MIME Conversion |
CAPEC-44 | Overflow Binary Resource File |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-46 | Overflow Variables and Tags |
CAPEC-47 | Buffer Overflow via Parameter Expansion |
CAPEC-100 | Overflow Buffers |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-264 | Permissions, Privileges, and Access Controls |
33 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
17 % | CWE-399 | Resource Management Errors |
17 % | CWE-16 | Configuration |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10440 | |||
Oval ID: | oval:org.mitre.oval:def:10440 | ||
Title: | content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function. | ||
Description: | content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3375 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10684 | |||
Oval ID: | oval:org.mitre.oval:def:10684 | ||
Title: | Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors. | ||
Description: | Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3373 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10836 | |||
Oval ID: | oval:org.mitre.oval:def:10836 | ||
Title: | Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries. | ||
Description: | Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3370 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10977 | |||
Oval ID: | oval:org.mitre.oval:def:10977 | ||
Title: | Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file. | ||
Description: | Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3372 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10993 | |||
Oval ID: | oval:org.mitre.oval:def:10993 | ||
Title: | Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE-2009-2663. | ||
Description: | Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE-2009-2663. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3379 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11219 | |||
Oval ID: | oval:org.mitre.oval:def:11219 | ||
Title: | layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 does not properly handle first-letter frames, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. | ||
Description: | layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 does not properly handle first-letter frames, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3382 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12897 | |||
Oval ID: | oval:org.mitre.oval:def:12897 | ||
Title: | DSA-1939-1 libvorbis -- several | ||
Description: | Lucas Adamski, Matthew Gregan, David Keeler, and Dan Kaminsky discovered that libvorbis, a library for the Vorbis general-purpose compressed audio codec, did not correctly handle certain malformed ogg files. An attacher could cause a denial of service or possibly execute arbitrary code via a crafted .ogg file. For the oldstable distribution, these problems have been fixed in version 1.1.2.dfsg-1.4+etch1. For the stable distribution, these problems have been fixed in version 1.2.0.dfsg-3.1+lenny1. For the testing distribution and the unstable distribution, these problems have been fixed in version 1.2.3-1 We recommend that you upgrade your libvorbis packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1939-1 CVE-2009-2663 CVE-2009-3379 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | libvorbis |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12913 | |||
Oval ID: | oval:org.mitre.oval:def:12913 | ||
Title: | DSA-1998-1 kdelibs -- buffer overflow | ||
Description: | Maksymilian Arciemowicz discovered a buffer overflow in the internal string routines of the KDE core libraries, which could lead to the execution of arbitrary code. For the stable distribution, this problem has been fixed in version 4:3.5.10.dfsg.1-0lenny4. For the unstable distribution, this problem has been fixed in version 4:3.5.10.dfsg.1-3. We recommend that you upgrade your kdelibs packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1998-1 CVE-2009-0689 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | kdelibs |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13156 | |||
Oval ID: | oval:org.mitre.oval:def:13156 | ||
Title: | DSA-1922-1 xulrunner -- several | ||
Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3380 Vladimir Vukicevic, Jesse Ruderman, Martijn Wargers, Daniel Banchero, David Keeler and Boris Zbarsky reported crashes in layout engine, which might allow the execution of arbitrary code. CVE-2009-3382 Carsten Book reported a crash in the layout engine, which might allow the execution of arbitrary code. CVE-2009-3376 Jesse Ruderman and Sid Stamm discovered spoofing vulnerability in the file download dialog. CVE-2009-3375 Gregory Fleischer discovered a bypass of the same-origin policy using the document.getSelection function. CVE-2009-3374 "moz_bug_r_a4" discovered a privilege escalation to Chrome status in the XPCOM utility XPCVariant::VariantDataToJS. CVE-2009-3373 "regenrecht" discovered a buffer overflow in the GIF parser, which might lead to the execution of arbitrary code. CVE-2009-3372 Marco C. discovered that a programming error in the proxy auto configuration code might lead to denial of service or the execution of arbitrary code. CVE-2009-3274 Jeremy Brown discovered that the filename of a downloaded file which is opened by the user is predictable, which might lead to tricking the user into a malicious file if the attacker has local access to the system. CVE-2009-3370 Paul Stone discovered that history information from web forms could be stolen. For the stable distribution, these problems have been fixed in version 1.9.0.15-0lenny1. As indicated in the Etch release notes, security support for the Mozilla products in the oldstable distribution needed to be stopped before the end of the regular Etch security maintenance life cycle. You are strongly encouraged to upgrade to stable or switch to a still supported browser. For the unstable distribution, these problems have been fixed in version 1.9.1.4-1. We recommend that you upgrade your xulrunner packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1922-1 CVE-2009-3274 CVE-2009-3370 CVE-2009-3372 CVE-2009-3373 CVE-2009-3374 CVE-2009-3375 CVE-2009-3376 CVE-2009-3380 CVE-2009-3382 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13490 | |||
Oval ID: | oval:org.mitre.oval:def:13490 | ||
Title: | USN-871-1 -- kdelibs vulnerability | ||
Description: | A buffer overflow was found in the KDE libraries when converting a string to a floating point number. If a user or application linked against kdelibs were tricked into processing crafted input, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that the KDE libraries could use KHTML to process an unknown MIME type. If a user or application linked against kdelibs were tricked into opening a crafted file, an attacker could potentially trigger XMLHTTPRequests to remote sites. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-871-1 CVE-2009-0689 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 8.10 Ubuntu 9.10 Ubuntu 9.04 | Product(s): | kdelibs |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13742 | |||
Oval ID: | oval:org.mitre.oval:def:13742 | ||
Title: | USN-853-2 -- firefox-3.5, xulrunner-1.9.1 regression | ||
Description: | USN-853-1 fixed vulnerabilities in Firefox and Xulrunner. The upstream changes introduced regressions that could lead to crashes when processing certain malformed GIF images, fonts and web pages. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Alin Rad Pop discovered a heap-based buffer overflow in Firefox when it converted strings to floating point numbers. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Jeremy Brown discovered that the Firefox Download Manager was vulnerable to symlink attacks. A local attacker could exploit this to create or overwrite files with the privileges of the user invoking the program. Paul Stone discovered a flaw in the Firefox form history. If a user were tricked into viewing a malicious website, a remote attacker could access this data to steal confidential information. Orlando Berrera discovered that Firefox did not properly free memory when using web-workers. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 9.10. A flaw was discovered in the way Firefox processed Proxy Auto-configuration files. If a user configured the browser to use PAC files with certain regular expressions, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. A heap-based buffer overflow was discovered in Mozilla�s GIF image parser. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. A flaw was discovered in the JavaScript engine of Firefox. An attacker could exploit this to execute scripts from page content with chrome privileges. Gregory Fleischer discovered that the same-origin check in Firefox could be bypassed by utilizing the document.getSelection function. An attacker could exploit this to read data from other domains. Jesse Ruderman and Sid Stamm discovered that Firefox did not properly display filenames containing right-to-left override characters. If a user were tricked into downloading a malicious file with a crafted filename, an attacker could exploit this to trick the user into opening a different file than the user expected. Several flaws were discovered in third party media libraries. If a user were tricked into opening a crafted media file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 9.10. Vladimir Vukicevic, Jesse Ruderman, Martijn Wargers, Daniel Banchero, David Keeler, Boris Zbarsky, Thomas Frederiksen, Marcia Knous, Carsten Book, Kevin Brosnan, David Anderson and Jeff Walden discovered various flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program | ||
Family: | unix | Class: | patch |
Reference(s): | USN-853-2 CVE-2009-1563 CVE-2009-3274 CVE-2009-3370 CVE-2009-3371 CVE-2009-3372 CVE-2009-3373 CVE-2009-3374 CVE-2009-3375 CVE-2009-3376 CVE-2009-3377 CVE-2009-3380 CVE-2009-3381 CVE-2009-3382 CVE-2009-3383 | Version: | 5 |
Platform(s): | Ubuntu 9.10 | Product(s): | firefox-3.5 xulrunner-1.9.1 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13944 | |||
Oval ID: | oval:org.mitre.oval:def:13944 | ||
Title: | USN-861-1 -- libvorbis vulnerabilities | ||
Description: | It was discovered that libvorbis did not correctly handle ogg files with underpopulated Huffman trees. If a user were tricked into opening a specially crafted ogg file with an application that uses libvorbis, an attacker could cause a denial of service. It was discovered that libvorbis did not correctly handle certain malformed ogg files. If a user were tricked into opening a specially crafted ogg file with an application that uses libvorbis, an attacker could cause a denial of service or possibly execute arbitrary code with the user�s privileges | ||
Family: | unix | Class: | patch |
Reference(s): | USN-861-1 CVE-2008-2009 CVE-2009-3379 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 8.10 Ubuntu 9.10 Ubuntu 9.04 | Product(s): | libvorbis |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22503 | |||
Oval ID: | oval:org.mitre.oval:def:22503 | ||
Title: | ELSA-2009:1561: libvorbis security update (Important) | ||
Description: | Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE-2009-2663. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1561-01 CVE-2009-3379 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | libvorbis |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22669 | |||
Oval ID: | oval:org.mitre.oval:def:22669 | ||
Title: | ELSA-2009:1601: kdelibs security update (Critical) | ||
Description: | Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1601-01 CVE-2009-0689 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | kdelibs |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23947 | |||
Oval ID: | oval:org.mitre.oval:def:23947 | ||
Title: | ELSA-2014:0311: php security update (Critical) | ||
Description: | Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0311-00 CVE-2006-7243 CVE-2009-0689 | Version: | 7 |
Platform(s): | Oracle Linux 5 | Product(s): | php |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24079 | |||
Oval ID: | oval:org.mitre.oval:def:24079 | ||
Title: | RHSA-2014:0311: php security update (Critical) | ||
Description: | PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed floating point numbers from their text representation. If a PHP application converted untrusted input strings to numbers, an attacker able to provide such input could cause the application to crash or, possibly, execute arbitrary code with the privileges of the application. (CVE-2009-0689) It was found that PHP did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. (CVE-2006-7243) All php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0311-00 CESA-2014:0311 CVE-2006-7243 CVE-2009-0689 | Version: | 11 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | php |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25660 | |||
Oval ID: | oval:org.mitre.oval:def:25660 | ||
Title: | SUSE-SU-2013:1828-1 -- Security update for ruby | ||
Description: | The following security issue has been fixed: * CVE-2013-4164: heap overflow in float point parsing | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1828-1 CVE-2013-4164 CVE-2009-0689 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | ruby |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29170 | |||
Oval ID: | oval:org.mitre.oval:def:29170 | ||
Title: | RHSA-2009:1561 -- libvorbis security update (Important) | ||
Description: | Updated libvorbis packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The libvorbis packages contain runtime libraries for use in programs that support Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent-and royalty-free, general-purpose compressed audio format. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1561 CESA-2009:1561-CentOS 3 CESA-2009:1561-CentOS 5 CVE-2009-3379 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 3 CentOS Linux 5 | Product(s): | libvorbis |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29365 | |||
Oval ID: | oval:org.mitre.oval:def:29365 | ||
Title: | RHSA-2009:1601 -- kdelibs security update (Critical) | ||
Description: | Updated kdelibs packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. The kdelibs packages provide libraries for the K Desktop Environment (KDE). A buffer overflow flaw was found in the kdelibs string to floating point conversion routines. A web page containing malicious JavaScript could crash Konqueror or, potentially, execute arbitrary code with the privileges of the user running Konqueror. (CVE-2009-0689) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1601 CESA-2009:1601-CentOS 5 CVE-2009-0689 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 CentOS Linux 5 | Product(s): | kdelibs |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5581 | |||
Oval ID: | oval:org.mitre.oval:def:5581 | ||
Title: | Mozilla Firefox 3.0.x before 3.0.15 cause a denial of service in layout/base/nsCSSFrameConstructor.cpp | ||
Description: | layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 does not properly handle first-letter frames, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3382 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5935 | |||
Oval ID: | oval:org.mitre.oval:def:5935 | ||
Title: | Remote bypass vulnerability in content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 via the document.getSelection function | ||
Description: | content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3375 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5996 | |||
Oval ID: | oval:org.mitre.oval:def:5996 | ||
Title: | Multiple vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.4 | ||
Description: | Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3383 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6347 | |||
Oval ID: | oval:org.mitre.oval:def:6347 | ||
Title: | Arbitrary code execution in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0 ia a crafted regular expression in a Proxy Auto-configuration (PAC) file. | ||
Description: | Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3372 | Version: | 17 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6375 | |||
Oval ID: | oval:org.mitre.oval:def:6375 | ||
Title: | vulnerabilities in liboggz, as used in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service | ||
Description: | Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3377 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6443 | |||
Oval ID: | oval:org.mitre.oval:def:6443 | ||
Title: | The oggplay_data_handle_theora_frame in liboggplay in Mozilla Firefox 3.5.x before 3.5.4 to cuase denial of service | ||
Description: | The oggplay_data_handle_theora_frame function in media/liboggplay/src/liboggplay/oggplay_data.c in liboggplay, as used in Mozilla Firefox 3.5.x before 3.5.4, attempts to reuse an earlier frame data structure upon encountering a decoding error for the first frame, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a crafted .ogg video file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3378 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6455 | |||
Oval ID: | oval:org.mitre.oval:def:6455 | ||
Title: | Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events | ||
Description: | Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3370 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6464 | |||
Oval ID: | oval:org.mitre.oval:def:6464 | ||
Title: | Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 allows remote attackers to cause a denial of service | ||
Description: | Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by creating JavaScript web-workers recursively. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3371 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6495 | |||
Oval ID: | oval:org.mitre.oval:def:6495 | ||
Title: | Multiple vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.4 to cause a denial of service. | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3381 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6528 | |||
Oval ID: | oval:org.mitre.oval:def:6528 | ||
Title: | Mozilla Firefox Floating Point Memory Allocation Vulnerability | ||
Description: | Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0689 | Version: | 10 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6541 | |||
Oval ID: | oval:org.mitre.oval:def:6541 | ||
Title: | Spoofed file extensions via a crafted filename containing Unicode character in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0 | ||
Description: | Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3376 | Version: | 13 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6548 | |||
Oval ID: | oval:org.mitre.oval:def:6548 | ||
Title: | Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0 via unspecified vectors. | ||
Description: | Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3373 | Version: | 17 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6565 | |||
Oval ID: | oval:org.mitre.oval:def:6565 | ||
Title: | Vulnerability in the XPCVariant::VariantDataToJS function in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 | ||
Description: | The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to "doubly-wrapped objects." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3374 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6580 | |||
Oval ID: | oval:org.mitre.oval:def:6580 | ||
Title: | Multiple vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 to cause a denial of service | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3380 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6582 | |||
Oval ID: | oval:org.mitre.oval:def:6582 | ||
Title: | Vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4 to cause a denial of service | ||
Description: | Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE-2009-2663. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3379 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6826 | |||
Oval ID: | oval:org.mitre.oval:def:6826 | ||
Title: | DSA-1998 kdelibs -- buffer overflow | ||
Description: | Maksymilian Arciemowicz discovered a buffer overflow in the internal string routines of the KDE core libraries, which could lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1998 CVE-2009-0689 | Version: | 7 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | kdelibs |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7349 | |||
Oval ID: | oval:org.mitre.oval:def:7349 | ||
Title: | DSA-1939 libvorbis -- several vulnerabilities | ||
Description: | Lucas Adamski, Matthew Gregan, David Keeler, and Dan Kaminsky discovered that libvorbis, a library for the Vorbis general-purpose compressed audio codec, did not correctly handle certain malformed ogg files. An attacher could cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg file. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1939 CVE-2009-2663 CVE-2009-3379 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | libvorbis |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7945 | |||
Oval ID: | oval:org.mitre.oval:def:7945 | ||
Title: | DSA-1922 xulrunner -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: Vladimir Vukicevic, Jesse Ruderman, Martijn Wargers, Daniel Banchero, David Keeler and Boris Zbarsky reported crashes in layout engine, which might allow the execution of arbitrary code. Carsten Book reported a crash in the layout engine, which might allow the execution of arbitrary code. Jesse Ruderman and Sid Stamm discovered spoofing vulnerability in the file download dialog. Gregory Fleischer discovered a bypass of the same-origin policy using the document.getSelection() function. "moz_bug_r_a4" discovered a privilege escalation to Chrome status in the XPCOM utility XPCVariant::VariantDataToJS. "regenrecht" discovered a buffer overflow in the GIF parser, which might lead to the execution of arbitrary code. Marco C. discovered that a programming error in the proxy auto configuration code might lead to denial of service or the execution of arbitrary code. Jeremy Brown discovered that the filename of a downloaded file which is opened by the user is predictable, which might lead to tricking the user into a malicious file if the attacker has local access to the system. Paul Stone discovered that history information from web forms could be stolen. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1922 CVE-2009-3274 CVE-2009-3370 CVE-2009-3372 CVE-2009-3373 CVE-2009-3374 CVE-2009-3375 CVE-2009-3376 CVE-2009-3380 CVE-2009-3382 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8888 | |||
Oval ID: | oval:org.mitre.oval:def:8888 | ||
Title: | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0689. Reason: This candidate is a duplicate of CVE-2009-0689. Certain codebase relationships were not originally clear. Notes: All CVE users should reference CVE-2009-0689 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | ||
Description: | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0689. Reason: This candidate is a duplicate of CVE-2009-0689. Certain codebase relationships were not originally clear. Notes: All CVE users should reference CVE-2009-0689 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1563 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9541 | |||
Oval ID: | oval:org.mitre.oval:def:9541 | ||
Title: | Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number. | ||
Description: | Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0689 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9641 | |||
Oval ID: | oval:org.mitre.oval:def:9641 | ||
Title: | Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded file by placing a file in a /tmp location before the download occurs, related to the Download Manager component. NOTE: some of these details are obtained from third party information. | ||
Description: | Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded file by placing a file in a /tmp location before the download occurs, related to the Download Manager component. NOTE: some of these details are obtained from third party information. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3274 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9789 | |||
Oval ID: | oval:org.mitre.oval:def:9789 | ||
Title: | The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to "doubly-wrapped objects." | ||
Description: | The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to "doubly-wrapped objects." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3374 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2013-08-19 | Mozilla Firefox 3.5.4 - Local Color Map Exploit |
2009-12-11 | Sunbird 0.9 Array Overrun (code execution) 0day |
2009-11-19 | Opera 10.01 Remote Array Overrun |
2009-11-19 | K-Meleon 1.5.3 Remote Array Overrun |
2009-11-19 | SeaMonkey 1.1.8 Remote Array Overrun |
2009-11-19 | KDE KDELibs 4.3.3 Remote Array Overrun |
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for thunderbird CESA-2010:0153 centos5 i386 File : nvt/gb_CESA-2010_0153_thunderbird_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kdelibs CESA-2009:1601 centos5 i386 File : nvt/gb_CESA-2009_1601_kdelibs_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kdelibs CESA-2009:1601 centos4 i386 File : nvt/gb_CESA-2009_1601_kdelibs_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for libvorbis CESA-2009:1561 centos5 i386 File : nvt/gb_CESA-2009_1561_libvorbis_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for libvorbis CESA-2009:1561 centos4 i386 File : nvt/gb_CESA-2009_1561_libvorbis_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for libvorbis CESA-2009:1561 centos3 i386 File : nvt/gb_CESA-2009_1561_libvorbis_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:1531 centos4 i386 File : nvt/gb_CESA-2009_1531_seamonkey_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for seamonkey CESA-2009:1531 centos3 i386 File : nvt/gb_CESA-2009_1531_seamonkey_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2009:1530 centos4 i386 File : nvt/gb_CESA-2009_1530_firefox_centos4_i386.nasl |
2010-06-11 | Name : Fedora Update for libfishsound FEDORA-2010-9774 File : nvt/gb_fedora_2010_9774_libfishsound_fc13.nasl |
2010-06-11 | Name : Fedora Update for libannodex FEDORA-2010-9774 File : nvt/gb_fedora_2010_9774_libannodex_fc13.nasl |
2010-06-11 | Name : Fedora Update for liboggz FEDORA-2010-9774 File : nvt/gb_fedora_2010_9774_liboggz_fc13.nasl |
2010-06-11 | Name : Fedora Update for mod_annodex FEDORA-2010-9774 File : nvt/gb_fedora_2010_9774_mod_annodex_fc13.nasl |
2010-06-11 | Name : Fedora Update for sonic-visualiser FEDORA-2010-9774 File : nvt/gb_fedora_2010_9774_sonic-visualiser_fc13.nasl |
2010-06-07 | Name : Fedora Update for liboggz FEDORA-2010-9253 File : nvt/gb_fedora_2010_9253_liboggz_fc12.nasl |
2010-05-12 | Name : Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002 File : nvt/macosx_upd_10_6_3_secupd_2010-002.nasl |
2010-04-29 | Name : Fedora Update for seamonkey FEDORA-2010-7100 File : nvt/gb_fedora_2010_7100_seamonkey_fc11.nasl |
2010-03-30 | Name : FreeBSD Ports: seamonkey, linux-seamonkey File : nvt/freebsd_seamonkey.nasl |
2010-03-22 | Name : CentOS Update for thunderbird CESA-2010:0154 centos4 i386 File : nvt/gb_CESA-2010_0154_thunderbird_centos4_i386.nasl |
2010-03-22 | Name : Ubuntu Update for thunderbird vulnerabilities USN-915-1 File : nvt/gb_ubuntu_USN_915_1.nasl |
2010-03-22 | Name : RedHat Update for thunderbird RHSA-2010:0154-02 File : nvt/gb_RHSA-2010_0154-02_thunderbird.nasl |
2010-02-25 | Name : Debian Security Advisory DSA 1998-1 (kdelibs) File : nvt/deb_1998_1.nasl |
2010-01-29 | Name : Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4) File : nvt/gb_mandriva_MDVSA_2010_027.nasl |
2010-01-29 | Name : Mandriva Update for kdelibs4 MDVSA-2010:028 (kdelibs4) File : nvt/gb_mandriva_MDVSA_2010_028.nasl |
2009-12-14 | Name : SLES11: Security update for kdelibs3 File : nvt/sles11_kdelibs3.nasl |
2009-12-14 | Name : Mandriva Security Advisory MDVSA-2009:330 (kdelibs) File : nvt/mdksa_2009_330.nasl |
2009-12-10 | Name : FreeBSD Ports: opera File : nvt/freebsd_opera19.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:290-1 (firefox) File : nvt/mdksa_2009_290_1.nasl |
2009-12-03 | Name : Ubuntu USN-861-1 (libvorbis) File : nvt/ubuntu_861_1.nasl |
2009-12-03 | Name : RedHat Security Advisory RHSA-2009:1601 File : nvt/RHSA_2009_1601.nasl |
2009-12-03 | Name : FreeBSD Ports: libvorbis File : nvt/freebsd_libvorbis1.nasl |
2009-12-03 | Name : Debian Security Advisory DSA 1939-1 (libvorbis) File : nvt/deb_1939_1.nasl |
2009-11-23 | Name : Ubuntu USN-853-1 (xulrunner-1.9.1) File : nvt/ubuntu_853_1.nasl |
2009-11-17 | Name : Fedora Core 11 FEDORA-2009-11243 (libvorbis) File : nvt/fcore_2009_11243.nasl |
2009-11-17 | Name : Fedora Core 10 FEDORA-2009-11169 (libvorbis) File : nvt/fcore_2009_11169.nasl |
2009-11-11 | Name : SLES11: Security update for Mozilla Firefox File : nvt/sles11_MozillaFirefox7.nasl |
2009-11-11 | Name : CentOS Security Advisory CESA-2009:1530 (firefox) File : nvt/ovcesa2009_1530.nasl |
2009-11-11 | Name : CentOS Security Advisory CESA-2009:1531 (seamonkey) File : nvt/ovcesa2009_1531.nasl |
2009-11-11 | Name : CentOS Security Advisory CESA-2009:1561 (libvorbis) File : nvt/ovcesa2009_1561.nasl |
2009-11-11 | Name : SLES10: Security update for Mozilla Firefox File : nvt/sles10_MozillaFirefox7.nasl |
2009-11-11 | Name : SLES10: Security update for mozilla-nspr File : nvt/sles10_mozilla-nspr0.nasl |
2009-11-11 | Name : SLES10: Security update for Mozilla XULRunner File : nvt/sles10_mozilla-xulrunn0.nasl |
2009-11-11 | Name : Mandriva Security Advisory MDVSA-2009:290 (firefox) File : nvt/mdksa_2009_290.nasl |
2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1531 File : nvt/RHSA_2009_1531.nasl |
2009-11-11 | Name : SLES11: Security update for Mozilla File : nvt/sles11_mozilla-nspr.nasl |
2009-11-11 | Name : SLES11: Security update for Mozilla XULRunner File : nvt/sles11_mozilla-xulrunn1.nasl |
2009-11-11 | Name : SuSE Security Advisory SUSE-SA:2009:052 (MozillaFirefox) File : nvt/suse_sa_2009_052.nasl |
2009-11-11 | Name : SuSE Security Summary SUSE-SR:2009:018 File : nvt/suse_sr_2009_018.nasl |
2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1530 File : nvt/RHSA_2009_1530.nasl |
2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1561 File : nvt/RHSA_2009_1561.nasl |
2009-11-11 | Name : Debian Security Advisory DSA 1922-1 (xulrunner) File : nvt/deb_1922_1.nasl |
2009-11-11 | Name : Debian Security Advisory DSA 1931-1 (nspr) File : nvt/deb_1931_1.nasl |
2009-11-11 | Name : Fedora Core 11 FEDORA-2009-10878 (chmsee) File : nvt/fcore_2009_10878.nasl |
2009-11-11 | Name : Fedora Core 10 FEDORA-2009-10981 (blam) File : nvt/fcore_2009_10981.nasl |
2009-11-11 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox42.nasl |
2009-11-04 | Name : Mozilla Seamonkey Multiple Vulnerabilities Nov-09 (Win) File : nvt/gb_seamonkey_mult_vuln_nov09_win.nasl |
2009-11-04 | Name : Mozilla Seamonkey Multiple Vulnerabilities Nov-09 (Linux) File : nvt/gb_seamonkey_mult_vuln_nov09_lin.nasl |
2009-11-02 | Name : Mozilla Firefox Multiple Vulnerabilities Nov-09 (Win) File : nvt/gb_firefox_mult_vuln_nov09_win.nasl |
2009-11-02 | Name : Mozilla Firefox Multiple Vulnerabilities Nov-09 (Linux) File : nvt/gb_firefox_mult_vuln_nov09_lin.nasl |
2009-11-02 | Name : Mozilla Firefox Multiple Memory Corruption Vulnerabilities Nov-09 (Win) File : nvt/gb_firefox_mult_mem_crptn_vuln_nov09_win.nasl |
2009-11-02 | Name : Mozilla Firefox Multiple Memory Corruption Vulnerabilities Nov-09 (Linux) File : nvt/gb_firefox_mult_mem_crptn_vuln_nov09_lin.nasl |
2009-11-02 | Name : Mozilla Firefox Denial Of Service Vulnerability Nov-09 (Win) File : nvt/gb_firefox_dos_vuln_nov09_win.nasl |
2009-11-02 | Name : Mozilla Firefox Denial Of Service Vulnerability Nov-09 (Linux) File : nvt/gb_firefox_dos_vuln_nov09_lin.nasl |
2009-09-23 | Name : Insecure Saving Of Downloadable File In Mozilla Firefox (Linux) File : nvt/secpod_firefox_insecure_saving_download_file.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
63646 | J Programming Language libc dtoa Implementation Floating Point Parsing Memory... |
63641 | Matlab libc dtoa Implementation Floating Point Parsing Memory Corruption |
63639 | Apple Mac OS X libc dtoa Implementation Floating Point Parsing Memory Corruption |
62402 | K-Meleon libc dtoa Implementation Floating Point Parsing Memory Corruption |
61189 | Mozilla Sunbird libc dtoa Implementation Floating Point Parsing Memory Corrup... |
61188 | Flock Browser libc dtoa Implementation Floating Point Parsing Memory Corruption |
61187 | KDE kdelibs libc dtoa Implementation Floating Point Parsing Memory Corruption |
61186 | Opera libc dtoa Implementation Floating Point Parsing Memory Corruption |
61091 | Mozilla Multiple Products libc dtoa Implementation Floating Point Parsing Mem... |
59395 | Mozilla Firefox Recursive JavaScript Web-workers Memory Corruption |
59394 | Mozilla Multiple Browsers Proxy Auto-configuration (PAC) File Regular Express... |
59393 | Mozilla Multiple Browsers GIF Color Map Parser Overflow |
59392 | Mozilla Firefox XPCOM XPCVariant::VariantDataToJS Utility Chrome Privileged J... |
59391 | Mozilla Firefox Key Event Javascript Methods Form History Remote Disclosure |
59390 | Mozilla Firefox document.getSelection Function Cross-origin Data Disclosure |
59389 | Mozilla Multiple Browsers Filename Right-to-left (RTL) Override Character Dow... |
59388 | Mozilla Firefox liboggplay oggplay_data_handle_theora_frame Function NULL Der... |
59386 | Mozilla Firefox libvorbis Multiple Unspecified Code Execution Issues |
59385 | liboggz Unspecified Memory Corruption |
59384 | Mozilla Firefox Browser Engine nsCachedStyleData::GetStyleDisplay Function Me... |
59383 | Mozilla Firefox JavaScript Engine Multiple Unspecified Memory Corruption |
59382 | Mozilla Firefox Browser Engine Multiple Unspecified Memory Corruption (2009-3... |
59381 | Mozilla Firefox Browser Engine Multiple Unspecified Memory Corruption (2009-3... |
57844 | Mozilla Firefox on Linux Temporary File Download Manipulation Weakness |
55603 | libc gdtoa/misc.c dtoa() Implementation printf Function Array Overflow |
Snort® IPS/IDS
Date | Description |
---|---|
2017-12-21 | Mozilla Firefox browser engine memory corruption attempt RuleID : 44978 - Revision : 2 - Type : BROWSER-FIREFOX |
2014-03-06 | Mozilla Firefox browser engine memory corruption attempt RuleID : 29579 - Revision : 2 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla products floating point buffer overflow attempt RuleID : 21155 - Revision : 6 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla products floating point buffer overflow attempt RuleID : 21154 - Revision : 6 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox JS Web Worker arbitrary code execution attempt RuleID : 18332 - Revision : 6 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox browser engine memory corruption attempt RuleID : 16347 - Revision : 5 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2018-11-02 | Name : The remote Debian host is missing a security update. File : debian_DLA-1564.nasl - Type : ACT_GATHER_INFO |
2016-12-01 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2958-1.nasl - Type : ACT_GATHER_INFO |
2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0001_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2015-6dec4e6d5f.nasl - Type : ACT_GATHER_INFO |
2016-01-28 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0257-1.nasl - Type : ACT_GATHER_INFO |
2016-01-04 | Name : The remote Debian host is missing a security update. File : debian_DLA-376.nasl - Type : ACT_GATHER_INFO |
2016-01-04 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_4b3a7e70afce11e5b86414dae9d210b8.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0312.nasl - Type : ACT_GATHER_INFO |
2014-03-20 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140318_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-03-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0311.nasl - Type : ACT_GATHER_INFO |
2014-03-19 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0311.nasl - Type : ACT_GATHER_INFO |
2014-03-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0311.nasl - Type : ACT_GATHER_INFO |
2013-12-05 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_ruby-131125.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1530.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1531.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1561.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1601.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0154.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1561.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1601.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0153.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091027_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091027_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091109_libvorbis_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091124_kdelibs_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20100317_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-6609.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kdelibs3-6692.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mozilla-nspr-6631.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mozilla-xulrunner190-6617.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-294.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-027.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-028.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-7100.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-9253.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-9774.nasl - Type : ACT_GATHER_INFO |
2010-05-20 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12616.nasl - Type : ACT_GATHER_INFO |
2010-05-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_seamonkey-100430.nasl - Type : ACT_GATHER_INFO |
2010-05-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_seamonkey-100430.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0154.nasl - Type : ACT_GATHER_INFO |
2010-04-14 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-071.nasl - Type : ACT_GATHER_INFO |
2010-03-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaThunderbird-100324.nasl - Type : ACT_GATHER_INFO |
2010-03-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaThunderbird-100324.nasl - Type : ACT_GATHER_INFO |
2010-03-29 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0153.nasl - Type : ACT_GATHER_INFO |
2010-03-29 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_3.nasl - Type : ACT_GATHER_INFO |
2010-03-29 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2010-002.nasl - Type : ACT_GATHER_INFO |
2010-03-22 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_56cfe192329f11dfabb2000f20797ede.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0154.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_20024.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_1119.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-915-1.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1922.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1931.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1939.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1998.nasl - Type : ACT_GATHER_INFO |
2010-01-12 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kdelibs4-100107.nasl - Type : ACT_GATHER_INFO |
2010-01-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0001.nasl - Type : ACT_GATHER_INFO |
2009-12-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-346.nasl - Type : ACT_GATHER_INFO |
2009-12-22 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12563.nasl - Type : ACT_GATHER_INFO |
2009-12-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-871-1.nasl - Type : ACT_GATHER_INFO |
2009-12-08 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_kdelibs3-091202.nasl - Type : ACT_GATHER_INFO |
2009-12-08 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kdelibs3-091202.nasl - Type : ACT_GATHER_INFO |
2009-12-08 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kdelibs3-091204.nasl - Type : ACT_GATHER_INFO |
2009-12-08 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kdelibs3-091202.nasl - Type : ACT_GATHER_INFO |
2009-12-08 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kdelibs3-6691.nasl - Type : ACT_GATHER_INFO |
2009-12-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-290.nasl - Type : ACT_GATHER_INFO |
2009-12-02 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_6431c4dbdeb411de90780030843d3802.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_opera-091125.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_opera-091125.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_opera-091125.nasl - Type : ACT_GATHER_INFO |
2009-11-25 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_94edff42d93d11dea4340211d880e350.nasl - Type : ACT_GATHER_INFO |
2009-11-25 | Name : The remote host contains a web browser that is affected by multiple issues. File : opera_1010.nasl - Type : ACT_GATHER_INFO |
2009-11-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1601.nasl - Type : ACT_GATHER_INFO |
2009-11-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-861-1.nasl - Type : ACT_GATHER_INFO |
2009-11-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-853-2.nasl - Type : ACT_GATHER_INFO |
2009-11-11 | Name : The remote Fedora host is missing a security update. File : fedora_2009-11169.nasl - Type : ACT_GATHER_INFO |
2009-11-11 | Name : The remote Fedora host is missing a security update. File : fedora_2009-11243.nasl - Type : ACT_GATHER_INFO |
2009-11-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1561.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_mozilla-nspr-091104.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_mozilla-nspr-091104.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_mozilla-nspr-091103.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mozilla-nspr-6630.nasl - Type : ACT_GATHER_INFO |
2009-11-05 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-10981.nasl - Type : ACT_GATHER_INFO |
2009-11-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-091103.nasl - Type : ACT_GATHER_INFO |
2009-11-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-091102.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-091030.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_mozilla-xulrunner190-091030.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-6606.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mozilla-xulrunner190-6616.nasl - Type : ACT_GATHER_INFO |
2009-11-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-853-1.nasl - Type : ACT_GATHER_INFO |
2009-10-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1530.nasl - Type : ACT_GATHER_INFO |
2009-10-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1531.nasl - Type : ACT_GATHER_INFO |
2009-10-29 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-10878.nasl - Type : ACT_GATHER_INFO |
2009-10-29 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_c87aa2d2c3c411deab08000f20797ede.nasl - Type : ACT_GATHER_INFO |
2009-10-29 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_3015.nasl - Type : ACT_GATHER_INFO |
2009-10-29 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_354.nasl - Type : ACT_GATHER_INFO |
2009-10-29 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_20.nasl - Type : ACT_GATHER_INFO |
2009-10-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1530.nasl - Type : ACT_GATHER_INFO |
2009-10-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1531.nasl - Type : ACT_GATHER_INFO |
2009-10-01 | Name : The remote host contains a web browser that is affected by a buffer overflow ... File : google_chrome_3_0_195_24.nasl - Type : ACT_GATHER_INFO |