Vulnerabilities > CVE-2007-4841 - Improper Input Validation vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

mozilla

CWE-20

critical

nessus

NVD

Published: 2007-09-12

Updated: 2019-10-09

Summary

Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a (1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding, related to improper file type handling on Windows XP with Internet Explorer 7 installed, a variant of CVE-2007-3845.

Vulnerable Configurations

Part	Description	Count
Application	Mozilla Mozilla Firefox - Mozilla Firefox 0.1 Mozilla Firefox 0.2 Mozilla Firefox 0.3 Mozilla Firefox 0.4 Mozilla Firefox 0.5 Mozilla Firefox 0.6 Mozilla Firefox 0.6.1 Mozilla Firefox 0.7 Mozilla Firefox 0.7.1 Mozilla Firefox 0.8 Mozilla Firefox 0.9 Mozilla Firefox 0.9.1 Mozilla Firefox 0.9.2 Mozilla Firefox 0.9.3 Mozilla Firefox 0.10 Mozilla Firefox 0.10.1 Mozilla Firefox 1.0 Mozilla Firefox 1.0.1 Mozilla Firefox 1.0.2 Mozilla Firefox 1.0.3 Mozilla Firefox 1.0.4 Mozilla Firefox 1.0.5 Mozilla Firefox 1.0.6 Mozilla Firefox 1.0.7 Mozilla Firefox 1.0.8 Mozilla Firefox 1.4.1 Mozilla Firefox 1.5 Mozilla Firefox 1.5.0.1 Mozilla Firefox 1.5.0.2 Mozilla Firefox 1.5.0.3 Mozilla Firefox 1.5.0.4 Mozilla Firefox 1.5.0.5 Mozilla Firefox 1.5.0.6 Mozilla Firefox 1.5.0.7 Mozilla Firefox 1.5.0.8 Mozilla Firefox 1.5.0.9 Mozilla Firefox 1.5.0.10 Mozilla Firefox 1.5.0.11 Mozilla Firefox 1.5.0.12 Mozilla Firefox 1.5.1 Mozilla Firefox 1.5.2 Mozilla Firefox 1.5.3 Mozilla Firefox 1.5.4 Mozilla Firefox 1.5.5 Mozilla Firefox 1.5.6 Mozilla Firefox 1.5.7 Mozilla Firefox 1.5.8 Mozilla Firefox 1.8 Mozilla Firefox 2.0 Mozilla Firefox 2.0.0.1 Mozilla Firefox 2.0.0.2 Mozilla Firefox 2.0.0.3 Mozilla Firefox 2.0.0.4 Mozilla Firefox 2.0.0.5 Mozilla Firefox 2.0.0.6 Mozilla Firefox 2.0.0.7 Mozilla Firefox 2.0.0.8 Mozilla Seamonkey - Mozilla Seamonkey 1.0 Mozilla Seamonkey 1.0.1 Mozilla Seamonkey 1.0.2 Mozilla Seamonkey 1.0.3 Mozilla Seamonkey 1.0.4 Mozilla Seamonkey 1.0.5 Mozilla Seamonkey 1.0.6 Mozilla Seamonkey 1.0.7 Mozilla Seamonkey 1.0.8 Mozilla Seamonkey 1.0.9 Mozilla Seamonkey 1.1 Mozilla Seamonkey 1.1.1 Mozilla Seamonkey 1.1.2 Mozilla Seamonkey 1.1.3 Mozilla Seamonkey 1.1.4 Mozilla Seamonkey 1.1.5 Mozilla Thunderbird - Mozilla Thunderbird 0.1 Mozilla Thunderbird 0.2 Mozilla Thunderbird 0.3 Mozilla Thunderbird 0.4 Mozilla Thunderbird 0.5 Mozilla Thunderbird 0.6 Mozilla Thunderbird 0.7 Mozilla Thunderbird 0.7.1 Mozilla Thunderbird 0.7.2 Mozilla Thunderbird 0.7.3 Mozilla Thunderbird 0.8 Mozilla Thunderbird 0.9 Mozilla Thunderbird 1.0 Mozilla Thunderbird 1.0.2 Mozilla Thunderbird 1.0.5 Mozilla Thunderbird 1.0.6 Mozilla Thunderbird 1.0.7 Mozilla Thunderbird 1.0.8 Mozilla Thunderbird 1.1 Mozilla Thunderbird 1.5 Mozilla Thunderbird 1.5.0.2 Mozilla Thunderbird 1.5.0.4 Mozilla Thunderbird 1.5.0.5 Mozilla Thunderbird 1.5.0.7 Mozilla Thunderbird 1.5.0.8 Mozilla Thunderbird 1.5.0.9 Mozilla Thunderbird 1.5.0.10 Mozilla Thunderbird 1.5.0.12 Mozilla Thunderbird 1.5.0.13 Mozilla Thunderbird 1.5.0.14 Mozilla Thunderbird 2.0 Mozilla Thunderbird 2.0.0.0 Mozilla Thunderbird 2.0.0.4 Mozilla Thunderbird 2.0.0.5 Mozilla Thunderbird 2.0.0.6	136

Common Weakness Enumeration (CWE)

CWE-20 - Improper Input Validation

Common Attack Pattern Enumeration and Classification (CAPEC)

Buffer Overflow via Environment Variables
This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
Server Side Include (SSI) Injection
An attacker can use Server Side Include (SSI) Injection to send code to a web application that then gets executed by the web server. Doing so enables the attacker to achieve similar results to Cross Site Scripting, viz., arbitrary code execution and information disclosure, albeit on a more limited scale, since the SSI directives are nowhere near as powerful as a full-fledged scripting language. Nonetheless, the attacker can conveniently gain access to sensitive files, such as password files, and execute shell commands.
Cross Zone Scripting
An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security. In a zone-based model, pages belong to one of a set of zones corresponding to the level of privilege assigned to that page. Pages in an untrusted zone would have a lesser level of access to the system and/or be restricted in the types of executable content it was allowed to invoke. In a cross-zone scripting attack, a page that should be assigned to a less privileged zone is granted the privileges of a more trusted zone. This can be accomplished by exploiting bugs in the browser, exploiting incorrect configuration in the zone controls, through a cross-site scripting attack that causes the attackers' content to be treated as coming from a more trusted page, or by leveraging some piece of system functionality that is accessible from both the trusted and less trusted zone. This attack differs from "Restful Privilege Escalation" in that the latter correlates to the inadequate securing of RESTful access methods (such as HTTP DELETE) on the server, while cross-zone scripting attacks the concept of security zones as implemented by a browser.
Cross Site Scripting through Log Files
An attacker may leverage a system weakness where logs are susceptible to log injection to insert scripts into the system's logs. If these logs are later viewed by an administrator through a thin administrative interface and the log data is not properly HTML encoded before being written to the page, the attackers' scripts stored in the log will be executed in the administrative interface with potentially serious consequences. This attack pattern is really a combination of two other attack patterns: log injection and stored cross site scripting.
Command Line Execution through SQL Injection
An attacker uses standard SQL injection methods to inject data into the command line for execution. This could be done directly through misuse of directives such as MSSQL_xp_cmdshell or indirectly through injection of data into the database that would be interpreted as shell commands. Sometime later, an unscrupulous backend application (or could be part of the functionality of the same application) fetches the injected data stored in the database and uses this data as command line arguments without performing proper validation. The malicious data escapes that data plane by spawning new commands to be executed on the host.

Nessus

NASL family	Mandriva Local Security Checks
NASL id	MANDRAKE_MDKSA-2007-202.NASL
description	A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.8. This update provides the latest Firefox to correct these issues. As well, it provides Firefox 2.0.0.8 for older products.
last seen	2020-06-01
modified	2020-06-02
plugin id	36338
published	2009-04-23
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/36338
title	Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2007:202)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandrake Linux Security Advisory MDKSA-2007:202. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(36338); script_version ("1.13"); script_cvs_date("Date: 2019/08/02 13:32:49"); script_cve_id("CVE-2006-2894", "CVE-2007-1095", "CVE-2007-2292", "CVE-2007-3511", "CVE-2007-4841", "CVE-2007-5334", "CVE-2007-5337", "CVE-2007-5338", "CVE-2007-5339", "CVE-2007-5340"); script_xref(name:"MDKSA", value:"2007:202"); script_name(english:"Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2007:202)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandrake Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.8. This update provides the latest Firefox to correct these issues. As well, it provides Firefox 2.0.0.8 for older products." ); script_set_attribute( attribute:"see_also", value:"http://www.mozilla.org/security/announce/2007/mfsa2007-29.html" ); script_set_attribute( attribute:"see_also", value:"http://www.mozilla.org/security/announce/2007/mfsa2007-30.html" ); script_set_attribute( attribute:"see_also", value:"http://www.mozilla.org/security/announce/2007/mfsa2007-31.html" ); script_set_attribute( attribute:"see_also", value:"http://www.mozilla.org/security/announce/2007/mfsa2007-32.html" ); script_set_attribute( attribute:"see_also", value:"http://www.mozilla.org/security/announce/2007/mfsa2007-33.html" ); script_set_attribute( attribute:"see_also", value:"http://www.mozilla.org/security/announce/2007/mfsa2007-34.html" ); script_set_attribute( attribute:"see_also", value:"http://www.mozilla.org/security/announce/2007/mfsa2007-35.html" ); script_set_attribute( attribute:"see_also", value:"http://www.mozilla.org/security/announce/2007/mfsa2007-36.html" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_cwe_id(16, 20, 200); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:deskbar-applet"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:devhelp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:devhelp-plugins"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:eclipse-ecj"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:eclipse-jdt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:eclipse-jdt-sdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:eclipse-pde"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:eclipse-pde-runtime"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:eclipse-pde-sdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:eclipse-platform"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:eclipse-platform-sdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:eclipse-rcp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:eclipse-rcp-sdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:eclipse-sdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:epiphany"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:epiphany-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:galeon"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-extras"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gda"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gda-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gdl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gksu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gtkhtml2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gtkmozembed"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gtkspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64devhelp-1-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64devhelp-1_0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64devhelp-1_0-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mozilla-firefox2.0.0.8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mozilla-firefox2.0.0.8-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64totem-plparser-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64totem-plparser1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64totem-plparser1-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64totem-plparser7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libdevhelp-1-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libdevhelp-1_0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libdevhelp-1_0-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libmozilla-firefox2.0.0.8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libmozilla-firefox2.0.0.8-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libswt3-gtk2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libtotem-plparser-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libtotem-plparser1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libtotem-plparser1-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libtotem-plparser7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-ar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-bg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-br_FR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-ca"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-cs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-da"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-de"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-el"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-es_AR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-es_ES"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-et_EE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-eu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-ext-blogrovr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-ext-foxmarks"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-ext-scribefire"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-fi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-fr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-fy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-ga"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-gnome-support"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-gu_IN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-he"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-hu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-it"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-ja"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-ko"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-lt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-mk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-nb_NO"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-nl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-nn_NO"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-pl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-pt_BR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-pt_PT"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-ru"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-sk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-sl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-sv_SE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-tr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-uk_UA"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-zh_CN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-firefox-zh_TW"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:totem"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:totem-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:totem-gstreamer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:totem-mozilla"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:totem-mozilla-gstreamer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:yelp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0"); script_set_attribute(attribute:"patch_publication_date", value:"2007/10/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64\|i[3-6]86\|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2007.1", reference:"deskbar-applet-2.18.0-3.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"devhelp-0.13-3.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"devhelp-plugins-0.13-3.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"eclipse-ecj-3.2.2-3.4.2mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"eclipse-jdt-3.2.2-3.4.2mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"eclipse-jdt-sdk-3.2.2-3.4.2mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"eclipse-pde-3.2.2-3.4.2mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"eclipse-pde-runtime-3.2.2-3.4.2mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"eclipse-pde-sdk-3.2.2-3.4.2mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"eclipse-platform-3.2.2-3.4.2mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"eclipse-platform-sdk-3.2.2-3.4.2mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"eclipse-rcp-3.2.2-3.4.2mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"eclipse-rcp-sdk-3.2.2-3.4.2mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"eclipse-sdk-3.2.2-3.4.2mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"epiphany-2.18.0-5.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"epiphany-devel-2.18.0-5.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"galeon-2.0.3-5.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"gnome-python-extras-2.14.3-4.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"gnome-python-gda-2.14.3-4.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"gnome-python-gda-devel-2.14.3-4.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"gnome-python-gdl-2.14.3-4.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"gnome-python-gksu-2.14.3-4.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"gnome-python-gtkhtml2-2.14.3-4.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"gnome-python-gtkmozembed-2.14.3-4.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"gnome-python-gtkspell-2.14.3-4.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"x86_64", reference:"lib64devhelp-1_0-0.13-3.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"x86_64", reference:"lib64devhelp-1_0-devel-0.13-3.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"x86_64", reference:"lib64mozilla-firefox2.0.0.8-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"x86_64", reference:"lib64mozilla-firefox2.0.0.8-devel-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"x86_64", reference:"lib64totem-plparser1-2.18.2-1.5mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"x86_64", reference:"lib64totem-plparser1-devel-2.18.2-1.5mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"libdevhelp-1_0-0.13-3.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"libdevhelp-1_0-devel-0.13-3.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"libmozilla-firefox2.0.0.8-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"libmozilla-firefox2.0.0.8-devel-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"libswt3-gtk2-3.2.2-3.4.2mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"libtotem-plparser1-2.18.2-1.5mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"libtotem-plparser1-devel-2.18.2-1.5mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-ar-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-bg-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-br_FR-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-ca-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-cs-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-da-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-de-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-el-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-es_AR-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-es_ES-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-et_EE-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-eu-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-fi-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-fr-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-fy-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-ga-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-gnome-support-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-gu_IN-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-he-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-hu-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-it-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-ja-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-ko-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-lt-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-mk-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-nb_NO-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-nl-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-nn_NO-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-pl-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-pt_BR-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-pt_PT-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-ru-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-sk-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-sl-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-sv_SE-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-tr-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-uk_UA-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-zh_CN-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"mozilla-firefox-zh_TW-2.0.0.8-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"totem-2.18.2-1.5mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"totem-common-2.18.2-1.5mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"totem-gstreamer-2.18.2-1.5mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"totem-mozilla-2.18.2-1.5mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"totem-mozilla-gstreamer-2.18.2-1.5mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"yelp-2.18.0-3.4mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"devhelp-0.16-1.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"devhelp-plugins-0.16-1.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"epiphany-2.20.0-1.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"epiphany-devel-2.20.0-1.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"galeon-2.0.3-7.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"gnome-python-extras-2.19.1-4.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"gnome-python-gda-2.19.1-4.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"gnome-python-gda-devel-2.19.1-4.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"gnome-python-gdl-2.19.1-4.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"gnome-python-gksu-2.19.1-4.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"gnome-python-gtkhtml2-2.19.1-4.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"gnome-python-gtkmozembed-2.19.1-4.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"gnome-python-gtkspell-2.19.1-4.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64devhelp-1-devel-0.16-1.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64devhelp-1_0-0.16-1.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64mozilla-firefox2.0.0.8-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64mozilla-firefox2.0.0.8-devel-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64totem-plparser-devel-2.20.0-4.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64totem-plparser7-2.20.0-4.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libdevhelp-1-devel-0.16-1.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libdevhelp-1_0-0.16-1.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libmozilla-firefox2.0.0.8-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libmozilla-firefox2.0.0.8-devel-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libtotem-plparser-devel-2.20.0-4.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libtotem-plparser7-2.20.0-4.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-ar-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-bg-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-br_FR-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-ca-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-cs-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-da-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-de-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-el-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-es_AR-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-es_ES-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-et_EE-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-eu-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-ext-blogrovr-1.1.322-1.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-ext-foxmarks-1.0.1-1.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-ext-scribefire-1.4.1-1.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-fi-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-fr-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-fy-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-ga-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-gnome-support-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-gu_IN-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-he-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-hu-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-it-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-ja-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-ko-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-lt-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-mk-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-nb_NO-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-nl-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-nn_NO-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-pl-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-pt_BR-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-pt_PT-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-ru-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-sk-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-sl-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-sv_SE-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-tr-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-uk_UA-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-zh_CN-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"mozilla-firefox-zh_TW-2.0.0.8-1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"totem-2.20.0-4.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"totem-common-2.20.0-4.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"totem-gstreamer-2.20.0-4.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"totem-mozilla-2.20.0-4.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"totem-mozilla-gstreamer-2.20.0-4.2mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"yelp-2.20.0-2.1mdv2008.0", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	SuSE Local Security Checks
NASL id	SUSE_SEAMONKEY-4596.NASL
description	This update fixes several security issues in Mozilla SeaMonkey 1.0.9. Following security problems were fixed : - MFSA 2007-26 / CVE-2007-3844: Privilege escalation through chrome-loaded about:blank windows Mozilla researcher moz_bug_r_a4 reported that a flaw was introduced by the fix for MFSA 2007-20 that could enable privilege escalation attacks against addons that create
last seen	2020-06-01
modified	2020-06-02
plugin id	27581
published	2007-10-26
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/27581
title	openSUSE 10 Security Update : seamonkey (seamonkey-4596)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update seamonkey-4596. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(27581); script_version ("1.16"); script_cvs_date("Date: 2019/10/25 13:36:30"); script_cve_id("CVE-2006-2894", "CVE-2006-4965", "CVE-2007-1095", "CVE-2007-2292", "CVE-2007-3511", "CVE-2007-3844", "CVE-2007-3845", "CVE-2007-4841", "CVE-2007-5334", "CVE-2007-5337", "CVE-2007-5338", "CVE-2007-5339", "CVE-2007-5340"); script_name(english:"openSUSE 10 Security Update : seamonkey (seamonkey-4596)"); script_summary(english:"Check for the seamonkey-4596 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update fixes several security issues in Mozilla SeaMonkey 1.0.9. Following security problems were fixed : - MFSA 2007-26 / CVE-2007-3844: Privilege escalation through chrome-loaded about:blank windows Mozilla researcher moz_bug_r_a4 reported that a flaw was introduced by the fix for MFSA 2007-20 that could enable privilege escalation attacks against addons that create 'about:blank' windows and populate them in certain ways (including implicit 'about:blank' document creation through data: or javascript: URLs in a new window). - MFSA 2007-29: Crashes with evidence of memory corruption As part of the Firefox 2.0.0.8 update releases Mozilla developers fixed many bugs to improve the stability of the product. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. - CVE-2007-5339 Browser crashes - CVE-2007-5340 JavaScript engine crashes - MFSA 2007-30 / CVE-2007-1095: onUnload Tailgating Michal Zalewski demonstrated that onUnload event handlers had access to the address of the new page about to be loaded, even if the navigation was triggered from outside the page content such as by using a bookmark, pressing the back button, or typing an address into the location bar. If the bookmark contained sensitive information in the URL the attacking page might be able to take advantage of it. An attacking page would also be able to redirect the user, perhaps to a phishing page that looked like the site the user thought they were about to visit. - MFSA 2007-31 / CVE-2007-2292: Digest authentication request splitting Security researcher Stefano Di Paola reported that Firefox did not properly validate the user ID when making an HTTP request using Digest Authentication to log into a website. A malicious page could abuse this to inject arbitrary HTTP headers by including a newline character in the user ID followed by the injected header data. If the user were connecting through a proxy the attacker could inject headers that a proxy would interpret as two separate requests for different hosts. - MFSA 2007-32 / CVE-2007-3511 / CVE-2006-2894: File input focus stealing vulnerability A user on the Sla.ckers.org forums named hong reported that a file upload control could be filled programmatically by switching page focus to the label before a file upload form control for selected keyboard events. An attacker could use this trick to steal files from the users' computer if the attacker knew the full pathnames to the desired fileis and could create a pretext that would convince the user to type long enough to produce all the necessary characters. - MFSA 2007-33 / CVE-2007-5334: XUL pages can hide the window titlebar Mozilla developer Eli Friedman discovered that web pages written in the XUL markup language (rather than the usual HTML) can hide their window's titlebar. It may have been possible to abuse this ability to create more convincing spoof and phishing pages. - MFSA 2007-34 / CVE-2007-5337: Possible file stealing through sftp protocol On Linux machines with gnome-vfs support the smb: and sftp: URI schemes are available in Firefox. Georgi Guninski showed that if an attacker can store the attack page in a mutually accessible location on the target server (/tmp perhaps) and lure the victim into loading it, the attacker could potentially read any file owned by the victim from known locations on that server. - MFSA 2007-35 / CVE-2007-5338: XPCNativeWraper pollution using Script object Mozilla security researcher moz_bug_r_a4 reported that it was possible to use the Script object to modify XPCNativeWrappers in such a way that subsequent access by the browser chrome--such as by right-clicking to open a context menu--can cause attacker-supplied JavaScript to run with the same privileges as the user. This is similar to MFSA 2007-25 fixed in Firefox 2.0.0.5 Only Windows is affected by : - MFSA 2007-27 / CVE-2007-3845: Unescaped URIs passed to external programs This problem affects Windows only due to their handling of URI launchers. - MFSA 2007-28 / CVE-2006-4965: Code execution via QuickTime Media-link files Linux does not have .lnk files, nor Quicktime. Not affected. - MFSA 2007-36 / CVE-2007-4841 URIs with invalid %-encoding mishandled by Windows This problem does not affected Linux." ); script_set_attribute( attribute:"solution", value:"Update the affected seamonkey packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_cwe_id(16, 20, 94, 200); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-calendar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-dom-inspector"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-irc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-mail"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-spellchecker"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-venkman"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.1"); script_set_attribute(attribute:"patch_publication_date", value:"2007/10/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/26"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE10\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE10.1", reference:"seamonkey-1.0.9-1.5") ) flag++; if ( rpm_check(release:"SUSE10.1", reference:"seamonkey-calendar-1.0.9-1.5") ) flag++; if ( rpm_check(release:"SUSE10.1", reference:"seamonkey-dom-inspector-1.0.9-1.5") ) flag++; if ( rpm_check(release:"SUSE10.1", reference:"seamonkey-irc-1.0.9-1.5") ) flag++; if ( rpm_check(release:"SUSE10.1", reference:"seamonkey-mail-1.0.9-1.5") ) flag++; if ( rpm_check(release:"SUSE10.1", reference:"seamonkey-spellchecker-1.0.9-1.5") ) flag++; if ( rpm_check(release:"SUSE10.1", reference:"seamonkey-venkman-1.0.9-1.5") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "seamonkey"); }

NASL family	Windows
NASL id	MOZILLA_FIREFOX_2008.NASL
description	The installed version of Firefox is affected by various security issues, some of which may lead to execution of arbitrary code on the affected host subject to the user
last seen	2020-06-01
modified	2020-06-02
plugin id	27521
published	2007-10-19
reporter	This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/27521
title	Firefox < 2.0.0.8 Multiple Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(27521); script_version("1.16"); script_cve_id( "CVE-2007-1095", "CVE-2007-2292", "CVE-2006-2894", "CVE-2007-3511", "CVE-2007-4841", "CVE-2007-5334", "CVE-2007-5337", "CVE-2007-5338", "CVE-2007-5339", "CVE-2007-5340", "CVE-2007-5691" ); script_bugtraq_id(18308, 22688, 23668, 24725, 25543, 26132, 26159); script_name(english:"Firefox < 2.0.0.8 Multiple Vulnerabilities"); script_summary(english:"Checks version of Firefox"); script_set_attribute(attribute:"synopsis", value: "The remote Windows host contains a web browser that is affected by multiple vulnerabilities." ); script_set_attribute(attribute:"description", value: "The installed version of Firefox is affected by various security issues, some of which may lead to execution of arbitrary code on the affected host subject to the user's privileges." ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-29/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-30/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-31/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-32/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-33/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-34/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-35/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-36/" ); script_set_attribute(attribute:"see_also", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=388424" ); script_set_attribute(attribute:"solution", value: "Upgrade to Firefox 2.0.0.8 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(16, 20, 200); script_set_attribute(attribute:"plugin_publication_date", value: "2007/10/19"); script_set_attribute(attribute:"vuln_publication_date", value: "2006/06/05"); script_set_attribute(attribute:"patch_publication_date", value: "2007/10/18"); script_cvs_date("Date: 2018/07/16 14:09:14"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:firefox"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc."); script_dependencies("mozilla_org_installed.nasl"); script_require_keys("Mozilla/Firefox/Version"); exit(0); } include("mozilla_version.inc"); port = get_kb_item_or_exit("SMB/transport"); installs = get_kb_list("SMB/Mozilla/Firefox/*"); if (isnull(installs)) audit(AUDIT_NOT_INST, "Firefox"); mozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'2.0.0.10', severity:SECURITY_HOLE);

NASL family	Windows
NASL id	SEAMONKEY_115.NASL
description	The installed version of SeaMonkey contains various security issues that could cause the application to crash or lead to execution of arbitrary code on the affected host subject to the user
last seen	2020-06-01
modified	2020-06-02
plugin id	27536
published	2007-10-24
reporter	This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/27536
title	SeaMonkey < 1.1.5 Multiple Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(27536); script_version("1.15"); script_cve_id("CVE-2007-1095", "CVE-2007-2292", "CVE-2006-2894", "CVE-2007-3511", "CVE-2007-4841", "CVE-2007-5334", "CVE-2007-5337", "CVE-2007-5338", "CVE-2007-5339", "CVE-2007-5340"); script_bugtraq_id(18308, 22688, 23668, 24725, 25543, 26132); script_name(english:"SeaMonkey < 1.1.5 Multiple Vulnerabilities"); script_summary(english:"Checks version of SeaMonkey"); script_set_attribute(attribute:"synopsis", value: "A web browser on the remote host is prone to multiple flaws." ); script_set_attribute(attribute:"description", value: "The installed version of SeaMonkey contains various security issues that could cause the application to crash or lead to execution of arbitrary code on the affected host subject to the user's privileges." ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-28/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-29/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-30/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-31/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-32/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-33/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-34/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-35/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-36/" ); script_set_attribute(attribute:"solution", value: "Upgrade to SeaMonkey 1.1.5 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(16, 20, 200); script_set_attribute(attribute:"plugin_publication_date", value: "2007/10/24"); script_set_attribute(attribute:"vuln_publication_date", value: "2006/06/05"); script_cvs_date("Date: 2018/07/27 18:38:15"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:seamonkey"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc."); script_dependencies("mozilla_org_installed.nasl"); script_require_keys("SeaMonkey/Version"); exit(0); } include("mozilla_version.inc"); port = get_kb_item("SMB/transport"); if (!port) port = 445; installs = get_kb_list("SMB/SeaMonkey/*"); if (isnull(installs)) audit(AUDIT_NOT_INST, "SeaMonkey"); mozilla_check_version(installs:installs, product:'seamonkey', fix:'1.1.5', severity:SECURITY_HOLE);

NASL family	SuSE Local Security Checks
NASL id	SUSE_MOZILLAFIREFOX-4572.NASL
description	This update brings Mozilla Firefox to security update version 2.0.0.8 Following security problems were fixed : - MFSA 2007-26 / CVE-2007-3844: Privilege escalation through chrome-loaded about:blank windows Mozilla researcher moz_bug_r_a4 reported that a flaw was introduced by the fix for MFSA 2007-20 that could enable privilege escalation attacks against addons that create
last seen	2020-06-01
modified	2020-06-02
plugin id	27528
published	2007-10-24
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/27528
title	openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-4572)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update MozillaFirefox-4572. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(27528); script_version ("1.13"); script_cvs_date("Date: 2019/10/25 13:36:29"); script_cve_id("CVE-2006-2894", "CVE-2006-4965", "CVE-2007-1095", "CVE-2007-2292", "CVE-2007-3511", "CVE-2007-3844", "CVE-2007-3845", "CVE-2007-4841", "CVE-2007-5334", "CVE-2007-5337", "CVE-2007-5338", "CVE-2007-5339", "CVE-2007-5340"); script_name(english:"openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-4572)"); script_summary(english:"Check for the MozillaFirefox-4572 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update brings Mozilla Firefox to security update version 2.0.0.8 Following security problems were fixed : - MFSA 2007-26 / CVE-2007-3844: Privilege escalation through chrome-loaded about:blank windows Mozilla researcher moz_bug_r_a4 reported that a flaw was introduced by the fix for MFSA 2007-20 that could enable privilege escalation attacks against addons that create 'about:blank' windows and populate them in certain ways (including implicit 'about:blank' document creation through data: or javascript: URLs in a new window). - MFSA 2007-29: Crashes with evidence of memory corruption As part of the Firefox 2.0.0.8 update releases Mozilla developers fixed many bugs to improve the stability of the product. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. - CVE-2007-5339 Browser crashes - CVE-2007-5340 JavaScript engine crashes - MFSA 2007-30 / CVE-2007-1095: onUnload Tailgating Michal Zalewski demonstrated that onUnload event handlers had access to the address of the new page about to be loaded, even if the navigation was triggered from outside the page content such as by using a bookmark, pressing the back button, or typing an address into the location bar. If the bookmark contained sensitive information in the URL the attacking page might be able to take advantage of it. An attacking page would also be able to redirect the user, perhaps to a phishing page that looked like the site the user thought they were about to visit. - MFSA 2007-31 / CVE-2007-2292: Digest authentication request splitting Security researcher Stefano Di Paola reported that Firefox did not properly validate the user ID when making an HTTP request using Digest Authentication to log into a website. A malicious page could abuse this to inject arbitrary HTTP headers by including a newline character in the user ID followed by the injected header data. If the user were connecting through a proxy the attacker could inject headers that a proxy would interpret as two separate requests for different hosts. - MFSA 2007-32 / CVE-2007-3511 / CVE-2006-2894: File input focus stealing vulnerability A user on the Sla.ckers.org forums named hong reported that a file upload control could be filled programmatically by switching page focus to the label before a file upload form control for selected keyboard events. An attacker could use this trick to steal files from the users' computer if the attacker knew the full pathnames to the desired fileis and could create a pretext that would convince the user to type long enough to produce all the necessary characters. - MFSA 2007-33 / CVE-2007-5334: XUL pages can hide the window titlebar Mozilla developer Eli Friedman discovered that web pages written in the XUL markup language (rather than the usual HTML) can hide their window's titlebar. It may have been possible to abuse this ability to create more convincing spoof and phishing pages. - MFSA 2007-34 / CVE-2007-5337: Possible file stealing through sftp protocol On Linux machines with gnome-vfs support the smb: and sftp: URI schemes are available in Firefox. Georgi Guninski showed that if an attacker can store the attack page in a mutually accessible location on the target server (/tmp perhaps) and lure the victim into loading it, the attacker could potentially read any file owned by the victim from known locations on that server. - MFSA 2007-35 / CVE-2007-5338: XPCNativeWraper pollution using Script object Mozilla security researcher moz_bug_r_a4 reported that it was possible to use the Script object to modify XPCNativeWrappers in such a way that subsequent access by the browser chrome--such as by right-clicking to open a context menu--can cause attacker-supplied JavaScript to run with the same privileges as the user. This is similar to MFSA 2007-25 fixed in Firefox 2.0.0.5 Only Windows is affected by : - MFSA 2007-27 / CVE-2007-3845: Unescaped URIs passed to external programs This problem affects Windows only due to their handling of URI launchers. - MFSA 2007-28 / CVE-2006-4965: Code execution via QuickTime Media-link files Linux does not have .lnk files, nor Quicktime. Not affected. - MFSA 2007-36 / CVE-2007-4841 URIs with invalid %-encoding mishandled by Windows This problem does not affected Linux." ); script_set_attribute( attribute:"solution", value:"Update the affected MozillaFirefox packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_cwe_id(16, 20, 94, 200); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.3"); script_set_attribute(attribute:"patch_publication_date", value:"2007/10/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE10\.2\|SUSE10\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.2 / 10.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE10.2", reference:"MozillaFirefox-2.0.0.8-1.1") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"MozillaFirefox-translations-2.0.0.8-1.1") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"MozillaFirefox-2.0.0.8-1.1") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"MozillaFirefox-translations-2.0.0.8-1.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox"); }

NASL family	SuSE Local Security Checks
NASL id	SUSE_SEAMONKEY-4594.NASL
description	This update fixes several security issues in Mozilla SeaMonkey 1.1.5. Following security problems were fixed : - MFSA 2007-26 / CVE-2007-3844: Privilege escalation through chrome-loaded about:blank windows Mozilla researcher moz_bug_r_a4 reported that a flaw was introduced by the fix for MFSA 2007-20 that could enable privilege escalation attacks against addons that create
last seen	2020-06-01
modified	2020-06-02
plugin id	27573
published	2007-10-25
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/27573
title	openSUSE 10 Security Update : seamonkey (seamonkey-4594)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update seamonkey-4594. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(27573); script_version ("1.14"); script_cvs_date("Date: 2019/10/25 13:36:30"); script_cve_id("CVE-2006-2894", "CVE-2006-4965", "CVE-2007-1095", "CVE-2007-2292", "CVE-2007-3511", "CVE-2007-3844", "CVE-2007-3845", "CVE-2007-4841", "CVE-2007-5334", "CVE-2007-5337", "CVE-2007-5338", "CVE-2007-5339", "CVE-2007-5340"); script_name(english:"openSUSE 10 Security Update : seamonkey (seamonkey-4594)"); script_summary(english:"Check for the seamonkey-4594 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update fixes several security issues in Mozilla SeaMonkey 1.1.5. Following security problems were fixed : - MFSA 2007-26 / CVE-2007-3844: Privilege escalation through chrome-loaded about:blank windows Mozilla researcher moz_bug_r_a4 reported that a flaw was introduced by the fix for MFSA 2007-20 that could enable privilege escalation attacks against addons that create 'about:blank' windows and populate them in certain ways (including implicit 'about:blank' document creation through data: or javascript: URLs in a new window). - MFSA 2007-29: Crashes with evidence of memory corruption As part of the Firefox 2.0.0.8 update releases Mozilla developers fixed many bugs to improve the stability of the product. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. - CVE-2007-5339 Browser crashes - CVE-2007-5340 JavaScript engine crashes - MFSA 2007-30 / CVE-2007-1095: onUnload Tailgating Michal Zalewski demonstrated that onUnload event handlers had access to the address of the new page about to be loaded, even if the navigation was triggered from outside the page content such as by using a bookmark, pressing the back button, or typing an address into the location bar. If the bookmark contained sensitive information in the URL the attacking page might be able to take advantage of it. An attacking page would also be able to redirect the user, perhaps to a phishing page that looked like the site the user thought they were about to visit. - MFSA 2007-31 / CVE-2007-2292: Digest authentication request splitting Security researcher Stefano Di Paola reported that Firefox did not properly validate the user ID when making an HTTP request using Digest Authentication to log into a website. A malicious page could abuse this to inject arbitrary HTTP headers by including a newline character in the user ID followed by the injected header data. If the user were connecting through a proxy the attacker could inject headers that a proxy would interpret as two separate requests for different hosts. - MFSA 2007-32 / CVE-2007-3511 / CVE-2006-2894: File input focus stealing vulnerability A user on the Sla.ckers.org forums named hong reported that a file upload control could be filled programmatically by switching page focus to the label before a file upload form control for selected keyboard events. An attacker could use this trick to steal files from the users' computer if the attacker knew the full pathnames to the desired fileis and could create a pretext that would convince the user to type long enough to produce all the necessary characters. - MFSA 2007-33 / CVE-2007-5334: XUL pages can hide the window titlebar Mozilla developer Eli Friedman discovered that web pages written in the XUL markup language (rather than the usual HTML) can hide their window's titlebar. It may have been possible to abuse this ability to create more convincing spoof and phishing pages. - MFSA 2007-34 / CVE-2007-5337: Possible file stealing through sftp protocol On Linux machines with gnome-vfs support the smb: and sftp: URI schemes are available in Firefox. Georgi Guninski showed that if an attacker can store the attack page in a mutually accessible location on the target server (/tmp perhaps) and lure the victim into loading it, the attacker could potentially read any file owned by the victim from known locations on that server. - MFSA 2007-35 / CVE-2007-5338: XPCNativeWraper pollution using Script object Mozilla security researcher moz_bug_r_a4 reported that it was possible to use the Script object to modify XPCNativeWrappers in such a way that subsequent access by the browser chrome--such as by right-clicking to open a context menu--can cause attacker-supplied JavaScript to run with the same privileges as the user. This is similar to MFSA 2007-25 fixed in Firefox 2.0.0.5 Only Windows is affected by : - MFSA 2007-27 / CVE-2007-3845: Unescaped URIs passed to external programs This problem affects Windows only due to their handling of URI launchers. - MFSA 2007-28 / CVE-2006-4965: Code execution via QuickTime Media-link files Linux does not have .lnk files, nor Quicktime. Not affected. - MFSA 2007-36 / CVE-2007-4841 URIs with invalid %-encoding mishandled by Windows This problem does not affected Linux." ); script_set_attribute( attribute:"solution", value:"Update the affected seamonkey packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_cwe_id(16, 20, 94, 200); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-dom-inspector"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-irc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-mail"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-spellchecker"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:seamonkey-venkman"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.3"); script_set_attribute(attribute:"patch_publication_date", value:"2007/10/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE10\.2\|SUSE10\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.2 / 10.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE10.2", reference:"seamonkey-1.1.5-0.1") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"seamonkey-dom-inspector-1.1.5-0.1") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"seamonkey-irc-1.1.5-0.1") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"seamonkey-mail-1.1.5-0.1") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"seamonkey-spellchecker-1.1.5-0.1") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"seamonkey-venkman-1.1.5-0.1") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"seamonkey-1.1.5-0.1") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"seamonkey-dom-inspector-1.1.5-0.1") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"seamonkey-irc-1.1.5-0.1") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"seamonkey-mail-1.1.5-0.1") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"seamonkey-spellchecker-1.1.5-0.1") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"seamonkey-venkman-1.1.5-0.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "seamonkey"); }

NASL family	Windows
NASL id	MOZILLA_THUNDERBIRD_2009.NASL
description	The remote version of Mozilla Thunderbird is affected by some memory corruption issues that could result in remote code execution if JavaScript is enabled when viewing specially crafted messages.
last seen	2020-06-01
modified	2020-06-02
plugin id	28226
published	2007-11-16
reporter	This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/28226
title	Mozilla Thunderbird < 2.0.0.9 Multiple Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(28226); script_version("1.17"); script_cve_id("CVE-2007-4841", "CVE-2007-5339", "CVE-2007-5340"); script_bugtraq_id(26132); script_name(english:"Mozilla Thunderbird < 2.0.0.9 Multiple Vulnerabilities"); script_summary(english:"Checks version of Mozilla Thunderbird"); script_set_attribute(attribute:"synopsis", value: "The remote Windows host contains a mail client that is affected by multiple vulnerabilities." ); script_set_attribute(attribute:"description", value: "The remote version of Mozilla Thunderbird is affected by some memory corruption issues that could result in remote code execution if JavaScript is enabled when viewing specially crafted messages." ); script_set_attribute( attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-29/" ); script_set_attribute( attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-36/" ); script_set_attribute( attribute:"solution", value:"Upgrade to Mozilla Thunderbird 2.0.0.9 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(20); script_set_attribute(attribute:"plugin_publication_date", value: "2007/11/16"); script_set_attribute(attribute:"vuln_publication_date", value: "2007/09/01"); script_set_attribute(attribute:"patch_publication_date", value: "2007/10/18"); script_cvs_date("Date: 2018/07/16 14:09:15"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:thunderbird"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc."); script_dependencies("mozilla_org_installed.nasl"); script_require_keys("Mozilla/Thunderbird/Version"); exit(0); } include("mozilla_version.inc"); port = get_kb_item_or_exit("SMB/transport"); installs = get_kb_list("SMB/Mozilla/Thunderbird/*"); if (isnull(installs)) audit(AUDIT_NOT_INST, "Thunderbird"); mozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'2.0.0.9', min:'2.0', severity:SECURITY_HOLE);

NASL family	Slackware Local Security Checks
NASL id	SLACKWARE_SSA_2007-324-01.NASL
description	New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, and -current to fix security issues. Slackware is not vulnerable to either of these in its default configuration, but watch out if you
last seen	2020-06-01
modified	2020-06-02
plugin id	28294
published	2007-11-26
reporter	This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/28294
title	Slackware 10.2 / 11.0 / 12.0 / current : mozilla-thunderbird (SSA:2007-324-01)

NASL family	SuSE Local Security Checks
NASL id	SUSE_MOZILLAFIREFOX-4570.NASL
description	This update brings Mozilla Firefox to security update version 2.0.0.8 Following security problems were fixed : - Privilege escalation through chrome-loaded about:blank windows. (MFSA 2007-26 / CVE-2007-3844) Mozilla researcher moz_bug_r_a4 reported that a flaw was introduced by the fix for MFSA 2007-20 that could enable privilege escalation attacks against addons that create
last seen	2020-06-01
modified	2020-06-02
plugin id	29362
published	2007-12-13
reporter	This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/29362
title	SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 4570)

NASL family	SuSE Local Security Checks
NASL id	SUSE_MOZILLAFIREFOX-4574.NASL
description	This update brings Mozilla Firefox to security update version 2.0.0.8 Following security problems were fixed : - MFSA 2007-26 / CVE-2007-3844: Privilege escalation through chrome-loaded about:blank windows Mozilla researcher moz_bug_r_a4 reported that a flaw was introduced by the fix for MFSA 2007-20 that could enable privilege escalation attacks against addons that create
last seen	2020-06-01
modified	2020-06-02
plugin id	27529
published	2007-10-24
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/27529
title	openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-4574)

Statements

contributor	Joshua Bressers
lastmodified	2007-09-13
organization	Red Hat
statement	Not vulnerable. This flaw does not affect the Linux version of Firefox.

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Nessus

Statements

References