Executive Summary
Summary | |
---|---|
Title | Firefox and Xulrunner vulnerability |
Informations | |||
---|---|---|---|
Name | USN-957-2 | First vendor Publication | 2010-07-26 |
Vendor | Ubuntu | Last vendor Modification | 2010-07-26 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 10.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: Ubuntu 10.04 LTS: After a standard system update you need to restart Firefox to make all the necessary changes. Details follow: USN-957-1 fixed vulnerabilities in Firefox and Xulrunner. Daniel Holbert discovered that the fix for CVE-2010-1214 introduced a regression which did not properly initialize a plugin pointer. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or run arbitrary code as the user invoking the program. (CVE-2010-2755) This update fixes the problem. Original advisory details: Several flaws were discovered in the browser engine of Firefox. If a user |
Original Source
Url : http://www.ubuntu.com/usn/USN-957-2 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
18 % | CWE-264 | Permissions, Privileges, and Access Controls |
12 % | CWE-416 | Use After Free |
12 % | CWE-399 | Resource Management Errors |
12 % | CWE-200 | Information Exposure |
12 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
12 % | CWE-20 | Improper Input Validation |
6 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
6 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
6 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
6 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10958 | |||
Oval ID: | oval:org.mitre.oval:def:10958 | ||
Title: | Mozilla Firefox, Thunderbird, and SeaMonkey 'nsTreeSelection' Remote Code Execution Vulnerability | ||
Description: | Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-free. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2753 | Version: | 25 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11055 | |||
Oval ID: | oval:org.mitre.oval:def:11055 | ||
Title: | Mozilla Firefox and SeaMonkey 'NodeIterator' Use-after-free Vulnerability | ||
Description: | Use-after-free vulnerability in the NodeIterator implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via a crafted NodeFilter that detaches DOM nodes, related to the NodeIterator interface and a javascript callback. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1209 | Version: | 21 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11527 | |||
Oval ID: | oval:org.mitre.oval:def:11527 | ||
Title: | Mozilla Firefox and Thunderbird Arbitrary code execution using SJOW and fast native function | ||
Description: | Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 do not properly implement access to a content object through a SafeJSObjectWrapper (aka SJOW) wrapper, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging "access to an object from the chrome scope." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1215 | Version: | 18 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11531 | |||
Oval ID: | oval:org.mitre.oval:def:11531 | ||
Title: | DSA-2075 xulrunner -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems: Wladimir Palant discovered that security checks in XML processing were insufficiently enforced. Chris Evans discovered that insecure CSS handling could lead to reading data across domain boundaries. Aki Helin discovered a buffer overflow in the internal copy of libpng, which could lead to the execution of arbitrary code. "regenrecht" discovered that incorrect memory handling in DOM parsing could lead to the execution of arbitrary code. Jesse Ruderman, Ehsan Akhgari, Mats Palmgren, Igor Bukanov, Gary Kwong, Tobias Markus and Daniel Holbert discovered crashes in the layout engine, which might allow the execution of arbitrary code. "JS3" discovered an integer overflow in the plugin code, which could lead to the execution of arbitrary code. Jordi Chancel discovered that the location could be spoofed to appear like a secured page. "regenrecht" discovered that incorrect memory handling in XUL parsing could lead to the execution of arbitrary code. Soroush Dalili discovered an information leak in script processing. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2075 CVE-2010-0182 CVE-2010-0654 CVE-2010-1205 CVE-2010-1208 CVE-2010-1211 CVE-2010-1214 CVE-2010-2751 CVE-2010-2753 CVE-2010-2754 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11552 | |||
Oval ID: | oval:org.mitre.oval:def:11552 | ||
Title: | Mozilla Firefox/Thunderbird/SeaMonkey Memory Corruption Vulnerability | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1211 | Version: | 25 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11680 | |||
Oval ID: | oval:org.mitre.oval:def:11680 | ||
Title: | Mozilla Firefox, Thunderbird and SeaMonkey CSS Values Integer Overflow Vulnerability | ||
Description: | Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array, related to references to external font resources and an inconsistency between 16-bit and 32-bit integers. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2752 | Version: | 25 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11685 | |||
Oval ID: | oval:org.mitre.oval:def:11685 | ||
Title: | Mozilla Firefox and SeaMonkey Plugin Parameter 'EnsureCachedAttrParamArrays' Remote Code Execution Vulnerability | ||
Description: | Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1214 | Version: | 20 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11688 | |||
Oval ID: | oval:org.mitre.oval:def:11688 | ||
Title: | Mozilla Firefox and SeaMonkey Location Bar Spoofing Vulnerability | ||
Description: | The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to spoof the SSL security status of a document via vectors involving multiple requests, a redirect, and the history.back and history.forward JavaScript functions. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2751 | Version: | 20 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11740 | |||
Oval ID: | oval:org.mitre.oval:def:11740 | ||
Title: | Mozilla Firefox and SeaMonkey DOM Attribute Cloning Remote Code Execution Vulnerability | ||
Description: | Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via vectors related to deletion of an event attribute node with a nonzero reference count. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1208 | Version: | 20 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11770 | |||
Oval ID: | oval:org.mitre.oval:def:11770 | ||
Title: | Mozilla Firefox, Thunderbird, and SeaMonkey Cross-origin data leakage from script filename in error messages | ||
Description: | dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2754 | Version: | 25 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11771 | |||
Oval ID: | oval:org.mitre.oval:def:11771 | ||
Title: | Mozilla Firefox/Thunderbird/SeaMonkey Memory Corruption Vulnerability | ||
Description: | js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) propagation of deep aborts in the TraceRecorder::record_JSOP_BINDNAME function, (2) depth handling in the TraceRecorder::record_JSOP_GETELEM function, and (3) tracing of out-of-range arguments in the TraceRecorder::record_JSOP_ARGSUB function. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1212 | Version: | 23 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11811 | |||
Oval ID: | oval:org.mitre.oval:def:11811 | ||
Title: | Mozilla Firefox, Thunderbird and SeaMonkey Cross-domain Data Theft Using CSS Vulnerability | ||
Description: | Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 permit cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0654 | Version: | 25 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11835 | |||
Oval ID: | oval:org.mitre.oval:def:11835 | ||
Title: | Mozilla Firefox/Thunderbird/SeaMonkey Cross-origin data disclosure via Web Workers and importScripts | ||
Description: | The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not verify that content is valid JavaScript code, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted HTML document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1213 | Version: | 25 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11851 | |||
Oval ID: | oval:org.mitre.oval:def:11851 | ||
Title: | Mozilla Firefox/Thunderbird/SeaMonkey 'libpng' Buffer Overflow Vulnerability | ||
Description: | Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1205 | Version: | 25 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11863 | |||
Oval ID: | oval:org.mitre.oval:def:11863 | ||
Title: | Mozilla Firefox and Thunderbird Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish | ||
Description: | intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 inserts a U+FFFD sequence into text in certain circumstances involving undefined positions, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted 8-bit text. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1210 | Version: | 18 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11887 | |||
Oval ID: | oval:org.mitre.oval:def:11887 | ||
Title: | Mozilla Firefox and Thunderbird Same-origin Bypass Using Canvas Context Vulnerability | ||
Description: | Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 do not properly implement read restrictions for CANVAS elements, which allows remote attackers to obtain sensitive cross-origin information via vectors involving reference retention and node deletion. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1207 | Version: | 18 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11961 | |||
Oval ID: | oval:org.mitre.oval:def:11961 | ||
Title: | Mozilla Firefox Plugin Parameter Reference Remote Code Execution Vulnerability | ||
Description: | layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2755 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13110 | |||
Oval ID: | oval:org.mitre.oval:def:13110 | ||
Title: | USN-958-1 -- thunderbird vulnerabilities | ||
Description: | Several flaws were discovered in the browser engine of Thunderbird. If a user were tricked into viewing malicious content, a remote attacker could use this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. An integer overflow was discovered in how Thunderbird processed CSS values. An attacker could exploit this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. An integer overflow was discovered in how Thunderbird interpreted the XUL element. If a user were tricked into viewing malicious content, a remote attacker could use this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. Aki Helin discovered that libpng did not properly handle certain malformed PNG images. If a user were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Yosuke Hasegawa discovered that the same-origin check in Thunderbird could be bypassed by utilizing the importScripts Web Worker method. If a user were tricked into viewing malicious content, an attacker could exploit this to read data from other domains. Chris Evans discovered that Thunderbird did not properly process improper CSS selectors. If a user were tricked into viewing malicious content, an attacker could exploit this to read data from other domains. Soroush Dalili discovered that Thunderbird did not properly handle script error output. An attacker could use this to access URL parameters from other domains | ||
Family: | unix | Class: | patch |
Reference(s): | USN-958-1 CVE-2010-1211 CVE-2010-1212 CVE-2010-2752 CVE-2010-2753 CVE-2010-1205 CVE-2010-1213 CVE-2010-0654 CVE-2010-2754 | Version: | 5 |
Platform(s): | Ubuntu 10.04 | Product(s): | thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13136 | |||
Oval ID: | oval:org.mitre.oval:def:13136 | ||
Title: | DSA-2075-1 xulrunner -- several | ||
Description: | Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0182 Wladimir Palant discovered that security checks in XML processing were insufficiently enforced. CVE-2010-0654 Chris Evans discovered that insecure CSS handling could lead to reading data across domain boundaries. CVE-2010-1205 Aki Helin discovered a buffer overflow in the internal copy of libpng, which could lead to the execution of arbitrary code. CVE-2010-1208 "regenrecht" discovered that incorrect memory handling in DOM parsing could lead to the execution of arbitrary code. CVE-2010-1211 Jesse Ruderman, Ehsan Akhgari, Mats Palmgren, Igor Bukanov, Gary Kwong, Tobias Markus and Daniel Holbert discovered crashes in the layout engine, which might allow the execution of arbitrary code. CVE-2010-1214 "JS3" discovered an integer overflow in the plugin code, which could lead to the execution of arbitrary code. CVE-2010-2751 Jordi Chancel discovered that the location could be spoofed to appear like a secured page. CVE-2010-2753 "regenrecht" discovered that incorrect memory handling in XUL parsing could lead to the execution of arbitrary code. CVE-2010-2754 Soroush Dalili discovered an information leak in script processing. For the stable distribution, these problems have been fixed in version 1.9.0.19-3. For the unstable distribution, these problems have been fixed in version 1.9.1.11-1. For the experimental distribution, these problems have been fixed in version 1.9.2.7-1. We recommend that you upgrade your xulrunner packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2075-1 CVE-2010-0182 CVE-2010-0654 CVE-2010-1205 CVE-2010-1208 CVE-2010-1211 CVE-2010-1214 CVE-2010-2751 CVE-2010-2753 CVE-2010-2754 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13256 | |||
Oval ID: | oval:org.mitre.oval:def:13256 | ||
Title: | USN-930-5 -- ant, apturl, epiphany-browser, gluezilla, gnome-python-extras, liferea, mozvoikko, openjdk-6, packagekit, ubufox, webfav, yelp update | ||
Description: | USN-930-4 fixed vulnerabilities in Firefox and Xulrunner on Ubuntu 9.04 and 9.10. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2. Original advisory details: If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS. Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. A flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. An integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Michal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. Ilja van Sprundel discovered that the "Content-Disposition: attachment" HTTP header was ignored when "Content-Type: multipart" was also present. Under certain circumstances, this could potentially lead to cross-site scripting attacks. Amit Klein discovered that Firefox did not seed its random number generator often enough. An attacker could exploit this to identify and track users across different web sites. Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. An integer overflow was discovered in how Firefox processed plugin parameters. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. A flaw was discovered in the Firefox JavaScript engine. If a user were tricked into viewing a malicious site, a remote attacker code execute arbitrary JavaScript with chrome privileges. An integer overflow was discovered in how Firefox processed CSS values. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. An integer overflow was discovered in how Firefox interpreted the XUL <tree> element. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. Aki Helin discovered that libpng did not properly handle certain malformed PNG images. If a user were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Yosuke Hasegawa and Vladimir Vukicevic discovered that the same-origin check in Firefox could be bypassed by utilizing the importScripts Web Worker method. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. O. Andersen that Firefox did not properly map undefined positions within certain 8 bit encodings. An attacker could utilize this to perform cross-site scripting attacks. Michal Zalewski discovered flaws in how Firefox processed the HTTP 204 code. An attacker could exploit this to spoof the location bar, such as in a phishing attack. Jordi Chancel discovered that Firefox did not properly handle when a server responds to an HTTPS request with plaintext and then processes JavaScript history events. An attacker could exploit this to spoof the location bar, such as in a phishing attack. Chris Evans discovered that Firefox did not properly process improper CSS selectors. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. Soroush Dalili discovered that Firefox did not properly handle script error output. An attacker could use this to access URL parameters from other domains | ||
Family: | unix | Class: | patch |
Reference(s): | USN-930-5 CVE-2010-1121 CVE-2010-1200 CVE-2010-1201 CVE-2010-1202 CVE-2010-1203 CVE-2010-1198 CVE-2010-1196 CVE-2010-1199 CVE-2010-1125 CVE-2010-1197 CVE-2008-5913 CVE-2010-1208 CVE-2010-1209 CVE-2010-1211 CVE-2010-1212 CVE-2010-1214 CVE-2010-1215 CVE-2010-2752 CVE-2010-2753 CVE-2010-1205 CVE-2010-1213 CVE-2010-1207 CVE-2010-1210 CVE-2010-1206 CVE-2010-2751 CVE-2010-0654 CVE-2010-2754 | Version: | 7 |
Platform(s): | Ubuntu 9.04 Ubuntu 9.10 | Product(s): | ant apturl epiphany-browser gluezilla gnome-python-extras liferea mozvoikko openjdk-6 packagekit ubufox webfav yelp |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22242 | |||
Oval ID: | oval:org.mitre.oval:def:22242 | ||
Title: | RHSA-2010:0545: thunderbird security update (Critical) | ||
Description: | dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0545-01 CESA-2010:0545 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-1197 CVE-2010-1198 CVE-2010-1199 CVE-2010-1200 CVE-2010-1205 CVE-2010-1211 CVE-2010-1214 CVE-2010-2753 CVE-2010-2754 | Version: | 172 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22344 | |||
Oval ID: | oval:org.mitre.oval:def:22344 | ||
Title: | RHSA-2010:0547: firefox security update (Critical) | ||
Description: | dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0547-01 CESA-2010:0547 CVE-2010-0654 CVE-2010-1205 CVE-2010-1206 CVE-2010-1207 CVE-2010-1208 CVE-2010-1209 CVE-2010-1210 CVE-2010-1211 CVE-2010-1212 CVE-2010-1213 CVE-2010-1214 CVE-2010-1215 CVE-2010-2751 CVE-2010-2752 CVE-2010-2753 CVE-2010-2754 | Version: | 211 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22353 | |||
Oval ID: | oval:org.mitre.oval:def:22353 | ||
Title: | RHSA-2010:0556: firefox security update (Critical) | ||
Description: | layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0556-01 CESA-2010:0556 CVE-2010-2755 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22925 | |||
Oval ID: | oval:org.mitre.oval:def:22925 | ||
Title: | ELSA-2010:0556: firefox security update (Critical) | ||
Description: | layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0556-01 CVE-2010-2755 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23023 | |||
Oval ID: | oval:org.mitre.oval:def:23023 | ||
Title: | ELSA-2010:0547: firefox security update (Critical) | ||
Description: | dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0547-01 CVE-2010-0654 CVE-2010-1205 CVE-2010-1206 CVE-2010-1207 CVE-2010-1208 CVE-2010-1209 CVE-2010-1210 CVE-2010-1211 CVE-2010-1212 CVE-2010-1213 CVE-2010-1214 CVE-2010-1215 CVE-2010-2751 CVE-2010-2752 CVE-2010-2753 CVE-2010-2754 | Version: | 69 |
Platform(s): | Oracle Linux 5 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23041 | |||
Oval ID: | oval:org.mitre.oval:def:23041 | ||
Title: | ELSA-2010:0545: thunderbird security update (Critical) | ||
Description: | dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0545-01 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-1197 CVE-2010-1198 CVE-2010-1199 CVE-2010-1200 CVE-2010-1205 CVE-2010-1211 CVE-2010-1214 CVE-2010-2753 CVE-2010-2754 | Version: | 57 |
Platform(s): | Oracle Linux 5 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28140 | |||
Oval ID: | oval:org.mitre.oval:def:28140 | ||
Title: | DEPRECATED: ELSA-2010-0556 -- firefox security update (critical) | ||
Description: | firefox: [3.6.7-3.0.1.el5] - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones [3.6.7-3] - Rebuild xulrunner: [1.9.2.7-3.0.1.el5] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one. [1.9.2.7-3] - Include fix for 575836 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0556 CVE-2010-2755 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | firefox xulrunner |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8248 | |||
Oval ID: | oval:org.mitre.oval:def:8248 | ||
Title: | Mozilla Firefox Address Bar Spoofing Vulnerability | ||
Description: | The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, does not properly implement the Same Origin Policy in certain circumstances related to the about:blank document and a document that is currently loading, which allows (1) remote web servers to conduct spoofing attacks via vectors involving a 204 (aka No Content) status code, and allows (2) remote attackers to conduct spoofing attacks via vectors involving a window.stop call. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1206 | Version: | 19 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2010-09-25 | MOAUB #25 - Mozilla Firefox CSS font-face Remote Code Execution Vulnerability |
2010-09-17 | MOAUB #17 - Firefox Plugin Parameter EnsureCachedAttrParamArrays Remote Code ... |
2010-07-20 | libpng <= 1.4.2 Denial of Service Vulnerability |
OpenVAS Exploits
Date | Description |
---|---|
2011-09-07 | Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl |
2011-08-26 | Name : Apple iTunes Multiple Vulnerabilities (Mac OS X) File : nvt/secpod_itunes_mult_vuln_macosx.nasl |
2011-08-09 | Name : CentOS Update for libpng CESA-2010:0534 centos5 i386 File : nvt/gb_CESA-2010_0534_libpng_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for thunderbird CESA-2010:0545 centos5 i386 File : nvt/gb_CESA-2010_0545_thunderbird_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2010:0556 centos5 i386 File : nvt/gb_CESA-2010_0556_firefox_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for firefox CESA-2010:0547 centos5 i386 File : nvt/gb_CESA-2010_0547_firefox_centos5_i386.nasl |
2011-03-09 | Name : Gentoo Security Advisory GLSA 201010-01 (libpng) File : nvt/glsa_201010_01.nasl |
2010-11-17 | Name : Debian Security Advisory DSA 2124-1 (xulrunner) File : nvt/deb_2124_1.nasl |
2010-11-16 | Name : SuSE Update for MozillaFirefox,seamonkey,MozillaThunderbird SUSE-SA:2010:056 File : nvt/gb_suse_2010_056.nasl |
2010-10-19 | Name : SuSE Update for MozillaFirefox,MozillaThunderbird,seamonkey SUSE-SA:2010:049 File : nvt/gb_suse_2010_049.nasl |
2010-09-14 | Name : Mandriva Update for firefox MDVSA-2010:173 (firefox) File : nvt/gb_mandriva_MDVSA_2010_173.nasl |
2010-09-07 | Name : Mandriva Update for mozilla-thunderbird MDVSA-2010:169 (mozilla-thunderbird) File : nvt/gb_mandriva_MDVSA_2010_169.nasl |
2010-08-21 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox49.nasl |
2010-08-21 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox48.nasl |
2010-08-21 | Name : Debian Security Advisory DSA 2072-1 (libpng) File : nvt/deb_2072_1.nasl |
2010-08-21 | Name : Debian Security Advisory DSA 2075-1 (xulrunner) File : nvt/deb_2075_1.nasl |
2010-08-20 | Name : CentOS Update for seamonkey CESA-2010:0546 centos3 i386 File : nvt/gb_CESA-2010_0546_seamonkey_centos3_i386.nasl |
2010-08-20 | Name : CentOS Update for seamonkey CESA-2010:0557 centos3 i386 File : nvt/gb_CESA-2010_0557_seamonkey_centos3_i386.nasl |
2010-08-20 | Name : CentOS Update for libpng10 CESA-2010:0534 centos3 i386 File : nvt/gb_CESA-2010_0534_libpng10_centos3_i386.nasl |
2010-08-13 | Name : Mandriva Update for firefox MDVSA-2010:147 (firefox) File : nvt/gb_mandriva_MDVSA_2010_147.nasl |
2010-08-06 | Name : SuSE Update for MozillaFirefox,MozillaThunderbird,seamonkey SUSE-SA:2010:032 File : nvt/gb_suse_2010_032.nasl |
2010-07-30 | Name : Fedora Update for mingw32-libpng FEDORA-2010-10793 File : nvt/gb_fedora_2010_10793_mingw32-libpng_fc13.nasl |
2010-07-30 | Name : Ubuntu Update for Firefox and Xulrunner vulnerability USN-957-2 File : nvt/gb_ubuntu_USN_957_2.nasl |
2010-07-30 | Name : Fedora Update for mingw32-libpng FEDORA-2010-10776 File : nvt/gb_fedora_2010_10776_mingw32-libpng_fc12.nasl |
2010-07-30 | Name : Fedora Update for xulrunner FEDORA-2010-11472 File : nvt/gb_fedora_2010_11472_xulrunner_fc13.nasl |
2010-07-30 | Name : Ubuntu Update for Firefox and Xulrunner vulnerability USN-930-6 File : nvt/gb_ubuntu_USN_930_6.nasl |
2010-07-30 | Name : Fedora Update for xulrunner FEDORA-2010-11452 File : nvt/gb_fedora_2010_11452_xulrunner_fc12.nasl |
2010-07-30 | Name : Ubuntu Update for thunderbird vulnerabilities USN-958-1 File : nvt/gb_ubuntu_USN_958_1.nasl |
2010-07-26 | Name : Ubuntu Update USN-930-5 File : nvt/gb_ubuntu_USN_930_5.nasl |
2010-07-26 | Name : Mozilla Products Multiple Vulnerabilitie july-10 (Windows) File : nvt/gb_mozilla_prdts_mult_vuln_win01_jul10.nasl |
2010-07-26 | Name : Mozilla Products Multiple Vulnerabilitie jul-10 (Win) File : nvt/gb_mozilla_prdts_mult_vuln_win02_jul10.nasl |
2010-07-26 | Name : Mozilla Products Multiple Vulnerabilities jul-10 (Windows) File : nvt/gb_mozilla_prdts_mult_vuln_win_jul10.nasl |
2010-07-26 | Name : Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-930-4 File : nvt/gb_ubuntu_USN_930_4.nasl |
2010-07-26 | Name : RedHat Update for firefox RHSA-2010:0558-01 File : nvt/gb_RHSA-2010_0558-01_firefox.nasl |
2010-07-26 | Name : RedHat Update for seamonkey RHSA-2010:0557-01 File : nvt/gb_RHSA-2010_0557-01_seamonkey.nasl |
2010-07-26 | Name : RedHat Update for firefox RHSA-2010:0556-01 File : nvt/gb_RHSA-2010_0556-01_firefox.nasl |
2010-07-26 | Name : Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-957-1 File : nvt/gb_ubuntu_USN_957_1.nasl |
2010-07-23 | Name : Fedora Update for thunderbird FEDORA-2010-11361 File : nvt/gb_fedora_2010_11361_thunderbird_fc12.nasl |
2010-07-23 | Name : Fedora Update for thunderbird FEDORA-2010-11379 File : nvt/gb_fedora_2010_11379_thunderbird_fc13.nasl |
2010-07-23 | Name : Fedora Update for sunbird FEDORA-2010-11379 File : nvt/gb_fedora_2010_11379_sunbird_fc13.nasl |
2010-07-23 | Name : Fedora Update for xulrunner FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_xulrunner_fc12.nasl |
2010-07-23 | Name : Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_perl-Gtk2-MozEmbed_fc12.nasl |
2010-07-23 | Name : Fedora Update for gnome-web-photo FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_gnome-web-photo_fc12.nasl |
2010-07-23 | Name : RedHat Update for thunderbird RHSA-2010:0544-01 File : nvt/gb_RHSA-2010_0544-01_thunderbird.nasl |
2010-07-23 | Name : RedHat Update for seamonkey RHSA-2010:0546-01 File : nvt/gb_RHSA-2010_0546-01_seamonkey.nasl |
2010-07-23 | Name : RedHat Update for firefox RHSA-2010:0547-01 File : nvt/gb_RHSA-2010_0547-01_firefox.nasl |
2010-07-23 | Name : Fedora Update for libpng10 FEDORA-2010-10823 File : nvt/gb_fedora_2010_10823_libpng10_fc13.nasl |
2010-07-23 | Name : Fedora Update for libpng10 FEDORA-2010-10833 File : nvt/gb_fedora_2010_10833_libpng10_fc12.nasl |
2010-07-23 | Name : Fedora Update for seamonkey FEDORA-2010-11327 File : nvt/gb_fedora_2010_11327_seamonkey_fc13.nasl |
2010-07-23 | Name : Fedora Update for firefox FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_firefox_fc13.nasl |
2010-07-23 | Name : Fedora Update for galeon FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_galeon_fc13.nasl |
2010-07-23 | Name : Fedora Update for gnome-python2-extras FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_gnome-python2-extras_fc13.nasl |
2010-07-23 | Name : Fedora Update for gnome-web-photo FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_gnome-web-photo_fc13.nasl |
2010-07-23 | Name : Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_perl-Gtk2-MozEmbed_fc13.nasl |
2010-07-23 | Name : Fedora Update for mozvoikko FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_mozvoikko_fc12.nasl |
2010-07-23 | Name : Fedora Update for gnome-python2-extras FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_gnome-python2-extras_fc12.nasl |
2010-07-23 | Name : Fedora Update for galeon FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_galeon_fc12.nasl |
2010-07-23 | Name : Fedora Update for firefox FEDORA-2010-11375 File : nvt/gb_fedora_2010_11375_firefox_fc12.nasl |
2010-07-23 | Name : Fedora Update for seamonkey FEDORA-2010-11363 File : nvt/gb_fedora_2010_11363_seamonkey_fc12.nasl |
2010-07-23 | Name : Fedora Update for sunbird FEDORA-2010-11361 File : nvt/gb_fedora_2010_11361_sunbird_fc12.nasl |
2010-07-23 | Name : Fedora Update for xulrunner FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_xulrunner_fc13.nasl |
2010-07-23 | Name : Fedora Update for mozvoikko FEDORA-2010-11345 File : nvt/gb_fedora_2010_11345_mozvoikko_fc13.nasl |
2010-07-16 | Name : Mandriva Update for libpng MDVSA-2010:133 (libpng) File : nvt/gb_mandriva_MDVSA_2010_133.nasl |
2010-07-16 | Name : RedHat Update for libpng RHSA-2010:0534-01 File : nvt/gb_RHSA-2010_0534-01_libpng.nasl |
2010-07-12 | Name : Ubuntu Update for libpng vulnerabilities USN-960-1 File : nvt/gb_ubuntu_USN_960_1.nasl |
2010-07-06 | Name : Fedora Update for libpng FEDORA-2010-10592 File : nvt/gb_fedora_2010_10592_libpng_fc12.nasl |
2010-07-06 | Name : FreeBSD Ports: png File : nvt/freebsd_png4.nasl |
2010-07-02 | Name : Fedora Update for libpng FEDORA-2010-10557 File : nvt/gb_fedora_2010_10557_libpng_fc13.nasl |
2010-07-02 | Name : Mozilla Firefox Address Bar Spoofing Vulnerability june-10 (Win) File : nvt/secpod_mozilla_firefox_spoofing_vuln_win_jun10.nasl |
2010-04-30 | Name : Mandriva Update for gdm MDVA-2010:133 (gdm) File : nvt/gb_mandriva_MDVA_2010_133.nasl |
2010-02-22 | Name : Firefox Multiple Vulnerabilities Feb-10 (Linux) File : nvt/secpod_firefox_mult_vuln_feb10_lin.nasl |
2010-02-22 | Name : Firefox Multiple Vulnerabilities Feb-10 (Win) File : nvt/secpod_firefox_mult_vuln_feb10_win.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2010-180-01 libpng File : nvt/esoft_slk_ssa_2010_180_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
66786 | Mozilla Firefox layout/generic/nsObjectFrame.cpp Plugin Instance Parameter Ar... |
66605 | Mozilla Multiple Products Unspecified Memory Corruption (2010-1211) |
66604 | Mozilla Multiple Products Browser Engine js/src/jstracer.cpp Memory Corruptio... |
66603 | Mozilla Multiple Products SJOW Arbitrary Javascript Execution |
66602 | Mozilla Multiple Products nsCSSValue::Array Overflow |
66601 | Mozilla Multiple Products nsTreeSelection Selection Range Calculation Overflow |
66600 | Mozilla Multiple Products PNG File Handling Overflow |
66599 | Mozilla Multiple Products importScripts Web Worker Method Cross-origin Data D... |
66598 | Mozilla Multiple Products Canvas Context Same-Origin Bypass |
66597 | Mozilla Multiple Products intl/uconv/util/nsUnicodeDecodeHelper.cpp 8-bit Cha... |
66596 | Mozilla Multiple Products CSS Selector Cross-Domain Information Disclosure |
66595 | Mozilla Multiple Products Script Error Cross-origin Data Leakage |
66594 | Mozilla Multiple Browsers EnsureCachedAttrParamArrays Overflow |
66593 | Mozilla Multiple Browsers DOM Attribute Cloning Arbitrary Code Execution |
66592 | Mozilla Multiple Browsers NodeIterator Interface Javascript Callback Use-Afte... |
66591 | Mozilla Multiple Browsers HTTP 204 Location Bar Spoofing |
66590 | Mozilla Multiple Browsers docshell/base/nsDocShell.cpp nsDocShell::OnRedirect... |
65852 | libpng pngpread.c PNG Image Data Height Overflow |
65736 | Mozilla Firefox browser/base/content/browser.js startDocumentLoad Function Sa... |
62464 | Mozilla Firefox CSS Stylesheet Cross-origin Information Disclosure |
Snort® IPS/IDS
Date | Description |
---|---|
2019-12-24 | Mutiple products libpng extra row heap overflow attempt RuleID : 52307 - Revision : 1 - Type : FILE-IMAGE |
2019-12-24 | Mutiple products libpng extra row heap overflow attempt RuleID : 52306 - Revision : 1 - Type : FILE-IMAGE |
2014-05-08 | Mozilla Firefox nsTreeRange Use After Free attempt RuleID : 30486 - Revision : 2 - Type : BROWSER-FIREFOX |
2014-05-08 | Mozilla Firefox nsTreeRange Use After Free attempt RuleID : 30485 - Revision : 2 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Products nsCSSValue Array Index Integer Overflow RuleID : 19321 - Revision : 11 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla EnsureCachedAttrParamArrays integer overflow attempt RuleID : 18809 - Revision : 13 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 2 RuleID : 17154 - Revision : 14 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 1 RuleID : 17153 - Revision : 14 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-12-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-08.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-11.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaFirefox-100727.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaFirefox-100916.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaThunderbird-100721.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaThunderbird-100916.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_MozillaThunderbird-101021.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_mozilla-xulrunner191-100722.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_mozilla-xulrunner191-100917.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_mozilla-xulrunner191-101028.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_seamonkey-100721.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_seamonkey-100917.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_seamonkey-101021.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0534.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0544.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0546.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0547.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0556.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0557.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0558.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0680.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0681.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0682.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0545.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100714_libpng_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100720_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100720_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20100720_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20100720_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2011-08-11 | Name : The remote Windows host has an application that is affected by multiple vulne... File : blackberry_es_png_kb27244.nasl - Type : ACT_GATHER_INFO |
2011-04-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0681.nasl - Type : ACT_GATHER_INFO |
2011-03-10 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_5_0_4.nasl - Type : ACT_GATHER_INFO |
2011-03-03 | Name : The remote host contains an application that has multiple vulnerabilities. File : itunes_10_2.nasl - Type : ACT_GATHER_INFO |
2011-03-03 | Name : The remote host contains a multimedia application that has multiple vulnerabi... File : itunes_10_2_banner.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-100722.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-100921.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libpng-devel-100901.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_mozilla-xulrunner191-101028.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_5.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote host is missing a Mac OS X update that fixes security issues. File : macosx_SecUpd2010-007.nasl - Type : ACT_GATHER_INFO |
2010-11-05 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-7208.nasl - Type : ACT_GATHER_INFO |
2010-11-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2124.nasl - Type : ACT_GATHER_INFO |
2010-11-03 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_mozilla-xulrunner191-101028.nasl - Type : ACT_GATHER_INFO |
2010-11-03 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_mozilla-xulrunner191-101028.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaThunderbird-101021.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_seamonkey-101021.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaThunderbird-101022.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_seamonkey-101021.nasl - Type : ACT_GATHER_INFO |
2010-10-12 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaThunderbird-100916.nasl - Type : ACT_GATHER_INFO |
2010-10-12 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_mozilla-xulrunner191-100917.nasl - Type : ACT_GATHER_INFO |
2010-10-12 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaThunderbird-100917.nasl - Type : ACT_GATHER_INFO |
2010-10-12 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_mozilla-xulrunner191-100917.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-7101.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libpng-7144.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201010-01.nasl - Type : ACT_GATHER_INFO |
2010-09-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-100916.nasl - Type : ACT_GATHER_INFO |
2010-09-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_seamonkey-100917.nasl - Type : ACT_GATHER_INFO |
2010-09-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaFirefox-100916.nasl - Type : ACT_GATHER_INFO |
2010-09-20 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_seamonkey-100917.nasl - Type : ACT_GATHER_INFO |
2010-09-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0680.nasl - Type : ACT_GATHER_INFO |
2010-09-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0681.nasl - Type : ACT_GATHER_INFO |
2010-09-12 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0682.nasl - Type : ACT_GATHER_INFO |
2010-09-12 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-173.nasl - Type : ACT_GATHER_INFO |
2010-09-12 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12642.nasl - Type : ACT_GATHER_INFO |
2010-09-12 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libpng-devel-100901.nasl - Type : ACT_GATHER_INFO |
2010-09-12 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libpng-devel-100901.nasl - Type : ACT_GATHER_INFO |
2010-09-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-975-1.nasl - Type : ACT_GATHER_INFO |
2010-09-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-978-1.nasl - Type : ACT_GATHER_INFO |
2010-09-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0680.nasl - Type : ACT_GATHER_INFO |
2010-09-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0682.nasl - Type : ACT_GATHER_INFO |
2010-09-03 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-169.nasl - Type : ACT_GATHER_INFO |
2010-08-24 | Name : The remote host is missing a Mac OS X update that fixes security issues. File : macosx_SecUpd2010-005.nasl - Type : ACT_GATHER_INFO |
2010-08-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0546.nasl - Type : ACT_GATHER_INFO |
2010-08-12 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-147.nasl - Type : ACT_GATHER_INFO |
2010-08-10 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_c2eac2b59a7d11df8e32000f20797ede.nasl - Type : ACT_GATHER_INFO |
2010-08-09 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0544.nasl - Type : ACT_GATHER_INFO |
2010-08-09 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0558.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-133.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-100722.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaFirefox-100722.nasl - Type : ACT_GATHER_INFO |
2010-07-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2075.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0556.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0557.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0534.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0544.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0546.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0547.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0556.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0557.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0558.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_MozillaThunderbird-100721.nasl - Type : ACT_GATHER_INFO |
2010-07-27 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10776.nasl - Type : ACT_GATHER_INFO |
2010-07-27 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10793.nasl - Type : ACT_GATHER_INFO |
2010-07-27 | Name : The remote Fedora host is missing a security update. File : fedora_2010-11452.nasl - Type : ACT_GATHER_INFO |
2010-07-27 | Name : The remote Fedora host is missing a security update. File : fedora_2010-11472.nasl - Type : ACT_GATHER_INFO |
2010-07-27 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_seamonkey-100721.nasl - Type : ACT_GATHER_INFO |
2010-07-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-930-6.nasl - Type : ACT_GATHER_INFO |
2010-07-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-957-2.nasl - Type : ACT_GATHER_INFO |
2010-07-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-958-1.nasl - Type : ACT_GATHER_INFO |
2010-07-26 | Name : The remote Windows host contains a web browser that may allow execution of re... File : mozilla_firefox_368.nasl - Type : ACT_GATHER_INFO |
2010-07-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-930-4.nasl - Type : ACT_GATHER_INFO |
2010-07-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-930-5.nasl - Type : ACT_GATHER_INFO |
2010-07-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-957-1.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0545.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0547.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote Fedora host is missing a security update. File : fedora_2010-11327.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-11345.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-11361.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote Fedora host is missing a security update. File : fedora_2010-11363.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-11375.nasl - Type : ACT_GATHER_INFO |
2010-07-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-11379.nasl - Type : ACT_GATHER_INFO |
2010-07-22 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_8c2ea875949911df8e32000f20797ede.nasl - Type : ACT_GATHER_INFO |
2010-07-22 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_3511.nasl - Type : ACT_GATHER_INFO |
2010-07-22 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_367.nasl - Type : ACT_GATHER_INFO |
2010-07-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2072.nasl - Type : ACT_GATHER_INFO |
2010-07-21 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10823.nasl - Type : ACT_GATHER_INFO |
2010-07-21 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10833.nasl - Type : ACT_GATHER_INFO |
2010-07-21 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_306.nasl - Type : ACT_GATHER_INFO |
2010-07-21 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_311.nasl - Type : ACT_GATHER_INFO |
2010-07-21 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : seamonkey_206.nasl - Type : ACT_GATHER_INFO |
2010-07-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0534.nasl - Type : ACT_GATHER_INFO |
2010-07-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-960-1.nasl - Type : ACT_GATHER_INFO |
2010-07-06 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10592.nasl - Type : ACT_GATHER_INFO |
2010-07-02 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10557.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-180-01.nasl - Type : ACT_GATHER_INFO |
2010-06-29 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_edef3f2f82cf11dfbcce0018f3e2eb82.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:06:55 |
|