Executive Summary
Summary | |
---|---|
Title | Firefox vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-2052-1 | First vendor Publication | 2013-12-11 |
Vendor | Ubuntu | Last vendor Modification | 2013-12-11 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 13.10 - Ubuntu 13.04 - Ubuntu 12.10 - Ubuntu 12.04 LTS Summary: Firefox could be made to crash or run programs as your login if it opened a malicious website. Software Description: - firefox: Mozilla Open Source web browser Details: Ben Turner, Bobby Holley, Jesse Ruderman, Christian Holler and Christoph Diehl discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-5609, CVE-2013-5610) Myk Melez discovered that the doorhanger notification for web app installation could persist between page navigations. An attacker could potentially exploit this to conduct clickjacking attacks. (CVE-2013-5611) Masato Kinugawa discovered that pages with missing character set encoding information can inherit character encodings across navigations from another domain. An attacker could potentially exploit this to conduct cross-site scripting attacks. (CVE-2013-5612) Daniel Veditz discovered that a sandboxed iframe could use an object element to bypass its own restrictions. (CVE-2013-5614) Tyson Smith and Jesse Schwartzentruber discovered a use-after-free in event listeners. An attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-5616) A use-after-free was discovered in the table editing interface. An attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-5618) Dan Gohman discovered that binary search algorithms in Spidermonkey used arithmetic prone to overflow in several places. However, this is issue not believed to be exploitable. (CVE-2013-5619) Tyson Smith and Jesse Schwartzentruber discovered a crash when inserting an ordered list in to a document using script. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-6671) Vincent Lefevre discovered that web content could access clipboard data under certain circumstances, resulting in information disclosure. (CVE-2013-6672) Sijie Xia discovered that trust settings for built-in EV root certificates were ignored under certain circumstances, removing the ability for a user to manually untrust certificates from specific authorities. (CVE-2013-6673) Tyson Smith, Jesse Schwartzentruber and Atte Kettunen discovered a use-after-free in functions for synthetic mouse movement handling. An attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-5613) Eric Faust discovered that GetElementIC typed array stubs can be generated outside observed typesets. An attacker could possibly exploit this to cause undefined behaviour with a potential security impact. (CVE-2013-5615) Michal Zalewski discovered several issues with JPEG image handling. An attacker could potentially exploit these to obtain sensitive information. (CVE-2013-6629, CVE-2013-6630) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 13.10: Ubuntu 13.04: Ubuntu 12.10: Ubuntu 12.04 LTS: After a standard system update you need to restart Firefox to make all the necessary changes. References: Package Information: -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce |
Original Source
Url : http://www.ubuntu.com/usn/USN-2052-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
27 % | CWE-416 | Use After Free |
18 % | CWE-200 | Information Exposure |
9 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
9 % | CWE-310 | Cryptographic Issues |
9 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
9 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
9 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
9 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:20292 | |||
Oval ID: | oval:org.mitre.oval:def:20292 | ||
Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5610 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20678 | |||
Oval ID: | oval:org.mitre.oval:def:20678 | ||
Title: | Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners. | ||
Description: | Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5616 | Version: | 14 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20749 | |||
Oval ID: | oval:org.mitre.oval:def:20749 | ||
Title: | RHSA-2013:1812: firefox security update (Critical) | ||
Description: | The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:1812-01 CESA-2013:1812 CVE-2013-0772 CVE-2013-5609 CVE-2013-5612 CVE-2013-5613 CVE-2013-5614 CVE-2013-5616 CVE-2013-5618 CVE-2013-6671 | Version: | 117 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 | Product(s): | firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20780 | |||
Oval ID: | oval:org.mitre.oval:def:20780 | ||
Title: | USN-2052-1 -- firefox vulnerabilities | ||
Description: | Firefox could be made to crash or run programs as your login if it opened a malicious website. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2052-1 CVE-2013-5609 CVE-2013-5610 CVE-2013-5611 CVE-2013-5612 CVE-2013-5614 CVE-2013-5616 CVE-2013-5618 CVE-2013-5619 CVE-2013-6671 CVE-2013-6672 CVE-2013-6673 CVE-2013-5613 CVE-2013-5615 CVE-2013-6629 CVE-2013-6630 | Version: | 5 |
Platform(s): | Ubuntu 13.10 Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 | Product(s): | firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20800 | |||
Oval ID: | oval:org.mitre.oval:def:20800 | ||
Title: | The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors. | ||
Description: | The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5615 | Version: | 14 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20881 | |||
Oval ID: | oval:org.mitre.oval:def:20881 | ||
Title: | USN-2053-1 -- thunderbird vulnerabilities | ||
Description: | Several security issues were fixed in Thunderbird. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2053-1 CVE-2013-5609 CVE-2013-5616 CVE-2013-5618 CVE-2013-6671 CVE-2013-6673 CVE-2013-5613 CVE-2013-5615 CVE-2013-6629 CVE-2013-6630 | Version: | 5 |
Platform(s): | Ubuntu 13.10 Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20932 | |||
Oval ID: | oval:org.mitre.oval:def:20932 | ||
Title: | Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site. | ||
Description: | Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5614 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20982 | |||
Oval ID: | oval:org.mitre.oval:def:20982 | ||
Title: | Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation. | ||
Description: | Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5611 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21015 | |||
Oval ID: | oval:org.mitre.oval:def:21015 | ||
Title: | Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function. | ||
Description: | Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5613 | Version: | 14 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21024 | |||
Oval ID: | oval:org.mitre.oval:def:21024 | ||
Title: | Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user. | ||
Description: | Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6673 | Version: | 14 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21047 | |||
Oval ID: | oval:org.mitre.oval:def:21047 | ||
Title: | Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header. | ||
Description: | Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5612 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21061 | |||
Oval ID: | oval:org.mitre.oval:def:21061 | ||
Title: | USN-2060-1 -- libjpeg-turbo, libjpeg6b vulnerabilities | ||
Description: | libjpeg and libjpeg-turbo could be made to expose sensitive information. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2060-1 CVE-2013-6629 CVE-2013-6630 | Version: | 5 |
Platform(s): | Ubuntu 13.10 Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | libjpeg-turbo libjpeg6b |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21091 | |||
Oval ID: | oval:org.mitre.oval:def:21091 | ||
Title: | Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code. | ||
Description: | Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5619 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21110 | |||
Oval ID: | oval:org.mitre.oval:def:21110 | ||
Title: | The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. | ||
Description: | The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6671 | Version: | 14 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21122 | |||
Oval ID: | oval:org.mitre.oval:def:21122 | ||
Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5609 | Version: | 14 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21129 | |||
Oval ID: | oval:org.mitre.oval:def:21129 | ||
Title: | RHSA-2013:1804: libjpeg security update (Moderate) | ||
Description: | The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:1804-00 CESA-2013:1804 CVE-2013-6629 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | libjpeg |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21152 | |||
Oval ID: | oval:org.mitre.oval:def:21152 | ||
Title: | The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | ||
Description: | The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6630 | Version: | 15 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21193 | |||
Oval ID: | oval:org.mitre.oval:def:21193 | ||
Title: | RHSA-2013:1803: libjpeg-turbo security update (Moderate) | ||
Description: | The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:1803-00 CESA-2013:1803 CVE-2013-6629 CVE-2013-6630 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | libjpeg-turbo |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21236 | |||
Oval ID: | oval:org.mitre.oval:def:21236 | ||
Title: | The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | ||
Description: | The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6629 | Version: | 15 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Google Chrome Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21283 | |||
Oval ID: | oval:org.mitre.oval:def:21283 | ||
Title: | RHSA-2013:1823: thunderbird security update (Important) | ||
Description: | The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:1823-01 CESA-2013:1823 CVE-2013-0772 CVE-2013-5609 CVE-2013-5612 CVE-2013-5613 CVE-2013-5614 CVE-2013-5616 CVE-2013-5618 CVE-2013-6671 | Version: | 117 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23396 | |||
Oval ID: | oval:org.mitre.oval:def:23396 | ||
Title: | DEPRECATED: ELSA-2013:1812: firefox security update (Critical) | ||
Description: | The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:1812-01 CVE-2013-0772 CVE-2013-5609 CVE-2013-5612 CVE-2013-5613 CVE-2013-5614 CVE-2013-5616 CVE-2013-5618 CVE-2013-6671 | Version: | 38 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23646 | |||
Oval ID: | oval:org.mitre.oval:def:23646 | ||
Title: | ELSA-2013:1804: libjpeg security update (Moderate) | ||
Description: | The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:1804-00 CVE-2013-6629 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | libjpeg |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23916 | |||
Oval ID: | oval:org.mitre.oval:def:23916 | ||
Title: | ELSA-2013:1812: firefox security update (Critical) | ||
Description: | The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:1812-01 CVE-2013-0772 CVE-2013-5609 CVE-2013-5612 CVE-2013-5613 CVE-2013-5614 CVE-2013-5616 CVE-2013-5618 CVE-2013-6671 | Version: | 37 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24036 | |||
Oval ID: | oval:org.mitre.oval:def:24036 | ||
Title: | ELSA-2013:1803: libjpeg-turbo security update (Moderate) | ||
Description: | The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:1803-00 CVE-2013-6629 CVE-2013-6630 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | libjpeg-turbo |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24712 | |||
Oval ID: | oval:org.mitre.oval:def:24712 | ||
Title: | Vulnerability in Java SE 5.0u61, Java SE 6u71, Java SE 7u51, Java SE 8 allows successful unauthenticated network attacks via multiple protocols | ||
Description: | The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6629 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26976 | |||
Oval ID: | oval:org.mitre.oval:def:26976 | ||
Title: | DEPRECATED: ELSA-2013-1804 -- libjpeg security update (moderate) | ||
Description: | [6b-38] - Add patch for CVE-2013-6629 - Resolves: #1031952 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-1804 CVE-2013-6629 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | libjpeg |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27154 | |||
Oval ID: | oval:org.mitre.oval:def:27154 | ||
Title: | DEPRECATED: ELSA-2013-1803 -- libjpeg-turbo security update (moderate) | ||
Description: | [1.2.1-3] - Resolves: #1031955 apply patch for CVE-2013-6630 [1.2.1-2] - Resolves: #1031955 libjpeg-turbo: various flaws (CVE-2013-6629) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-1803 CVE-2013-6629 CVE-2013-6630 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | libjpeg-turbo |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27223 | |||
Oval ID: | oval:org.mitre.oval:def:27223 | ||
Title: | DEPRECATED: ELSA-2013-1823 -- thunderbird security update (important) | ||
Description: | [24.2.0-1.0.1.el6_5] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Make sure build with nspr-devel >= 4.10.0 [24.2.0-1] - Update to 24.2.0 ESR [24.1.0-1] - Update to 24.1.0 ESR | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-1823 CVE-2013-5609 CVE-2013-5612 CVE-2013-5613 CVE-2013-5614 CVE-2013-5616 CVE-2013-5618 CVE-2013-6671 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27366 | |||
Oval ID: | oval:org.mitre.oval:def:27366 | ||
Title: | DEPRECATED: ELSA-2013-1812 -- firefox security update (critical) | ||
Description: | [24.2.0-1.0.1.el6_4] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Build with nspr-devel >= 4.10.0 to fix build failure [24.2.0-1] - Update to 24.2.0 ESR [24.1.0-4] - Fixed mozbz#938730 - avoid mix of memory allocators (crashes) when using system sqlite [24.1.0-3] - Fixed locale pickup (rhbz#1034541) [24.1.0-2] - Fixed package reinstall issue [24.1.0-1] - Update to 24.1.0 ESR [24.0-0.1] - Update to 24.0 ESR | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-1812 CVE-2013-5609 CVE-2013-5612 CVE-2013-5613 CVE-2013-5614 CVE-2013-5616 CVE-2013-5618 CVE-2013-6671 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2014-03-13 | IAVM : 2014-B-0024 - Multiple Security Vulnerabilities in Apple iOS Severity : Category I - VMSKEY : V0046157 |
2014-02-27 | IAVM : 2014-A-0030 - Apple Mac OS X Security Update 2014-001 Severity : Category I - VMSKEY : V0044547 |
2013-12-12 | IAVM : 2013-A-0233 - Multiple Vulnerabilities in Mozilla Products Severity : Category I - VMSKEY : V0042596 |
2013-11-14 | IAVM : 2013-B-0124 - Multiple Vulnerabilities in Google Chrome Severity : Category I - VMSKEY : V0042301 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-04-12 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_apr_4015550.nasl - Type : ACT_GATHER_INFO |
2017-04-12 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_apr_4015549.nasl - Type : ACT_GATHER_INFO |
2017-04-12 | Name : The remote Windows host is affected by an information disclosure vulnerability. File : smb_nt_ms17_apr_4015383.nasl - Type : ACT_GATHER_INFO |
2017-04-12 | Name : An application installed on the remote macOS or Mac OS X host is affected by ... File : macosx_ms17-04-4019460_mono.nasl - Type : ACT_GATHER_INFO |
2017-04-11 | Name : A web application framework running on the remote host is affected by an info... File : smb_nt_ms17_apr_4017094.nasl - Type : ACT_GATHER_INFO |
2017-04-11 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_apr_4015583.nasl - Type : ACT_GATHER_INFO |
2017-04-11 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_apr_4015221.nasl - Type : ACT_GATHER_INFO |
2017-04-11 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_apr_4015219.nasl - Type : ACT_GATHER_INFO |
2017-04-11 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17_apr_4015217.nasl - Type : ACT_GATHER_INFO |
2017-04-11 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms17-apr_4015551.nasl - Type : ACT_GATHER_INFO |
2016-06-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201606-03.nasl - Type : ACT_GATHER_INFO |
2016-05-24 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL59503294.nasl - Type : ACT_GATHER_INFO |
2016-02-22 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL62655427.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0732-1.nasl - Type : ACT_GATHER_INFO |
2015-04-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201504-01.nasl - Type : ACT_GATHER_INFO |
2014-12-16 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-773.nasl - Type : ACT_GATHER_INFO |
2014-12-16 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-772.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0982.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0414.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0413.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-0041.nasl - Type : ACT_GATHER_INFO |
2014-09-23 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : domino_9_0_1_fp2.nasl - Type : ACT_GATHER_INFO |
2014-09-23 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : ibm_domino_9_0_1_fp2.nasl - Type : ACT_GATHER_INFO |
2014-09-23 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : ibm_notes_9_0_1_fp2.nasl - Type : ACT_GATHER_INFO |
2014-09-17 | Name : The remote host has a virtualization management application installed that is... File : vmware_vcenter_vmsa-2014-0008.nasl - Type : ACT_GATHER_INFO |
2014-09-17 | Name : The remote host has an update manager installed that is affected by multiple ... File : vmware_vcenter_update_mgr_vmsa-2014-0008.nasl - Type : ACT_GATHER_INFO |
2014-07-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0705.nasl - Type : ACT_GATHER_INFO |
2014-07-28 | Name : The remote AIX host has a version of Java SDK installed that is potentially a... File : aix_java_apr2014_advisory.nasl - Type : ACT_GATHER_INFO |
2014-06-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201406-32.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-961.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-1022.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-1023.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-1024.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-903.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-904.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-993.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-994.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-995.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-2.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-37.nasl - Type : ACT_GATHER_INFO |
2014-06-10 | Name : The remote Fedora host is missing a security update. File : fedora_2014-6870.nasl - Type : ACT_GATHER_INFO |
2014-06-10 | Name : The remote Fedora host is missing a security update. File : fedora_2014-6859.nasl - Type : ACT_GATHER_INFO |
2014-06-03 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-140514.nasl - Type : ACT_GATHER_INFO |
2014-06-01 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-140515.nasl - Type : ACT_GATHER_INFO |
2014-05-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0509.nasl - Type : ACT_GATHER_INFO |
2014-05-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0508.nasl - Type : ACT_GATHER_INFO |
2014-05-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0486.nasl - Type : ACT_GATHER_INFO |
2014-05-14 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-openjdk-140508.nasl - Type : ACT_GATHER_INFO |
2014-05-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2923.nasl - Type : ACT_GATHER_INFO |
2014-04-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0412.nasl - Type : ACT_GATHER_INFO |
2014-04-16 | Name : The remote Unix host contains a programming platform that is potentially affe... File : oracle_java_cpu_apr_2014_unix.nasl - Type : ACT_GATHER_INFO |
2014-04-16 | Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java_cpu_apr_2014.nasl - Type : ACT_GATHER_INFO |
2014-03-12 | Name : The remote device is affected by multiple vulnerabilities. File : appletv_6_1.nasl - Type : ACT_GATHER_INFO |
2014-02-25 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2014-001.nasl - Type : ACT_GATHER_INFO |
2014-02-25 | Name : The remote host is missing a Mac OS X update that fixes a certificate validat... File : macosx_10_9_2.nasl - Type : ACT_GATHER_INFO |
2014-01-12 | Name : The remote Fedora host is missing a security update. File : fedora_2013-23722.nasl - Type : ACT_GATHER_INFO |
2014-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2013-23291.nasl - Type : ACT_GATHER_INFO |
2013-12-24 | Name : The remote Fedora host is missing a security update. File : fedora_2013-23749.nasl - Type : ACT_GATHER_INFO |
2013-12-23 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-267.nasl - Type : ACT_GATHER_INFO |
2013-12-20 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox24-201312-131215.nasl - Type : ACT_GATHER_INFO |
2013-12-20 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox24-201312-131216.nasl - Type : ACT_GATHER_INFO |
2013-12-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2060-1.nasl - Type : ACT_GATHER_INFO |
2013-12-18 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2013-23519.nasl - Type : ACT_GATHER_INFO |
2013-12-17 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2013-350-02.nasl - Type : ACT_GATHER_INFO |
2013-12-16 | Name : The remote Fedora host is missing a security update. File : fedora_2013-23295.nasl - Type : ACT_GATHER_INFO |
2013-12-16 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_dd116b1964b311e3868f0025905a4771.nasl - Type : ACT_GATHER_INFO |
2013-12-13 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131211_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-12-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1823.nasl - Type : ACT_GATHER_INFO |
2013-12-12 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2013-1812.nasl - Type : ACT_GATHER_INFO |
2013-12-12 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2013-1823.nasl - Type : ACT_GATHER_INFO |
2013-12-12 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2013-23127.nasl - Type : ACT_GATHER_INFO |
2013-12-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2013-1823.nasl - Type : ACT_GATHER_INFO |
2013-12-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2013-1812.nasl - Type : ACT_GATHER_INFO |
2013-12-12 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131211_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-12-12 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2053-1.nasl - Type : ACT_GATHER_INFO |
2013-12-12 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2052-1.nasl - Type : ACT_GATHER_INFO |
2013-12-11 | Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_26.nasl - Type : ACT_GATHER_INFO |
2013-12-11 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131210_libjpeg_turbo_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-12-11 | Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_24_2_esr.nasl - Type : ACT_GATHER_INFO |
2013-12-11 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131210_libjpeg_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-12-11 | Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_24_2.nasl - Type : ACT_GATHER_INFO |
2013-12-11 | Name : The remote Windows host contains a web browser that is potentially affected b... File : seamonkey_223.nasl - Type : ACT_GATHER_INFO |
2013-12-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1812.nasl - Type : ACT_GATHER_INFO |
2013-12-11 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1804.nasl - Type : ACT_GATHER_INFO |
2013-12-11 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_24_2.nasl - Type : ACT_GATHER_INFO |
2013-12-11 | Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_26.nasl - Type : ACT_GATHER_INFO |
2013-12-11 | Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_24_2_esr.nasl - Type : ACT_GATHER_INFO |
2013-12-10 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1803.nasl - Type : ACT_GATHER_INFO |
2013-12-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1803.nasl - Type : ACT_GATHER_INFO |
2013-12-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1804.nasl - Type : ACT_GATHER_INFO |
2013-12-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1804.nasl - Type : ACT_GATHER_INFO |
2013-12-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1803.nasl - Type : ACT_GATHER_INFO |
2013-11-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-273.nasl - Type : ACT_GATHER_INFO |
2013-11-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2799.nasl - Type : ACT_GATHER_INFO |
2013-11-14 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_31_0_1650_48.nasl - Type : ACT_GATHER_INFO |
2013-11-14 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_31_0_1650_48.nasl - Type : ACT_GATHER_INFO |
2013-11-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_3bfc70164bcc11e3b0cf00262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:02:51 |
|
2013-12-13 00:22:17 |
|
2013-12-11 21:24:27 |
|
2013-12-11 17:18:03 |
|