Vulnerabilities > CVE-2006-3810 - Products Remote vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
mozilla
nessus

Summary

Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct.

Nessus

  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2006-0608.NASL
    descriptionUpdated SeaMonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain JavaScript actions. A malicious web page could execute arbitrary JavaScript instructions with the permissions of
    last seen2020-06-01
    modified2020-06-02
    plugin id22162
    published2006-08-07
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/22162
    titleCentOS 3 : seamonkey (CESA-2006:0608)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2006:0608 and 
    # CentOS Errata and Security Advisory 2006:0608 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(22162);
      script_version("1.21");
      script_cvs_date("Date: 2019/10/25 13:36:03");
    
      script_cve_id("CVE-2006-3113", "CVE-2006-3677", "CVE-2006-3801", "CVE-2006-3802", "CVE-2006-3803", "CVE-2006-3804", "CVE-2006-3805", "CVE-2006-3806", "CVE-2006-3807", "CVE-2006-3808", "CVE-2006-3809", "CVE-2006-3810", "CVE-2006-3811", "CVE-2006-3812");
      script_xref(name:"RHSA", value:"2006:0608");
    
      script_name(english:"CentOS 3 : seamonkey (CESA-2006:0608)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated SeaMonkey packages that fix several security bugs are now
    available for Red Hat Enterprise Linux 3.
    
    This update has been rated as having critical security impact by the
    Red Hat Security Response Team.
    
    SeaMonkey is an open source Web browser, advanced email and newsgroup
    client, IRC chat client, and HTML editor.
    
    Several flaws were found in the way SeaMonkey processed certain
    JavaScript actions. A malicious web page could execute arbitrary
    JavaScript instructions with the permissions of 'chrome', allowing the
    page to steal sensitive information or install browser malware.
    (CVE-2006-3807, CVE-2006-3809, CVE-2006-3812)
    
    Several denial of service flaws were found in the way SeaMonkey
    processed certain web content. A malicious web page could crash the
    browser or possibly execute arbitrary code as the user running
    SeaMonkey. (CVE-2006-3801, CVE-2006-3677, CVE-2006-3113,
    CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3811)
    
    A buffer overflow flaw was found in the way SeaMonkey Messenger
    displayed malformed inline vcard attachments. If a victim viewed an
    email message containing a carefully crafted vcard, it was possible to
    execute arbitrary code as the user running SeaMonkey Messenger.
    (CVE-2006-3804)
    
    Several flaws were found in the way SeaMonkey processed certain
    JavaScript actions. A malicious web page could conduct a cross-site
    scripting attack or steal sensitive information (such as cookies owned
    by other domains). (CVE-2006-3802, CVE-2006-3810)
    
    A flaw was found in the way SeaMonkey processed Proxy AutoConfig
    scripts. A malicious Proxy AutoConfig server could execute arbitrary
    JavaScript instructions with the permissions of 'chrome', allowing the
    page to steal sensitive information or install browser malware.
    (CVE-2006-3808)
    
    Users of SeaMonkey are advised to upgrade to this update, which
    contains SeaMonkey version 1.0.3 that corrects these issues."
      );
      # https://lists.centos.org/pipermail/centos-announce/2006-August/013115.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?46fc1784"
      );
      # https://lists.centos.org/pipermail/centos-announce/2006-August/013123.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?49c91b51"
      );
      # https://lists.centos.org/pipermail/centos-announce/2006-August/013124.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?a782cb4c"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected seamonkey packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Suite/Firefox Navigator Object Code Execution');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-chat");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-dom-inspector");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-js-debugger");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-mail");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-nspr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-nspr-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-nss");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-nss-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:3");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2006/07/27");
      script_set_attribute(attribute:"patch_publication_date", value:"2006/08/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2006/08/07");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 3.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-3", reference:"seamonkey-1.0.3-0.el3.1.centos3")) flag++;
    if (rpm_check(release:"CentOS-3", reference:"seamonkey-chat-1.0.3-0.el3.1.centos3")) flag++;
    if (rpm_check(release:"CentOS-3", reference:"seamonkey-devel-1.0.3-0.el3.1.centos3")) flag++;
    if (rpm_check(release:"CentOS-3", reference:"seamonkey-dom-inspector-1.0.3-0.el3.1.centos3")) flag++;
    if (rpm_check(release:"CentOS-3", reference:"seamonkey-js-debugger-1.0.3-0.el3.1.centos3")) flag++;
    if (rpm_check(release:"CentOS-3", reference:"seamonkey-mail-1.0.3-0.el3.1.centos3")) flag++;
    if (rpm_check(release:"CentOS-3", reference:"seamonkey-nspr-1.0.3-0.el3.1.centos3")) flag++;
    if (rpm_check(release:"CentOS-3", reference:"seamonkey-nspr-devel-1.0.3-0.el3.1.centos3")) flag++;
    if (rpm_check(release:"CentOS-3", reference:"seamonkey-nss-1.0.3-0.el3.1.centos3")) flag++;
    if (rpm_check(release:"CentOS-3", reference:"seamonkey-nss-devel-1.0.3-0.el3.1.centos3")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "seamonkey / seamonkey-chat / seamonkey-devel / etc");
    }
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2006-0609.NASL
    descriptionUpdated SeaMonkey packages that fix several security bugs in the mozilla package are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. The Mozilla Foundation has discontinued support for the Mozilla Suite. This update deprecates the Mozilla Suite in Red Hat Enterprise Linux 4 in favor of the supported SeaMonkey Suite. This update also resolves a number of outstanding Mozilla security issues : Several flaws were found in the way SeaMonkey processed certain JavaScript actions. A malicious web page could execute arbitrary JavaScript instructions with the permissions of
    last seen2020-06-01
    modified2020-06-02
    plugin id22163
    published2006-08-07
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/22163
    titleCentOS 4 : seamonkey (CESA-2006:0609)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2006:0609 and 
    # CentOS Errata and Security Advisory 2006:0609 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(22163);
      script_version("1.23");
      script_cvs_date("Date: 2019/10/25 13:36:03");
    
      script_cve_id("CVE-2006-2776", "CVE-2006-2778", "CVE-2006-2779", "CVE-2006-2780", "CVE-2006-2781", "CVE-2006-2782", "CVE-2006-2783", "CVE-2006-2784", "CVE-2006-2785", "CVE-2006-2786", "CVE-2006-2787", "CVE-2006-2788", "CVE-2006-3113", "CVE-2006-3677", "CVE-2006-3801", "CVE-2006-3802", "CVE-2006-3803", "CVE-2006-3804", "CVE-2006-3805", "CVE-2006-3806", "CVE-2006-3807", "CVE-2006-3808", "CVE-2006-3809", "CVE-2006-3810", "CVE-2006-3811", "CVE-2006-3812");
      script_xref(name:"RHSA", value:"2006:0609");
    
      script_name(english:"CentOS 4 : seamonkey (CESA-2006:0609)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated SeaMonkey packages that fix several security bugs in the
    mozilla package are now available for Red Hat Enterprise Linux 4.
    
    This update has been rated as having critical security impact by the
    Red Hat Security Response Team.
    
    SeaMonkey is an open source Web browser, advanced email and newsgroup
    client, IRC chat client, and HTML editor.
    
    The Mozilla Foundation has discontinued support for the Mozilla Suite.
    This update deprecates the Mozilla Suite in Red Hat Enterprise Linux 4
    in favor of the supported SeaMonkey Suite.
    
    This update also resolves a number of outstanding Mozilla security
    issues :
    
    Several flaws were found in the way SeaMonkey processed certain
    JavaScript actions. A malicious web page could execute arbitrary
    JavaScript instructions with the permissions of 'chrome', allowing the
    page to steal sensitive information or install browser malware.
    (CVE-2006-2776, CVE-2006-2784, CVE-2006-2785, CVE-2006-2787,
    CVE-2006-3807, CVE-2006-3809, CVE-2006-3812)
    
    Several denial of service flaws were found in the way SeaMonkey
    processed certain web content. A malicious web page could crash the
    browser or possibly execute arbitrary code as the user running
    SeaMonkey. (CVE-2006-2779, CVE-2006-2780, CVE-2006-3801,
    CVE-2006-3677, CVE-2006-3113, CVE-2006-3803, CVE-2006-3805,
    CVE-2006-3806, CVE-2006-3811)
    
    Two flaws were found in the way SeaMonkey-mail displayed malformed
    inline vcard attachments. If a victim viewed an email message
    containing a carefully crafted vcard it was possible to execute
    arbitrary code as the user running Mozilla-mail. (CVE-2006-2781,
    CVE-2006-3804)
    
    A cross-site scripting flaw was found in the way SeaMonkey processed
    Unicode Byte-Order-Mark (BOM) markers in UTF-8 web pages. A malicious
    web page could execute a script within the browser that a web input
    sanitizer could miss due to a malformed 'script' tag. (CVE-2006-2783)
    
    Several flaws were found in the way SeaMonkey processed certain
    JavaScript actions. A malicious web page could conduct a cross-site
    scripting attack or steal sensitive information (such as cookies owned
    by other domains). (CVE-2006-3802, CVE-2006-3810)
    
    A form file upload flaw was found in the way SeaMonkey handled
    JavaScript input object mutation. A malicious web page could upload an
    arbitrary local file at form submission time without user interaction.
    (CVE-2006-2782)
    
    A denial of service flaw was found in the way SeaMonkey called the
    crypto.signText() JavaScript function. A malicious web page could
    crash the browser if the victim had a client certificate loaded.
    (CVE-2006-2778)
    
    Two HTTP response smuggling flaws were found in the way SeaMonkey
    processed certain invalid HTTP response headers. A malicious website
    could return specially crafted HTTP response headers which may bypass
    HTTP proxy restrictions. (CVE-2006-2786)
    
    A flaw was found in the way SeaMonkey processed Proxy AutoConfig
    scripts. A malicious Proxy AutoConfig server could execute arbitrary
    JavaScript instructions with the permissions of 'chrome', allowing the
    page to steal sensitive information or install browser malware.
    (CVE-2006-3808)
    
    A double free flaw was found in the way the nsIX509::getRawDER method
    was called. If a victim visited a carefully crafted web page, it was
    possible to execute arbitrary code as the user running Mozilla.
    (CVE-2006-2788)
    
    Users of Mozilla are advised to upgrade to this update, which contains
    SeaMonkey version 1.0.3 that corrects these issues."
      );
      # https://lists.centos.org/pipermail/centos-announce/2006-August/013116.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?328dac8f"
      );
      # https://lists.centos.org/pipermail/centos-announce/2006-August/013117.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?5187bc75"
      );
      # https://lists.centos.org/pipermail/centos-announce/2006-August/013126.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?c986fe5f"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected seamonkey packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Suite/Firefox Navigator Object Code Execution');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_cwe_id(20, 94, 119);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:devhelp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:devhelp-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-chat");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-dom-inspector");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-js-debugger");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-mail");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-nspr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-nspr-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-nss");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-nss-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2006/06/02");
      script_set_attribute(attribute:"patch_publication_date", value:"2006/08/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2006/08/07");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 4.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"devhelp-0.10-0.2.el4")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"devhelp-0.10-0.2.el4")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"devhelp-devel-0.10-0.2.el4")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"devhelp-devel-0.10-0.2.el4")) flag++;
    if (rpm_check(release:"CentOS-4", reference:"seamonkey-1.0.3-0.el4.1.centos4")) flag++;
    if (rpm_check(release:"CentOS-4", reference:"seamonkey-chat-1.0.3-0.el4.1.centos4")) flag++;
    if (rpm_check(release:"CentOS-4", reference:"seamonkey-devel-1.0.3-0.el4.1.centos4")) flag++;
    if (rpm_check(release:"CentOS-4", reference:"seamonkey-dom-inspector-1.0.3-0.el4.1.centos4")) flag++;
    if (rpm_check(release:"CentOS-4", reference:"seamonkey-js-debugger-1.0.3-0.el4.1.centos4")) flag++;
    if (rpm_check(release:"CentOS-4", reference:"seamonkey-mail-1.0.3-0.el4.1.centos4")) flag++;
    if (rpm_check(release:"CentOS-4", reference:"seamonkey-nspr-1.0.3-0.el4.1.centos4")) flag++;
    if (rpm_check(release:"CentOS-4", reference:"seamonkey-nspr-devel-1.0.3-0.el4.1.centos4")) flag++;
    if (rpm_check(release:"CentOS-4", reference:"seamonkey-nss-1.0.3-0.el4.1.centos4")) flag++;
    if (rpm_check(release:"CentOS-4", reference:"seamonkey-nss-devel-1.0.3-0.el4.1.centos4")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "devhelp / devhelp-devel / seamonkey / seamonkey-chat / etc");
    }
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2006-0610.NASL
    descriptionUpdated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. The Mozilla Foundation has discontinued support for the Mozilla Firefox 1.0 branch. This update deprecates the Mozilla Firefox 1.0 branch in Red Hat Enterprise Linux 4 in favor of the supported Mozilla Firefox 1.5 branch. This update also resolves a number of outstanding Firefox security issues : Several flaws were found in the way Firefox processed certain JavaScript actions. A malicious web page could execute arbitrary JavaScript instructions with the permissions of
    last seen2020-06-01
    modified2020-06-02
    plugin id22137
    published2006-08-04
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/22137
    titleCentOS 4 : Firefox (CESA-2006:0610)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2006:0610 and 
    # CentOS Errata and Security Advisory 2006:0610 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(22137);
      script_version("1.22");
      script_cvs_date("Date: 2019/10/25 13:36:03");
    
      script_cve_id("CVE-2006-2776", "CVE-2006-2778", "CVE-2006-2779", "CVE-2006-2780", "CVE-2006-2782", "CVE-2006-2783", "CVE-2006-2784", "CVE-2006-2785", "CVE-2006-2786", "CVE-2006-2787", "CVE-2006-2788", "CVE-2006-3113", "CVE-2006-3677", "CVE-2006-3801", "CVE-2006-3802", "CVE-2006-3803", "CVE-2006-3805", "CVE-2006-3806", "CVE-2006-3807", "CVE-2006-3808", "CVE-2006-3809", "CVE-2006-3810", "CVE-2006-3811", "CVE-2006-3812");
      script_xref(name:"RHSA", value:"2006:0610");
    
      script_name(english:"CentOS 4 : Firefox (CESA-2006:0610)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated firefox packages that fix several security bugs are now
    available for Red Hat Enterprise Linux 4.
    
    This update has been rated as having critical security impact by the
    Red Hat Security Response Team.
    
    Mozilla Firefox is an open source Web browser.
    
    The Mozilla Foundation has discontinued support for the Mozilla
    Firefox 1.0 branch. This update deprecates the Mozilla Firefox 1.0
    branch in Red Hat Enterprise Linux 4 in favor of the supported Mozilla
    Firefox 1.5 branch.
    
    This update also resolves a number of outstanding Firefox security
    issues :
    
    Several flaws were found in the way Firefox processed certain
    JavaScript actions. A malicious web page could execute arbitrary
    JavaScript instructions with the permissions of 'chrome', allowing the
    page to steal sensitive information or install browser malware.
    (CVE-2006-2776, CVE-2006-2784, CVE-2006-2785, CVE-2006-2787,
    CVE-2006-3807, CVE-2006-3809, CVE-2006-3812)
    
    Several denial of service flaws were found in the way Firefox
    processed certain web content. A malicious web page could crash the
    browser or possibly execute arbitrary code as the user running
    Firefox. (CVE-2006-2779, CVE-2006-2780, CVE-2006-3801, CVE-2006-3677,
    CVE-2006-3113, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806,
    CVE-2006-3811)
    
    A cross-site scripting flaw was found in the way Firefox processed
    Unicode Byte-Order-Mark (BOM) markers in UTF-8 web pages. A malicious
    web page could execute a script within the browser that a web input
    sanitizer could miss due to a malformed 'script' tag. (CVE-2006-2783)
    
    Several flaws were found in the way Firefox processed certain
    JavaScript actions. A malicious web page could conduct a cross-site
    scripting attack or steal sensitive information (such as cookies owned
    by other domains). (CVE-2006-3802, CVE-2006-3810)
    
    A form file upload flaw was found in the way Firefox handled
    JavaScript input object mutation. A malicious web page could upload an
    arbitrary local file at form submission time without user interaction.
    (CVE-2006-2782)
    
    A denial of service flaw was found in the way Firefox called the
    crypto.signText() JavaScript function. A malicious web page could
    crash the browser if the victim had a client certificate loaded.
    (CVE-2006-2778)
    
    Two HTTP response smuggling flaws were found in the way Firefox
    processed certain invalid HTTP response headers. A malicious website
    could return specially crafted HTTP response headers which may bypass
    HTTP proxy restrictions. (CVE-2006-2786)
    
    A flaw was found in the way Firefox processed Proxy AutoConfig
    scripts. A malicious Proxy AutoConfig server could execute arbitrary
    JavaScript instructions with the permissions of 'chrome', allowing the
    page to steal sensitive information or install browser malware.
    (CVE-2006-3808)
    
    A double free flaw was found in the way the nsIX509::getRawDER method
    was called. If a victim visited a carefully crafted web page, it was
    possible to execute arbitrary code as the user running Firefox.
    (CVE-2006-2788)
    
    Users of Firefox are advised to upgrade to this update, which contains
    Firefox version 1.5.0.5 that corrects these issues."
      );
      # https://lists.centos.org/pipermail/centos-announce/2006-July/013071.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?944d3248"
      );
      # https://lists.centos.org/pipermail/centos-announce/2006-July/013072.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?2fc400b0"
      );
      # https://lists.centos.org/pipermail/centos-announce/2006-July/013084.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?deef7c43"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected firefox package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Suite/Firefox Navigator Object Code Execution');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_cwe_id(20, 94, 119);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:firefox");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2006/06/02");
      script_set_attribute(attribute:"patch_publication_date", value:"2006/07/31");
      script_set_attribute(attribute:"plugin_publication_date", value:"2006/08/04");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 4.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-4", reference:"firefox-1.5.0.5-0.el4.1.centos4")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "firefox");
    }
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2006-146.NASL
    descriptionA number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program. Corporate 3 had contained the Mozilla suite however, due to the support cycle for Mozilla, it was felt that upgrading Mozilla to Firefox and Thunderbird would allow for better future support for Corporate 3 users. To that end, the latest Thunderbird is being provided for Corporate 3 users which fix all known vulnerabilities up to version 1.5.0.5, as well as providing new and enhanced features. Corporate users who were using Mozilla for mail may need to explicitly install the new mozilla-thunderbird packages. For 2006 users, no explicit installs are necessary. The following CVE names have been corrected with this update: CVE-2006-2775, CVE-2006-2776, CVE-2006-2778, CVE-2006-2779, CVE-2006-2780, CVE-2006-2781, CVE-2006-2783, CVE-2006-2787, CVE-2006-3803, CVE-2006-3804, CVE-2006-3806, CVE-2006-3807, CVE-2006-3113, CVE-2006-3802, CVE-2006-3805, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812.
    last seen2020-06-01
    modified2020-06-02
    plugin id23894
    published2006-12-16
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/23894
    titleMandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2006:146)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandrake Linux Security Advisory MDKSA-2006:146. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(23894);
      script_version ("1.18");
      script_cvs_date("Date: 2019/08/02 13:32:48");
    
      script_cve_id("CVE-2006-2775", "CVE-2006-2776", "CVE-2006-2778", "CVE-2006-2779", "CVE-2006-2780", "CVE-2006-2781", "CVE-2006-2783", "CVE-2006-2787", "CVE-2006-3113", "CVE-2006-3802", "CVE-2006-3803", "CVE-2006-3804", "CVE-2006-3805", "CVE-2006-3806", "CVE-2006-3807", "CVE-2006-3809", "CVE-2006-3810", "CVE-2006-3811", "CVE-2006-3812", "CVE-2007-1794");
      script_xref(name:"MDKSA", value:"2006:146");
    
      script_name(english:"Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2006:146)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandrake Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A number of security vulnerabilities have been discovered and
    corrected in the latest Mozilla Thunderbird program.
    
    Corporate 3 had contained the Mozilla suite however, due to the
    support cycle for Mozilla, it was felt that upgrading Mozilla to
    Firefox and Thunderbird would allow for better future support for
    Corporate 3 users. To that end, the latest Thunderbird is being
    provided for Corporate 3 users which fix all known vulnerabilities up
    to version 1.5.0.5, as well as providing new and enhanced features.
    
    Corporate users who were using Mozilla for mail may need to explicitly
    install the new mozilla-thunderbird packages.
    
    For 2006 users, no explicit installs are necessary.
    
    The following CVE names have been corrected with this update:
    CVE-2006-2775, CVE-2006-2776, CVE-2006-2778, CVE-2006-2779,
    CVE-2006-2780, CVE-2006-2781, CVE-2006-2783, CVE-2006-2787,
    CVE-2006-3803, CVE-2006-3804, CVE-2006-3806, CVE-2006-3807,
    CVE-2006-3113, CVE-2006-3802, CVE-2006-3805, CVE-2006-3809,
    CVE-2006-3810, CVE-2006-3811, CVE-2006-3812."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-31/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-32/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-33/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-35/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-40/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-42/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozilla.org/security/announce/2006/mfsa2006-46.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozilla.org/security/announce/2006/mfsa2006-47.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozilla.org/security/announce/2006/mfsa2006-48.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozilla.org/security/announce/2006/mfsa2006-49.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozilla.org/security/announce/2006/mfsa2006-50.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozilla.org/security/announce/2006/mfsa2006-51.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozilla.org/security/announce/2006/mfsa2006-53.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozilla.org/security/announce/2006/mfsa2006-54.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozilla.org/security/announce/2006/mfsa2006-55.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozilla.org/security/announce/2006/mfsa2006-56.html"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_cwe_id(94, 119);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-br");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ca");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-cs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-da");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-de");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-el");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ca");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-cs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-de");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-es");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-hu");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-it");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ja");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt_BR");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ru");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-zh");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-zh_CN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-es");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-fi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-fr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-he");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-hu");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-it");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ja");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ko");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-nb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-nl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pt_BR");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ru");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-tr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-zh_CN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nsinstall");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2006");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2006/08/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2006/12/16");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-1.5.0.5-2.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-br-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-ca-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-cs-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-da-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-de-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-devel-1.5.0.5-2.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-el-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-1.5.0.5-2.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-ca-1.5.0.5-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-cs-1.5.0.5-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-de-1.5.0.5-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-es-1.5.0.5-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-fi-1.5.0.5-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-fr-1.5.0.5-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-hu-1.5.0.5-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-it-1.5.0.5-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-ja-1.5.0.5-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-nb-1.5.0.5-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-nl-1.5.0.5-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-pl-1.5.0.5-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-pt-1.5.0.5-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-pt_BR-1.5.0.5-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-ru-1.5.0.5-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-zh-1.5.0.5-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-enigmail-zh_CN-1.5.0.5-0.1.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-es-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-fi-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-fr-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-he-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-hu-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-it-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-ja-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-ko-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-nb-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-nl-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-pl-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-pt_BR-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-ru-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-sk-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-sl-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-sv-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-tr-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"mozilla-thunderbird-zh_CN-1.5.0.5-0.2.20060mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK2006.0", reference:"nsinstall-1.5.0.5-2.1.20060mdk", yank:"mdk")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_MOZILLATHUNDERBIRD-1924.NASL
    descriptionThis security update brings Mozilla Thunderbird to version 1.5.0.6. Note that on SUSE Linux 9.2, 9.3 and 10.0 this is a major version upgrade. More Details can be found on this page: http://www.mozilla.org/projects/security/known-vulnerabilities.html It includes fixes to the following security problems : - CVE-2006-3801/MFSA 2006-44: Code execution through deleted frame reference Thilo Girmann discovered that in certain circumstances a JavaScript reference to a frame or window was not properly cleared when the referenced content went away, and he demonstrated that this pointer to a deleted object could be used to execute native code supplied by the attacker. - CVE-2006-3113/MFSA 2006-46: Memory corruption with simultaneous events Secunia Research has discovered a vulnerability in Mozilla Firefox 1.5 branch, which can be exploited by malicious people to compromise a user
    last seen2020-06-01
    modified2020-06-02
    plugin id27125
    published2007-10-17
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27125
    titleopenSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-1924)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update MozillaThunderbird-1924.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(27125);
      script_version ("1.14");
      script_cvs_date("Date: 2019/10/25 13:36:28");
    
      script_cve_id("CVE-2006-3113", "CVE-2006-3801", "CVE-2006-3802", "CVE-2006-3803", "CVE-2006-3804", "CVE-2006-3805", "CVE-2006-3806", "CVE-2006-3807", "CVE-2006-3808", "CVE-2006-3809", "CVE-2006-3810", "CVE-2006-3811");
    
      script_name(english:"openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-1924)");
      script_summary(english:"Check for the MozillaThunderbird-1924 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This security update brings Mozilla Thunderbird to version 1.5.0.6.
    
    Note that on SUSE Linux 9.2, 9.3 and 10.0 this is a major version
    upgrade.
    
    More Details can be found on this page:
    http://www.mozilla.org/projects/security/known-vulnerabilities.html
    
    It includes fixes to the following security problems :
    
      - CVE-2006-3801/MFSA 2006-44: Code execution through
        deleted frame reference
    
        Thilo Girmann discovered that in certain circumstances a
        JavaScript reference to a frame or window was not
        properly cleared when the referenced content went away,
        and he demonstrated that this pointer to a deleted
        object could be used to execute native code supplied by
        the attacker.
    
      - CVE-2006-3113/MFSA 2006-46: Memory corruption with
        simultaneous events
    
        Secunia Research has discovered a vulnerability in
        Mozilla Firefox 1.5 branch, which can be exploited by
        malicious people to compromise a user's system.
    
        The vulnerability is caused due to an memory corruption
        error within the handling of simultaneously happening
        XPCOM events, which leads to use of a deleted timer
        object. This generally results in a crash but
        potentially could be exploited to execute arbitrary code
        on a user's system when a malicious website is visited.
    
      - CVE-2006-3802/MFSA 2006-47: Native DOM methods can be
        hijacked across domains
    
        A malicious page can hijack native DOM methods on a
        document object in another domain, which will run the
        attacker's script when called by the victim page. This
        could be used to steal login cookies, password, or other
        sensitive data on the target page, or to perform actions
        on behalf of a logged-in user.
    
        Access checks on all other properties and document nodes
        are performed correctly. This cross-site scripting (XSS)
        attack is limited to pages which use standard DOM
        methods of the top-level document object, such as
        document.getElementById(). This includes many popular
        sites, especially the newer ones that offer rich
        interaction to the user.
    
      - CVE-2006-3803/MFSA 2006-48: JavaScript new Function race
        condition
    
        H. D. Moore reported a testcase that was able to trigger
        a race condition where JavaScript garbage collection
        deleted a temporary variable still being used in the
        creation of a new Function object. The resulting use of
        a deleted object may be potentially exploitable to run
        native code provided by the attacker.
    
      - CVE-2006-3804/MFSA 2006-49: Heap buffer overwrite on
        malformed VCard
    
        A VCard attachment with a malformed base64 field (such
        as a photo) can trigger a heap buffer overwrite. These
        have proven exploitable in the past, though in this case
        the overwrite is accompanied by an integer underflow
        that would attempt to copy more data than the typical
        machine has, leading to a crash.
    
      - CVE-2006-3805/CVE-2006-3806/MFSA 2006-50: JavaScript
        engine vulnerabilities
    
        Continuing our security audit of the JavaScript engine,
        Mozilla developers found and fixed several potential
        vulnerabilities.
    
        Igor Bukanov and shutdown found additional places where
        an untimely garbage collection could delete a temporary
        object that was in active use (similar to MFSA 2006-01
        and MFSA 2006-10). Some of these may allow an attacker
        to run arbitrary code given the right conditions.
    
        Georgi Guninski found potential integer overflow issues
        with long strings in the toSource() methods of the
        Object, Array and String objects as well as string
        function arguments.
    
      - CVE-2006-3807/MFSA 2006-51: Privilege escalation using
        named-functions and redefined 'new Object()'
    
        moz_bug_r_a4 discovered that named JavaScript functions
        have a parent object created using the standard Object()
        constructor (ECMA-specified behavior) and that this
        constructor can be redefined by script (also
        ECMA-specified behavior). If the Object() constructor is
        changed to return a reference to a privileged object
        with useful properties it is possible to have
        attacker-supplied script excuted with elevated
        privileges by calling the function. This could be used
        to install malware or take other malicious actions.
    
        Our fix involves calling the internal Object constructor
        which appears to be what other ECMA-compatible
        interpreters do.
    
      - CVE-2006-3808/MFSA 2006-52: PAC privilege escalation
        using Function.prototype.call
    
        moz_bug_r_a4 reports that a malicious Proxy AutoConfig
        (PAC) server could serve a PAC script that can execute
        code with elevated privileges by setting the required
        FindProxyForURL function to the eval method on a
        privileged object that leaked into the PAC sandbox. By
        redirecting the victim to a specially crafted URL --
        easily done since the PAC script controls which proxy to
        use -- the URL 'hostname' can be executed as privileged
        script.
    
        A malicious proxy server can perform spoofing attacks on
        the user so it was already important to use a
        trustworthy PAC server.
    
      - CVE-2006-3809/MFSA 2006-53: UniversalBrowserRead
        privilege escalation
    
        shutdown reports that scripts granted the
        UniversalBrowserRead privilege can leverage that into
        the equivalent of the far more powerful
        UniversalXPConnect since they are allowed to 'read' into
        a privileged context. This allows the attacker the
        ability to run scripts with the full privelege of the
        user running the browser, possibly installing malware or
        snooping on private data. This has been fixed so that
        UniversalBrowserRead and UniversalBrowserWrite are
        limited to reading from and writing into only
        normally-privileged browser windows and frames.
    
      - CVE-2006-3810/MFSA 2006-54: XSS with
        XPCNativeWrapper(window).Function(...)
    
        shutdown reports that cross-site scripting (XSS) attacks
        could be performed using the construct
        XPCNativeWrapper(window).Function(...), which created a
        function that appeared to belong to the window in
        question even after it had been navigated to the target
        site.
    
      - CVE-2006-3811/MFSA 2006-55: Crashes with evidence of
        memory corruption
    
        As part of the Firefox 1.5.0.5 stability and security
        release, developers in the Mozilla community looked for
        and fixed several crash bugs to improve the stability of
        Mozilla clients. Some of these crashes showed evidence
        of memory corruption that we presume could be exploited
        to run arbitrary code with enough effort."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozilla.org/projects/security/known-vulnerabilities.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected MozillaThunderbird packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2006/08/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/17");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE10\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE10.1", reference:"MozillaThunderbird-1.5.0.5-0.1") ) flag++;
    if ( rpm_check(release:"SUSE10.1", reference:"MozillaThunderbird-translations-1.5.0.5-0.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaThunderbird");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1159.NASL
    descriptionThe latest security updates of Mozilla Thunderbird introduced a regression that led to a dysfunctional attachment panel which warrants a correction to fix this issue. For reference please find below the original advisory text : Several security related problems have been discovered in Mozilla and derived products such as Mozilla Thunderbird. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2006-2779 Mozilla team members discovered several crashes during testing of the browser engine showing evidence of memory corruption which may also lead to the execution of arbitrary code. The last bit of this problem will be corrected with the next update. You can prevent any trouble by disabling JavaScript. [MFSA-2006-32] - CVE-2006-3805 The JavaScript engine might allow remote attackers to execute arbitrary code. [MFSA-2006-50] - CVE-2006-3806 Multiple integer overflows in the JavaScript engine might allow remote attackers to execute arbitrary code. [MFSA-2006-50] - CVE-2006-3807 Specially crafted JavaScript allows remote attackers to execute arbitrary code. [MFSA-2006-51] - CVE-2006-3808 Remote Proxy AutoConfig (PAC) servers could execute code with elevated privileges via a specially crafted PAC script. [MFSA-2006-52] - CVE-2006-3809 Scripts with the UniversalBrowserRead privilege could gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data. [MFSA-2006-53] - CVE-2006-3810 A cross-site scripting vulnerability allows remote attackers to inject arbitrary web script or HTML. [MFSA-2006-54]
    last seen2020-06-01
    modified2020-06-02
    plugin id22701
    published2006-10-14
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22701
    titleDebian DSA-1159-2 : mozilla-thunderbird - several vulnerabilities
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-1159. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(22701);
      script_version("1.26");
      script_cvs_date("Date: 2019/08/02 13:32:19");
    
      script_cve_id("CVE-2006-2779", "CVE-2006-3805", "CVE-2006-3806", "CVE-2006-3807", "CVE-2006-3808", "CVE-2006-3809", "CVE-2006-3810");
      script_bugtraq_id(18228, 19181);
      script_xref(name:"CERT", value:"466673");
      script_xref(name:"CERT", value:"655892");
      script_xref(name:"CERT", value:"687396");
      script_xref(name:"CERT", value:"876420");
      script_xref(name:"CERT", value:"911004");
      script_xref(name:"DSA", value:"1159");
    
      script_name(english:"Debian DSA-1159-2 : mozilla-thunderbird - several vulnerabilities");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The latest security updates of Mozilla Thunderbird introduced a
    regression that led to a dysfunctional attachment panel which warrants
    a correction to fix this issue. For reference please find below the
    original advisory text :
    
      Several security related problems have been discovered in Mozilla
      and derived products such as Mozilla Thunderbird. The Common
      Vulnerabilities and Exposures project identifies the following
      vulnerabilities :
    
        - CVE-2006-2779
          Mozilla team members discovered several crashes during
          testing of the browser engine showing evidence of
          memory corruption which may also lead to the execution
          of arbitrary code. The last bit of this problem will
          be corrected with the next update. You can prevent any
          trouble by disabling JavaScript. [MFSA-2006-32]
    
        - CVE-2006-3805
          The JavaScript engine might allow remote attackers to
          execute arbitrary code. [MFSA-2006-50]
    
        - CVE-2006-3806
          Multiple integer overflows in the JavaScript engine
          might allow remote attackers to execute arbitrary
          code. [MFSA-2006-50]
    
        - CVE-2006-3807
          Specially crafted JavaScript allows remote attackers
          to execute arbitrary code. [MFSA-2006-51]
    
        - CVE-2006-3808
          Remote Proxy AutoConfig (PAC) servers could execute
          code with elevated privileges via a specially crafted
          PAC script. [MFSA-2006-52]
    
        - CVE-2006-3809
          Scripts with the UniversalBrowserRead privilege could
          gain UniversalXPConnect privileges and possibly
          execute code or obtain sensitive data. [MFSA-2006-53]
    
        - CVE-2006-3810
          A cross-site scripting vulnerability allows remote
          attackers to inject arbitrary web script or HTML.
          [MFSA-2006-54]"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2006-2779"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2006-3805"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2006-3806"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2006-3807"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2006-3808"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2006-3809"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2006-3810"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.debian.org/security/2006/dsa-1159"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the mozilla-thunderbird package.
    
    For the stable distribution (sarge) these problems have been fixed in
    version 1.0.2-2.sarge1.0.8b.2."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(94);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mozilla-thunderbird");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.1");
    
      script_set_attribute(attribute:"plugin_publication_date", value:"2006/10/14");
      script_set_attribute(attribute:"vuln_publication_date", value:"2006/06/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"3.1", prefix:"mozilla-thunderbird", reference:"1.0.2-2.sarge1.0.8b.2")) flag++;
    if (deb_check(release:"3.1", prefix:"mozilla-thunderbird-dev", reference:"1.0.2-2.sarge1.0.8b.2")) flag++;
    if (deb_check(release:"3.1", prefix:"mozilla-thunderbird-inspector", reference:"1.0.2-2.sarge1.0.8b.2")) flag++;
    if (deb_check(release:"3.1", prefix:"mozilla-thunderbird-offline", reference:"1.0.2-2.sarge1.0.8b.2")) flag++;
    if (deb_check(release:"3.1", prefix:"mozilla-thunderbird-typeaheadfind", reference:"1.0.2-2.sarge1.0.8b.2")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-327-1.NASL
    descriptionVarious flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious URL. (CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3811, CVE-2006-3812) cross-site scripting vulnerabilities were found in the XPCNativeWrapper() function and native DOM method handlers. A malicious website could exploit these to modify the contents or steal confidential data (such as passwords) from other opened web pages. (CVE-2006-3802, CVE-2006-3810) A bug was found in the script handler for automatic proxy configuration. A malicious proxy could send scripts which could execute arbitrary code with the user
    last seen2020-06-01
    modified2020-06-02
    plugin id27905
    published2007-11-10
    reporterUbuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27905
    titleUbuntu 6.06 LTS : firefox vulnerabilities (USN-327-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-327-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(27905);
      script_version("1.18");
      script_cvs_date("Date: 2019/08/02 13:33:01");
    
      script_cve_id("CVE-2006-3113", "CVE-2006-3677", "CVE-2006-3801", "CVE-2006-3802", "CVE-2006-3803", "CVE-2006-3805", "CVE-2006-3806", "CVE-2006-3807", "CVE-2006-3808", "CVE-2006-3809", "CVE-2006-3810", "CVE-2006-3811", "CVE-2006-3812", "CVE-2007-1794");
      script_xref(name:"USN", value:"327-1");
    
      script_name(english:"Ubuntu 6.06 LTS : firefox vulnerabilities (USN-327-1)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Various flaws have been reported that allow an attacker to execute
    arbitrary code with user privileges by tricking the user into opening
    a malicious URL. (CVE-2006-3113, CVE-2006-3677, CVE-2006-3801,
    CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807,
    CVE-2006-3809, CVE-2006-3811, CVE-2006-3812)
    
    cross-site scripting vulnerabilities were found in the
    XPCNativeWrapper() function and native DOM method handlers. A
    malicious website could exploit these to modify the contents or steal
    confidential data (such as passwords) from other opened web pages.
    (CVE-2006-3802, CVE-2006-3810)
    
    A bug was found in the script handler for automatic proxy
    configuration. A malicious proxy could send scripts which could
    execute arbitrary code with the user's privileges. (CVE-2006-3808)
    
    Please see 
    
    http://www.mozilla.org/projects/security/known-vulnerabilities.html#Fi
    refox
    
    for technical details of these vulnerabilities.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/327-1/"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Suite/Firefox Navigator Object Code Execution');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-dbg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-dom-inspector");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-gnome-support");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libnspr-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libnspr4");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libnss-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libnss3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mozilla-firefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mozilla-firefox-dev");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2006/07/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/10");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! ereg(pattern:"^(6\.06)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 6.06", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"6.06", pkgname:"firefox", pkgver:"1.5.dfsg+1.5.0.5-0ubuntu6.06")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"firefox-dbg", pkgver:"1.5.dfsg+1.5.0.5-0ubuntu6.06")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"firefox-dev", pkgver:"1.5.dfsg+1.5.0.5-0ubuntu6.06")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"firefox-dom-inspector", pkgver:"1.5.dfsg+1.5.0.5-0ubuntu6.06")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"firefox-gnome-support", pkgver:"1.5.dfsg+1.5.0.5-0ubuntu6.06")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"libnspr-dev", pkgver:"1.firefox1.5.dfsg+1.5.0.5-0ubuntu6.06")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"libnspr4", pkgver:"1.firefox1.5.dfsg+1.5.0.5-0ubuntu6.06")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"libnss-dev", pkgver:"1.firefox1.5.dfsg+1.5.0.5-0ubuntu6.06")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"libnss3", pkgver:"1.firefox1.5.dfsg+1.5.0.5-0ubuntu6.06")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"mozilla-firefox", pkgver:"1.5.dfsg+1.5.0.5-0ubuntu6.06")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"mozilla-firefox-dev", pkgver:"1.5.dfsg+1.5.0.5-0ubuntu6.06")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "firefox / firefox-dbg / firefox-dev / firefox-dom-inspector / etc");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2006-0610.NASL
    descriptionUpdated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. The Mozilla Foundation has discontinued support for the Mozilla Firefox 1.0 branch. This update deprecates the Mozilla Firefox 1.0 branch in Red Hat Enterprise Linux 4 in favor of the supported Mozilla Firefox 1.5 branch. This update also resolves a number of outstanding Firefox security issues : Several flaws were found in the way Firefox processed certain JavaScript actions. A malicious web page could execute arbitrary JavaScript instructions with the permissions of
    last seen2020-06-01
    modified2020-06-02
    plugin id22121
    published2006-07-29
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/22121
    titleRHEL 4 : firefox (RHSA-2006:0610)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2006:0610. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(22121);
      script_version ("1.29");
      script_cvs_date("Date: 2019/10/25 13:36:12");
    
      script_cve_id("CVE-2006-2776", "CVE-2006-2778", "CVE-2006-2779", "CVE-2006-2780", "CVE-2006-2782", "CVE-2006-2783", "CVE-2006-2784", "CVE-2006-2785", "CVE-2006-2786", "CVE-2006-2787", "CVE-2006-2788", "CVE-2006-3113", "CVE-2006-3677", "CVE-2006-3801", "CVE-2006-3802", "CVE-2006-3803", "CVE-2006-3805", "CVE-2006-3806", "CVE-2006-3807", "CVE-2006-3808", "CVE-2006-3809", "CVE-2006-3810", "CVE-2006-3811", "CVE-2006-3812");
      script_xref(name:"RHSA", value:"2006:0610");
    
      script_name(english:"RHEL 4 : firefox (RHSA-2006:0610)");
      script_summary(english:"Checks the rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated firefox packages that fix several security bugs are now
    available for Red Hat Enterprise Linux 4.
    
    This update has been rated as having critical security impact by the
    Red Hat Security Response Team.
    
    Mozilla Firefox is an open source Web browser.
    
    The Mozilla Foundation has discontinued support for the Mozilla
    Firefox 1.0 branch. This update deprecates the Mozilla Firefox 1.0
    branch in Red Hat Enterprise Linux 4 in favor of the supported Mozilla
    Firefox 1.5 branch.
    
    This update also resolves a number of outstanding Firefox security
    issues :
    
    Several flaws were found in the way Firefox processed certain
    JavaScript actions. A malicious web page could execute arbitrary
    JavaScript instructions with the permissions of 'chrome', allowing the
    page to steal sensitive information or install browser malware.
    (CVE-2006-2776, CVE-2006-2784, CVE-2006-2785, CVE-2006-2787,
    CVE-2006-3807, CVE-2006-3809, CVE-2006-3812)
    
    Several denial of service flaws were found in the way Firefox
    processed certain web content. A malicious web page could crash the
    browser or possibly execute arbitrary code as the user running
    Firefox. (CVE-2006-2779, CVE-2006-2780, CVE-2006-3801, CVE-2006-3677,
    CVE-2006-3113, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806,
    CVE-2006-3811)
    
    A cross-site scripting flaw was found in the way Firefox processed
    Unicode Byte-Order-Mark (BOM) markers in UTF-8 web pages. A malicious
    web page could execute a script within the browser that a web input
    sanitizer could miss due to a malformed 'script' tag. (CVE-2006-2783)
    
    Several flaws were found in the way Firefox processed certain
    JavaScript actions. A malicious web page could conduct a cross-site
    scripting attack or steal sensitive information (such as cookies owned
    by other domains). (CVE-2006-3802, CVE-2006-3810)
    
    A form file upload flaw was found in the way Firefox handled
    JavaScript input object mutation. A malicious web page could upload an
    arbitrary local file at form submission time without user interaction.
    (CVE-2006-2782)
    
    A denial of service flaw was found in the way Firefox called the
    crypto.signText() JavaScript function. A malicious web page could
    crash the browser if the victim had a client certificate loaded.
    (CVE-2006-2778)
    
    Two HTTP response smuggling flaws were found in the way Firefox
    processed certain invalid HTTP response headers. A malicious website
    could return specially crafted HTTP response headers which may bypass
    HTTP proxy restrictions. (CVE-2006-2786)
    
    A flaw was found in the way Firefox processed Proxy AutoConfig
    scripts. A malicious Proxy AutoConfig server could execute arbitrary
    JavaScript instructions with the permissions of 'chrome', allowing the
    page to steal sensitive information or install browser malware.
    (CVE-2006-3808)
    
    A double free flaw was found in the way the nsIX509::getRawDER method
    was called. If a victim visited a carefully crafted web page, it was
    possible to execute arbitrary code as the user running Firefox.
    (CVE-2006-2788)
    
    Users of Firefox are advised to upgrade to this update, which contains
    Firefox version 1.5.0.5 that corrects these issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-2776"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-2778"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-2779"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-2780"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-2782"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-2783"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-2784"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-2785"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-2786"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-2787"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-2788"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-3113"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-3677"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-3801"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-3802"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-3803"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-3805"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-3806"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-3807"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-3808"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-3809"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-3810"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-3811"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-3812"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2006:0610"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected firefox package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Suite/Firefox Navigator Object Code Execution');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_cwe_id(20, 94, 119);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:firefox");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2006/06/02");
      script_set_attribute(attribute:"patch_publication_date", value:"2006/07/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2006/07/29");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2006:0610";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL4", reference:"firefox-1.5.0.5-0.el4.1")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "firefox");
      }
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2006-0594.NASL
    descriptionUpdated SeaMonkey packages that fix several security bugs in the mozilla packages are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. The Mozilla Foundation has discontinued support for the Mozilla Suite. This update deprecates the Mozilla Suite in Red Hat Enterprise Linux 2.1 in favor of the supported SeaMonkey Suite. This update also resolves a number of outstanding Mozilla security issues : Several flaws were found in the way SeaMonkey processed certain JavaScript actions. A malicious web page could execute arbitrary JavaScript instructions with the permissions of
    last seen2020-06-01
    modified2020-06-02
    plugin id22291
    published2006-08-30
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/22291
    titleRHEL 2.1 : seamonkey (RHSA-2006:0594)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_MOZILLAFIREFOX-1981.NASL
    descriptionThis security update brings Mozilla Firefox to version 1.5.0.6. Note that on SUSE Linux 9.2, 9.3 and 10.0 this is a major version upgrade, please check if your manually installed extensions and plugins are still working. Please also see http://www.mozilla.org/projects/security/known-vulnerabilities.html for more details. It includes fixes to the following security problems : - CVE-2006-3801/MFSA 2006-44: Code execution through deleted frame reference Thilo Girmann discovered that in certain circumstances a JavaScript reference to a frame or window was not properly cleared when the referenced content went away, and he demonstrated that this pointer to a deleted object could be used to execute native code supplied by the attacker. - CVE-2006-3677/MFSA 2006-45: JavaScript navigator Object Vulnerability An anonymous researcher for TippingPoint and the Zero Day Initiative showed that when used in a web page Java would reference properties of the window.navigator object as it started up. If the page replaced the navigator object before starting Java then the browser would crash in a way that could be exploited to run native code supplied by the attacker. - CVE-2006-3113/MFSA 2006-46: Memory corruption with simultaneous events Secunia Research has discovered a vulnerability in Mozilla Firefox 1.5 branch, which can be exploited by malicious people to compromise a user
    last seen2020-06-01
    modified2020-06-02
    plugin id27113
    published2007-10-17
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27113
    titleopenSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-1981)
  • NASL familyWindows
    NASL idSEAMONKEY_103.NASL
    descriptionThe installed version of SeaMonkey contains various security issues, some of which could lead to execution of arbitrary code on the affected host subject to the user
    last seen2020-06-01
    modified2020-06-02
    plugin id22097
    published2006-07-27
    reporterThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22097
    titleSeaMonkey < 1.0.3 Multiple Vulnerabilities
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200608-03.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200608-03 (Mozilla Firefox: Multiple vulnerabilities) The following vulnerabilities have been reported: Benjamin Smedberg discovered that chrome URL
    last seen2020-06-01
    modified2020-06-02
    plugin id22145
    published2006-08-04
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22145
    titleGLSA-200608-03 : Mozilla Firefox: Multiple vulnerabilities
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2006-0609.NASL
    descriptionUpdated SeaMonkey packages that fix several security bugs in the mozilla package are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. The Mozilla Foundation has discontinued support for the Mozilla Suite. This update deprecates the Mozilla Suite in Red Hat Enterprise Linux 4 in favor of the supported SeaMonkey Suite. This update also resolves a number of outstanding Mozilla security issues : Several flaws were found in the way SeaMonkey processed certain JavaScript actions. A malicious web page could execute arbitrary JavaScript instructions with the permissions of
    last seen2020-06-01
    modified2020-06-02
    plugin id22150
    published2006-08-04
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/22150
    titleRHEL 4 : seamonkey (RHSA-2006:0609)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2006-0735.NASL
    descriptionUpdated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Users of Thunderbird are advised to upgrade to this update, which contains Thunderbird version 1.5.0.8 that corrects these issues. From Red Hat Security Advisory 2006:0735 : Several flaws were found in the way Thunderbird processes certain malformed Javascript code. A malicious HTML mail message could cause the execution of Javascript code in such a way that could cause Thunderbird to crash or execute arbitrary code as the user running Thunderbird. (CVE-2006-5463, CVE-2006-5747, CVE-2006-5748) Several flaws were found in the way Thunderbird renders HTML mail messages. A malicious HTML mail message could cause the mail client to crash or possibly execute arbitrary code as the user running Thunderbird. (CVE-2006-5464) A flaw was found in the way Thunderbird verifies RSA signatures. For RSA keys with exponent 3 it is possible for an attacker to forge a signature that would be incorrectly verified by the NSS library. Thunderbird as shipped trusts several root Certificate Authorities that use exponent 3. An attacker could have created a carefully crafted SSL certificate which would be incorrectly trusted when their site was visited by a victim. This flaw was previously thought to be fixed in Thunderbird 1.5.0.7, however Ulrich Kuehn discovered the fix was incomplete (CVE-2006-5462) From Red Hat Security Advisory 2006:0677 : Two flaws were found in the way Thunderbird processed certain regular expressions. A malicious HTML email could cause a crash or possibly execute arbitrary code as the user running Thunderbird. (CVE-2006-4565, CVE-2006-4566) A flaw was found in the Thunderbird auto-update verification system. An attacker who has the ability to spoof a victim
    last seen2020-06-01
    modified2020-06-02
    plugin id67424
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/67424
    titleOracle Linux 4 : thunderbird (ELSA-2006-0735 / ELSA-2006-0677 / ELBA-2006-0624 / ELSA-2006-0611)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2006-0608.NASL
    descriptionUpdated SeaMonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain JavaScript actions. A malicious web page could execute arbitrary JavaScript instructions with the permissions of
    last seen2020-06-01
    modified2020-06-02
    plugin id22114
    published2006-07-28
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/22114
    titleRHEL 3 : seamonkey (RHSA-2006:0608)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_E2A926641D6011DB88CF000C6EC775D9.NASL
    descriptionA Mozilla Foundation Security Advisory reports of multiple issues. Several of which can be used to run arbitrary code with the privilege of the user running the program. - MFSA 2006-56 chrome: scheme loading remote content - MFSA 2006-55 Crashes with evidence of memory corruption (rv:1.8.0.5) - MFSA 2006-54 XSS with XPCNativeWrapper(window).Function(...) - MFSA 2006-53 UniversalBrowserRead privilege escalation - MFSA 2006-52 PAC privilege escalation using Function.prototype.call - MFSA 2006-51 Privilege escalation using named-functions and redefined
    last seen2020-06-01
    modified2020-06-02
    plugin id22105
    published2006-07-28
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/22105
    titleFreeBSD : mozilla -- multiple vulnerabilities (e2a92664-1d60-11db-88cf-000c6ec775d9)
  • NASL familyWindows
    NASL idMOZILLA_THUNDERBIRD_1505.NASL
    descriptionThe remote version of Mozilla Thunderbird suffers from various security issues, at least one of which may lead to execution of arbitrary code on the affected host subject to the user
    last seen2020-06-01
    modified2020-06-02
    plugin id22096
    published2006-07-27
    reporterThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22096
    titleMozilla Thunderbird < 1.5.0.5 Multiple Vulnerabilities
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-350-1.NASL
    descriptionThis update upgrades Thunderbird from 1.0.8 to 1.5.0.7. This step was necessary since the 1.0.x series is not supported by upstream any more. Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious email containing JavaScript. Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it. (CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812, CVE-2006-4253, CVE-2006-4565, CVE-2006-4566, CVE-2006-4571) A buffer overflow has been discovered in the handling of .vcard files. By tricking a user into importing a malicious vcard into his contacts, this could be exploited to execute arbitrary code with the user
    last seen2020-06-01
    modified2020-06-02
    plugin id27930
    published2007-11-10
    reporterUbuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2007-2016 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27930
    titleUbuntu 5.10 : mozilla-thunderbird vulnerabilities (USN-350-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SEAMONKEY-1952.NASL
    descriptionThis security update brings Mozilla SeaMonkey to version 1.0.4. Please also see http://www.mozilla.org/projects/security/known-vulnerabilities.html for more details. It includes fixes to the following security problems : - CVE-2006-3801/MFSA 2006-44: Code execution through deleted frame reference Thilo Girmann discovered that in certain circumstances a JavaScript reference to a frame or window was not properly cleared when the referenced content went away, and he demonstrated that this pointer to a deleted object could be used to execute native code supplied by the attacker. - CVE-2006-3677/MFSA 2006-45: JavaScript navigator Object Vulnerability An anonymous researcher for TippingPoint and the Zero Day Initiative showed that when used in a web page Java would reference properties of the window.navigator object as it started up. If the page replaced the navigator object before starting Java then the browser would crash in a way that could be exploited to run native code supplied by the attacker. - CVE-2006-3113/MFSA 2006-46: Memory corruption with simultaneous events Secunia Research has discovered a vulnerability in Mozilla Firefox 1.5 branch, which can be exploited by malicious people to compromise a user
    last seen2020-06-01
    modified2020-06-02
    plugin id27435
    published2007-10-17
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27435
    titleopenSUSE 10 Security Update : seamonkey (seamonkey-1952)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200608-02.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200608-02 (Mozilla SeaMonkey: Multiple vulnerabilities) The following vulnerabilities have been reported: Benjamin Smedberg discovered that chrome URL
    last seen2020-06-01
    modified2020-06-02
    plugin id22144
    published2006-08-04
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22144
    titleGLSA-200608-02 : Mozilla SeaMonkey: Multiple vulnerabilities
  • NASL familyWindows
    NASL idMOZILLA_FIREFOX_1505.NASL
    descriptionThe installed version of Firefox is affected by various security issues, some of which may lead to execution of arbitrary code on the affected host subject to the user
    last seen2020-06-01
    modified2020-06-02
    plugin id22095
    published2006-07-27
    reporterThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22095
    titleFirefox < 1.5.0.5 Multiple Vulnerabilities
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2006-0733.NASL
    descriptionUpdated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Users of Firefox are advised to upgrade to these erratum packages, which contain Firefox version 1.5.0.8 that corrects these issues. From Red Hat Security Advisory 2006:0733 : Several flaws were found in the way Firefox processes certain malformed Javascript code. A malicious web page could cause the execution of Javascript code in such a way that could cause Firefox to crash or execute arbitrary code as the user running Firefox. (CVE-2006-5463, CVE-2006-5747, CVE-2006-5748) Several flaws were found in the way Firefox renders web pages. A malicious web page could cause the browser to crash or possibly execute arbitrary code as the user running Firefox. (CVE-2006-5464) A flaw was found in the way Firefox verifies RSA signatures. For RSA keys with exponent 3 it is possible for an attacker to forge a signature that would be incorrectly verified by the NSS library. Firefox as shipped trusts several root Certificate Authorities that use exponent 3. An attacker could have created a carefully crafted SSL certificate which be incorrectly trusted when their site was visited by a victim. This flaw was previously thought to be fixed in Firefox 1.5.0.7, however Ulrich Kuehn discovered the fix was incomplete (CVE-2006-5462) From Red Hat Security Advisory 2006:0675 : Two flaws were found in the way Firefox processed certain regular expressions. A malicious web page could crash the browser or possibly execute arbitrary code as the user running Firefox. (CVE-2006-4565, CVE-2006-4566) A number of flaws were found in Firefox. A malicious web page could crash the browser or possibly execute arbitrary code as the user running Firefox. (CVE-2006-4571) A flaw was found in the handling of Javascript timed events. A malicious web page could crash the browser or possibly execute arbitrary code as the user running Firefox. (CVE-2006-4253) Daniel Bleichenbacher recently described an implementation error in RSA signature verification. For RSA keys with exponent 3 it is possible for an attacker to forge a signature that would be incorrectly verified by the NSS library. Firefox as shipped trusts several root Certificate Authorities that use exponent 3. An attacker could have created a carefully crafted SSL certificate which be incorrectly trusted when their site was visited by a victim. (CVE-2006-4340) A flaw was found in the Firefox auto-update verification system. An attacker who has the ability to spoof a victim
    last seen2020-06-01
    modified2020-06-02
    plugin id67422
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/67422
    titleOracle Linux 4 : firefox (ELSA-2006-0733 / ELSA-2006-0675 / ELSA-2006-0610)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1160.NASL
    descriptionThe latest security updates of Mozilla introduced a regression that led to a dysfunctional attachment panel which warrants a correction to fix this issue. For reference please find below the original advisory text : Several security related problems have been discovered in Mozilla and derived products. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2006-2779 Mozilla team members discovered several crashes during testing of the browser engine showing evidence of memory corruption which may also lead to the execution of arbitrary code. The last bit of this problem will be corrected with the next update. You can prevent any trouble by disabling JavaScript. [MFSA-2006-32] - CVE-2006-3805 The JavaScript engine might allow remote attackers to execute arbitrary code. [MFSA-2006-50] - CVE-2006-3806 Multiple integer overflows in the JavaScript engine might allow remote attackers to execute arbitrary code. [MFSA-2006-50] - CVE-2006-3807 Specially crafted JavaScript allows remote attackers to execute arbitrary code. [MFSA-2006-51] - CVE-2006-3808 Remote Proxy AutoConfig (PAC) servers could execute code with elevated privileges via a specially crafted PAC script. [MFSA-2006-52] - CVE-2006-3809 Scripts with the UniversalBrowserRead privilege could gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data. [MFSA-2006-53] - CVE-2006-3810 A cross-site scripting vulnerability allows remote attackers to inject arbitrary web script or HTML. [MFSA-2006-54]
    last seen2020-06-01
    modified2020-06-02
    plugin id22702
    published2006-10-14
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22702
    titleDebian DSA-1160-2 : mozilla - several vulnerabilities
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2006-0611.NASL
    descriptionUpdated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. The Mozilla Foundation has discontinued support for the Mozilla Thunderbird 1.0 branch. This update deprecates the Mozilla Thunderbird 1.0 branch in Red Hat Enterprise Linux 4 in favor of the supported Mozilla Thunderbird 1.5 branch. This update also resolves a number of outstanding Thunderbird security issues : Several flaws were found in the way Thunderbird processed certain JavaScript actions. A malicious mail message could execute arbitrary JavaScript instructions with the permissions of
    last seen2020-06-01
    modified2020-06-02
    plugin id22122
    published2006-07-29
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/22122
    titleRHEL 4 : thunderbird (RHSA-2006:0611)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200608-04.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200608-04 (Mozilla Thunderbird: Multiple vulnerabilities) The following vulnerabilities have been reported: Benjamin Smedberg discovered that chrome URLss could be made to reference remote files. Developers in the Mozilla community looked for and fixed several crash bugs to improve the stability of Mozilla clients.
    last seen2020-06-01
    modified2020-06-02
    plugin id22146
    published2006-08-04
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22146
    titleGLSA-200608-04 : Mozilla Thunderbird: Multiple vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_MOZILLAFIREFOX-1960.NASL
    descriptionThis security update brings Mozilla Firefox to version 1.5.0.6. More details can be found on: http://www.mozilla.org/projects/security/known-vulnerabiliti es.html It includes fixes to the following security problems : - Code execution through deleted frame reference. (CVE-2006-3801 / MFSA 2006-44) Thilo Girmann discovered that in certain circumstances a JavaScript reference to a frame or window was not properly cleared when the referenced content went away, and he demonstrated that this pointer to a deleted object could be used to execute native code supplied by the attacker. - JavaScript navigator Object Vulnerability. (CVE-2006-3677 / MFSA 2006-45) An anonymous researcher for TippingPoint and the Zero Day Initiative showed that when used in a web page Java would reference properties of the window.navigator object as it started up. If the page replaced the navigator object before starting Java then the browser would crash in a way that could be exploited to run native code supplied by the attacker. - Memory corruption with simultaneous events. (CVE-2006-3113 / MFSA 2006-46) Secunia Research has discovered a vulnerability in Mozilla Firefox 1.5 branch, which can be exploited by malicious people to compromise a user
    last seen2020-06-01
    modified2020-06-02
    plugin id29354
    published2007-12-13
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/29354
    titleSuSE 10 Security Update : Firefox (ZYPP Patch Number 1960)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2006-143.NASL
    descriptionA number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program. Previous updates to Firefox were patch fixes to Firefox 1.0.6 that brought it in sync with 1.0.8 in terms of security fixes. In this update, Mozilla Firefox 1.5.0.6 is being provided which corrects a number of vulnerabilities that were previously unpatched, as well as providing new and enhanced features. The following CVE names have been corrected with this update: CVE-2006-2613, CVE-2006-2894, CVE-2006-2775, CVE-2006-2776, CVE-2006-2777, CVE-2006-2778, CVE-2006-2779, CVE-2006-2780, CVE-2006-2782, CVE-2006-2783, CVE-2006-2784, CVE-2006-2785, CVE-2006-2786, CVE-2006-2787, CVE-2006-2788, CVE-2006-3677, CVE-2006-3803, CVE-2006-3804, CVE-2006-3806, CVE-2006-3807, CVE-2006-3113, CVE-2006-3801, CVE-2006-3802, CVE-2006-3805, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812. Update : The previous language packages were not correctly tagged for the new Firefox which resulted in many of them not loading properly. These updated language packages correct the problem.
    last seen2020-06-01
    modified2020-06-02
    plugin id23892
    published2006-12-16
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/23892
    titleMandrake Linux Security Advisory : mozilla-firefox (MDKSA-2006:143-1)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2006-0611.NASL
    descriptionUpdated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. The Mozilla Foundation has discontinued support for the Mozilla Thunderbird 1.0 branch. This update deprecates the Mozilla Thunderbird 1.0 branch in Red Hat Enterprise Linux 4 in favor of the supported Mozilla Thunderbird 1.5 branch. This update also resolves a number of outstanding Thunderbird security issues : Several flaws were found in the way Thunderbird processed certain JavaScript actions. A malicious mail message could execute arbitrary JavaScript instructions with the permissions of
    last seen2020-06-01
    modified2020-06-02
    plugin id22138
    published2006-08-04
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/22138
    titleCentOS 4 : thunderbird (CESA-2006:0611)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-329-1.NASL
    descriptionVarious flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious email containing JavaScript. Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it. (CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812) A buffer overflow has been discovered in the handling of .vcard files. By tricking a user into importing a malicious vcard into his contacts, this could be exploited to execute arbitrary code with the user
    last seen2020-06-01
    modified2020-06-02
    plugin id27908
    published2007-11-10
    reporterUbuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27908
    titleUbuntu 6.06 LTS : mozilla-thunderbird vulnerabilities (USN-329-1)

Oval

accepted2013-04-29T04:01:49.460-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
descriptionCross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct.
familyunix
idoval:org.mitre.oval:def:10113
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleCross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct.
version26

Redhat

advisories
  • rhsa
    idRHSA-2006:0594
  • rhsa
    idRHSA-2006:0608
  • rhsa
    idRHSA-2006:0609
  • rhsa
    idRHSA-2006:0610
  • rhsa
    idRHSA-2006:0611
rpms
  • seamonkey-0:1.0.3-0.el3.1
  • seamonkey-chat-0:1.0.3-0.el3.1
  • seamonkey-debuginfo-0:1.0.3-0.el3.1
  • seamonkey-devel-0:1.0.3-0.el3.1
  • seamonkey-dom-inspector-0:1.0.3-0.el3.1
  • seamonkey-js-debugger-0:1.0.3-0.el3.1
  • seamonkey-mail-0:1.0.3-0.el3.1
  • seamonkey-nspr-0:1.0.3-0.el3.1
  • seamonkey-nspr-devel-0:1.0.3-0.el3.1
  • seamonkey-nss-0:1.0.3-0.el3.1
  • seamonkey-nss-devel-0:1.0.3-0.el3.1
  • devhelp-0:0.10-0.2.el4
  • devhelp-debuginfo-0:0.10-0.2.el4
  • devhelp-devel-0:0.10-0.2.el4
  • seamonkey-0:1.0.3-0.el4.1
  • seamonkey-chat-0:1.0.3-0.el4.1
  • seamonkey-debuginfo-0:1.0.3-0.el4.1
  • seamonkey-devel-0:1.0.3-0.el4.1
  • seamonkey-dom-inspector-0:1.0.3-0.el4.1
  • seamonkey-js-debugger-0:1.0.3-0.el4.1
  • seamonkey-mail-0:1.0.3-0.el4.1
  • firefox-0:1.5.0.5-0.el4.1
  • firefox-debuginfo-0:1.5.0.5-0.el4.1
  • thunderbird-0:1.5.0.5-0.el4.1
  • thunderbird-debuginfo-0:1.5.0.5-0.el4.1

References