Vulnerabilities > CVE-2008-0419 - Resource Management Errors vulnerability in Mozilla Firefox and Seamonkey

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

mozilla

CWE-399

critical

nessus

NVD

Published: 2008-02-08

Updated: 2018-10-15

Summary

Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service (crash) via images in a page that uses designMode frames, which triggers memory corruption related to resize handles.

Vulnerable Configurations

Part	Description	Count
Application	Mozilla Mozilla Firefox - Mozilla Firefox 0.1 Mozilla Firefox 0.2 Mozilla Firefox 0.3 Mozilla Firefox 0.4 Mozilla Firefox 0.5 Mozilla Firefox 0.6 Mozilla Firefox 0.6.1 Mozilla Firefox 0.7 Mozilla Firefox 0.7.1 Mozilla Firefox 0.8 Mozilla Firefox 0.9 Mozilla Firefox 0.9.1 Mozilla Firefox 0.9.2 Mozilla Firefox 0.9.3 Mozilla Firefox 0.10 Mozilla Firefox 0.10.1 Mozilla Firefox 1.0 Mozilla Firefox 1.0.1 Mozilla Firefox 1.0.2 Mozilla Firefox 1.0.3 Mozilla Firefox 1.0.4 Mozilla Firefox 1.0.5 Mozilla Firefox 1.0.6 Mozilla Firefox 1.0.7 Mozilla Firefox 1.0.8 Mozilla Firefox 1.4.1 Mozilla Firefox 1.5 Mozilla Firefox 1.5.0.1 Mozilla Firefox 1.5.0.2 Mozilla Firefox 1.5.0.3 Mozilla Firefox 1.5.0.4 Mozilla Firefox 1.5.0.5 Mozilla Firefox 1.5.0.6 Mozilla Firefox 1.5.0.7 Mozilla Firefox 1.5.0.8 Mozilla Firefox 1.5.0.9 Mozilla Firefox 1.5.0.10 Mozilla Firefox 1.5.0.11 Mozilla Firefox 1.5.0.12 Mozilla Firefox 1.5.1 Mozilla Firefox 1.5.2 Mozilla Firefox 1.5.3 Mozilla Firefox 1.5.4 Mozilla Firefox 1.5.5 Mozilla Firefox 1.5.6 Mozilla Firefox 1.5.7 Mozilla Firefox 1.5.8 Mozilla Firefox 1.8 Mozilla Firefox 2.0 Mozilla Firefox 2.0.0.1 Mozilla Firefox 2.0.0.2 Mozilla Firefox 2.0.0.3 Mozilla Firefox 2.0.0.4 Mozilla Firefox 2.0.0.5 Mozilla Firefox 2.0.0.6 Mozilla Firefox 2.0.0.7 Mozilla Firefox 2.0.0.8 Mozilla Firefox 2.0.0.9 Mozilla Firefox 2.0.0.10 Mozilla Firefox 2.0.0.11 Mozilla Seamonkey - Mozilla Seamonkey 1.0 Mozilla Seamonkey 1.0.1 Mozilla Seamonkey 1.0.2 Mozilla Seamonkey 1.0.3 Mozilla Seamonkey 1.0.4 Mozilla Seamonkey 1.0.5 Mozilla Seamonkey 1.0.6 Mozilla Seamonkey 1.0.7 Mozilla Seamonkey 1.0.8 Mozilla Seamonkey 1.0.9 Mozilla Seamonkey 1.1 Mozilla Seamonkey 1.1.1 Mozilla Seamonkey 1.1.2 Mozilla Seamonkey 1.1.3 Mozilla Seamonkey 1.1.4 Mozilla Seamonkey 1.1.5 Mozilla Seamonkey 1.1.6 Mozilla Seamonkey 1.1.7	90

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Nessus

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20080207_FIREFOX_ON_SL4_X.NASL
description	Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Firefox displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418) A flaw was found in the way Firefox saves certain text files. If a website offers a file of type
last seen	2020-06-01
modified	2020-06-02
plugin id	60355
published	2012-08-01
reporter	This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/60355
title	Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(60355); script_version("1.7"); script_cvs_date("Date: 2019/10/25 13:36:17"); script_cve_id("CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"); script_name(english:"Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Firefox displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418) A flaw was found in the way Firefox saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', Firefox will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content. (CVE-2008-0592)" ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0802&L=scientific-linux-errata&T=0&P=440 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?f55ac814" ); script_set_attribute( attribute:"solution", value:"Update the affected firefox and / or firefox-devel packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_cwe_id(22, 79, 94, 200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2008/02/08"); script_set_attribute(attribute:"patch_publication_date", value:"2008/02/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL4", reference:"firefox-1.5.0.12-0.10.el4")) flag++; if (rpm_check(release:"SL5", reference:"firefox-1.5.0.12-9.el5")) flag++; if (rpm_check(release:"SL5", reference:"firefox-devel-1.5.0.12-9.el5")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-1485.NASL
description	Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0412 Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul Nickerson discovered crashes in the layout engine, which might allow the execution of arbitrary code. - CVE-2008-0413 Carsten Book, Wesley Garland, Igor Bukanov,
last seen	2020-06-01
modified	2020-06-02
plugin id	30225
published	2008-02-11
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/30225
title	Debian DSA-1485-2 : icedove - several vulnerabilities
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-1485. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(30225); script_version("1.21"); script_cvs_date("Date: 2019/08/02 13:32:21"); script_cve_id("CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593", "CVE-2008-0594"); script_bugtraq_id(27406, 27683); script_xref(name:"DSA", value:"1485"); script_name(english:"Debian DSA-1485-2 : icedove - several vulnerabilities"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0412 Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul Nickerson discovered crashes in the layout engine, which might allow the execution of arbitrary code. - CVE-2008-0413 Carsten Book, Wesley Garland, Igor Bukanov, 'moz_bug_r_a4', 'shutdown', Philip Taylor and 'tgirmann' discovered crashes in the JavaScript engine, which might allow the execution of arbitrary code. - CVE-2008-0415 'moz_bug_r_a4' and Boris Zbarsky discovered several vulnerabilities in JavaScript handling, which could allow privilege escalation. - CVE-2008-0418 Gerry Eisenhaur and 'moz_bug_r_a4' discovered that a directory traversal vulnerability in chrome: URI handling could lead to information disclosure. - CVE-2008-0419 David Bloom discovered a race condition in the image handling of designMode elements, which can lead to information disclosure and potentially the execution of arbitrary code. - CVE-2008-0591 Michal Zalewski discovered that timers protecting security-sensitive dialogs (by disabling dialog elements until a timeout is reached) could be bypassed by window focus changes through JavaScript. The Mozilla products from the old stable distribution (sarge) are no longer supported with security updates." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2008-0412" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2008-0413" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2008-0415" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2008-0418" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2008-0419" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2008-0591" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2008/dsa-1485" ); script_set_attribute( attribute:"solution", value: "Upgrade the icedove packages. For the stable distribution (etch), these problems have been fixed in version 1.5.0.13+1.5.0.15b.dfsg1-0etch2." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(20, 22, 79, 94, 200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:icedove"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:4.0"); script_set_attribute(attribute:"patch_publication_date", value:"2008/02/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/02/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"4.0", prefix:"icedove", reference:"1.5.0.13+1.5.0.15b.dfsg1-0etch2")) flag++; if (deb_check(release:"4.0", prefix:"icedove-dbg", reference:"1.5.0.13+1.5.0.15b.dfsg1-0etch2")) flag++; if (deb_check(release:"4.0", prefix:"icedove-dev", reference:"1.5.0.13+1.5.0.15b.dfsg1-0etch2")) flag++; if (deb_check(release:"4.0", prefix:"icedove-gnome-support", reference:"1.5.0.13+1.5.0.15b.dfsg1-0etch2")) flag++; if (deb_check(release:"4.0", prefix:"icedove-inspector", reference:"1.5.0.13+1.5.0.15b.dfsg1-0etch2")) flag++; if (deb_check(release:"4.0", prefix:"icedove-typeaheadfind", reference:"1.5.0.13+1.5.0.15b.dfsg1-0etch2")) flag++; if (deb_check(release:"4.0", prefix:"mozilla-thunderbird", reference:"1.5.0.13+1.5.0.15a.dfsg1-0etch2")) flag++; if (deb_check(release:"4.0", prefix:"mozilla-thunderbird-dev", reference:"1.5.0.13+1.5.0.15a.dfsg1-0etch2")) flag++; if (deb_check(release:"4.0", prefix:"mozilla-thunderbird-inspector", reference:"1.5.0.13+1.5.0.15a.dfsg1-0etch2")) flag++; if (deb_check(release:"4.0", prefix:"mozilla-thunderbird-typeaheadfind", reference:"1.5.0.13+1.5.0.15b.dfsg1-0etch2")) flag++; if (deb_check(release:"4.0", prefix:"thunderbird", reference:"1.5.0.13+1.5.0.15b.dfsg1-0etch2")) flag++; if (deb_check(release:"4.0", prefix:"thunderbird-dbg", reference:"1.5.0.13+1.5.0.15a.dfsg1-0etch2")) flag++; if (deb_check(release:"4.0", prefix:"thunderbird-dev", reference:"1.5.0.13+1.5.0.15a.dfsg1-0etch2")) flag++; if (deb_check(release:"4.0", prefix:"thunderbird-gnome-support", reference:"1.5.0.13+1.5.0.15b.dfsg1-0etch2")) flag++; if (deb_check(release:"4.0", prefix:"thunderbird-inspector", reference:"1.5.0.13+1.5.0.15a.dfsg1-0etch2")) flag++; if (deb_check(release:"4.0", prefix:"thunderbird-typeaheadfind", reference:"1.5.0.13+1.5.0.15b.dfsg1-0etch2")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-200805-18.NASL
description	The remote host is affected by the vulnerability described in GLSA-200805-18 (Mozilla products: Multiple vulnerabilities) The following vulnerabilities were reported in all mentioned Mozilla products: Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren, and Paul Nickerson reported browser crashes related to JavaScript methods, possibly triggering memory corruption (CVE-2008-0412). Carsten Book, Wesley Garland, Igor Bukanov, moz_bug_r_a4, shutdown, Philip Taylor, and tgirmann reported crashes in the JavaScript engine, possibly triggering memory corruption (CVE-2008-0413). David Bloom discovered a vulnerability in the way images are treated by the browser when a user leaves a page, possibly triggering memory corruption (CVE-2008-0419). moz_bug_r_a4, Boris Zbarsky, and Johnny Stenback reported a series of privilege escalation vulnerabilities related to JavaScript (CVE-2008-1233, CVE-2008-1234, CVE-2008-1235). Mozilla developers identified browser crashes caused by the layout and JavaScript engines, possibly triggering memory corruption (CVE-2008-1236, CVE-2008-1237). moz_bug_r_a4 and Boris Zbarsky discovered that pages could escape from its sandboxed context and run with chrome privileges, and inject script content into another site, violating the browser
last seen	2020-06-01
modified	2020-06-02
plugin id	32416
published	2008-05-22
reporter	This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/32416
title	GLSA-200805-18 : Mozilla products: Multiple vulnerabilities
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 200805-18. # # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(32416); script_version("1.20"); script_cvs_date("Date: 2019/08/02 13:32:45"); script_cve_id("CVE-2007-4879", "CVE-2008-0304", "CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593", "CVE-2008-0594", "CVE-2008-1233", "CVE-2008-1234", "CVE-2008-1235", "CVE-2008-1236", "CVE-2008-1237", "CVE-2008-1238", "CVE-2008-1240", "CVE-2008-1241", "CVE-2008-1380"); script_xref(name:"GLSA", value:"200805-18"); script_name(english:"GLSA-200805-18 : Mozilla products: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-200805-18 (Mozilla products: Multiple vulnerabilities) The following vulnerabilities were reported in all mentioned Mozilla products: Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren, and Paul Nickerson reported browser crashes related to JavaScript methods, possibly triggering memory corruption (CVE-2008-0412). Carsten Book, Wesley Garland, Igor Bukanov, moz_bug_r_a4, shutdown, Philip Taylor, and tgirmann reported crashes in the JavaScript engine, possibly triggering memory corruption (CVE-2008-0413). David Bloom discovered a vulnerability in the way images are treated by the browser when a user leaves a page, possibly triggering memory corruption (CVE-2008-0419). moz_bug_r_a4, Boris Zbarsky, and Johnny Stenback reported a series of privilege escalation vulnerabilities related to JavaScript (CVE-2008-1233, CVE-2008-1234, CVE-2008-1235). Mozilla developers identified browser crashes caused by the layout and JavaScript engines, possibly triggering memory corruption (CVE-2008-1236, CVE-2008-1237). moz_bug_r_a4 and Boris Zbarsky discovered that pages could escape from its sandboxed context and run with chrome privileges, and inject script content into another site, violating the browser's same origin policy (CVE-2008-0415). Gerry Eisenhaur discovered a directory traversal vulnerability when using 'flat' addons (CVE-2008-0418). Alexey Proskuryakov, Yosuke Hasegawa and Simon Montagu reported multiple character handling flaws related to the backspace character, the '0x80' character, involving zero-length non-ASCII sequences in multiple character sets, that could facilitate Cross-Site Scripting attacks (CVE-2008-0416). The following vulnerability was reported in Thunderbird and SeaMonkey: regenrecht (via iDefense) reported a heap-based buffer overflow when rendering an email message with an external MIME body (CVE-2008-0304). The following vulnerabilities were reported in Firefox, SeaMonkey and XULRunner: The fix for CVE-2008-1237 in Firefox 2.0.0.13 and SeaMonkey 1.1.9 introduced a new crash vulnerability (CVE-2008-1380). hong and Gregory Fleischer each reported a variant on earlier reported bugs regarding focus shifting in file input controls (CVE-2008-0414). Gynvael Coldwind (Vexillium) discovered that BMP images could be used to reveal uninitialized memory, and that this data could be extracted using a 'canvas' feature (CVE-2008-0420). Chris Thomas reported that background tabs could create a borderless XUL pop-up in front of pages in other tabs (CVE-2008-1241). oo.rio.oo discovered that a plain text file with a 'Content-Disposition: attachment' prevents Firefox from rendering future plain text files within the browser (CVE-2008-0592). Martin Straka reported that the '.href' property of stylesheet DOM nodes is modified to the final URI of a 302 redirect, bypassing the same origin policy (CVE-2008-0593). Gregory Fleischer discovered that under certain circumstances, leading characters from the hostname part of the 'Referer:' HTTP header are removed (CVE-2008-1238). Peter Brodersen and Alexander Klink reported that the browser automatically selected and sent a client certificate when SSL Client Authentication is requested by a server (CVE-2007-4879). Gregory Fleischer reported that web content fetched via the 'jar:' protocol was not subject to network access restrictions (CVE-2008-1240). The following vulnerabilities were reported in Firefox: Justin Dolske discovered a CRLF injection vulnerability when storing passwords (CVE-2008-0417). Michal Zalewski discovered that Firefox does not properly manage a delay timer used in confirmation dialogs (CVE-2008-0591). Emil Ljungdahl and Lars-Olof Moilanen discovered that a web forgery warning dialog is not displayed if the entire contents of a web page are in a DIV tag that uses absolute positioning (CVE-2008-0594). Impact : A remote attacker could entice a user to view a specially crafted web page or email that will trigger one of the vulnerabilities, possibly leading to the execution of arbitrary code or a Denial of Service. It is also possible for an attacker to trick a user to upload arbitrary files when submitting a form, to corrupt saved passwords for other sites, to steal login credentials, or to conduct Cross-Site Scripting and Cross-Site Request Forgery attacks. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/200805-18" ); script_set_attribute( attribute:"solution", value: "All Mozilla Firefox users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-2.0.0.14' All Mozilla Firefox binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-bin-2.0.0.14' All Mozilla Thunderbird users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-2.0.0.14' All Mozilla Thunderbird binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-bin-2.0.0.14' All SeaMonkey users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/seamonkey-1.1.9-r1' All SeaMonkey binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/seamonkey-bin-1.1.9' All XULRunner users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-libs/xulrunner-1.8.1.14' NOTE: The crash vulnerability (CVE-2008-1380) is currently unfixed in the SeaMonkey binary ebuild, as no precompiled packages have been released. Until an update is available, we recommend all SeaMonkey users to disable JavaScript, use Firefox for JavaScript-enabled browsing, or switch to the SeaMonkey source ebuild." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(20, 22, 59, 79, 94, 119, 200, 287, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:mozilla-firefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:mozilla-firefox-bin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:mozilla-thunderbird"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:mozilla-thunderbird-bin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:seamonkey"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:seamonkey-bin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:xulrunner"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2008/05/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/05/22"); script_set_attribute(attribute:"vuln_publication_date", value:"2007/09/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"www-client/mozilla-firefox-bin", unaffected:make_list("ge 2.0.0.14"), vulnerable:make_list("lt 2.0.0.14"))) flag++; if (qpkg_check(package:"www-client/seamonkey-bin", unaffected:make_list("ge 1.1.9"), vulnerable:make_list("lt 1.1.9"))) flag++; if (qpkg_check(package:"mail-client/mozilla-thunderbird-bin", unaffected:make_list("ge 2.0.0.14"), vulnerable:make_list("lt 2.0.0.14"))) flag++; if (qpkg_check(package:"www-client/seamonkey", unaffected:make_list("ge 1.1.9-r1"), vulnerable:make_list("lt 1.1.9-r1"))) flag++; if (qpkg_check(package:"mail-client/mozilla-thunderbird", unaffected:make_list("ge 2.0.0.14"), vulnerable:make_list("lt 2.0.0.14"))) flag++; if (qpkg_check(package:"net-libs/xulrunner", unaffected:make_list("ge 1.8.1.14"), vulnerable:make_list("lt 1.8.1.14"))) flag++; if (qpkg_check(package:"www-client/mozilla-firefox", unaffected:make_list("ge 2.0.0.14"), vulnerable:make_list("lt 2.0.0.14"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Mozilla products"); }

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2008-0104.NASL
description	Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed web content. A webpage containing malicious content could cause SeaMonkey to crash, or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way SeaMonkey displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way SeaMonkey stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way SeaMonkey handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of SeaMonkey. (CVE-2008-0418) A flaw was found in the way SeaMonkey saves certain text files. If a website offers a file of type
last seen	2020-06-01
modified	2020-06-02
plugin id	30221
published	2008-02-11
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/30221
title	CentOS 3 / 4 : seamonkey (CESA-2008:0104)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2008:0104 and # CentOS Errata and Security Advisory 2008:0104 respectively. # include("compat.inc"); if (description) { script_id(30221); script_version("1.19"); script_cvs_date("Date: 2019/10/25 13:36:04"); script_cve_id("CVE-2008-0304", "CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"); script_bugtraq_id(24293, 27406, 27683); script_xref(name:"RHSA", value:"2008:0104"); script_name(english:"CentOS 3 / 4 : seamonkey (CESA-2008:0104)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed web content. A webpage containing malicious content could cause SeaMonkey to crash, or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way SeaMonkey displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way SeaMonkey stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way SeaMonkey handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of SeaMonkey. (CVE-2008-0418) A flaw was found in the way SeaMonkey saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', SeaMonkey will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of SeaMonkey are advised to upgrade to these updated packages, which contain backported patches to resolve these issues." ); # https://lists.centos.org/pipermail/centos-announce/2008-February/014661.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?1b615239" ); # https://lists.centos.org/pipermail/centos-announce/2008-February/014662.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?43cc2832" ); # https://lists.centos.org/pipermail/centos-announce/2008-February/014667.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?2634875c" ); # https://lists.centos.org/pipermail/centos-announce/2008-February/014668.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?212996e0" ); # https://lists.centos.org/pipermail/centos-announce/2008-February/014673.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?15f721aa" ); # https://lists.centos.org/pipermail/centos-announce/2008-February/014674.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?ecf7b57f" ); script_set_attribute( attribute:"solution", value:"Update the affected seamonkey packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(22, 79, 94, 119, 200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-chat"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-dom-inspector"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-js-debugger"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-mail"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-nspr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-nspr-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-nss"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:seamonkey-nss-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:3"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4"); script_set_attribute(attribute:"vuln_publication_date", value:"2008/02/08"); script_set_attribute(attribute:"patch_publication_date", value:"2008/02/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/02/11"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) \|\| "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^(3\|4)([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 3.x / 4.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-3", reference:"seamonkey-1.0.9-0.9.el3.centos3")) flag++; if (rpm_check(release:"CentOS-3", reference:"seamonkey-chat-1.0.9-0.9.el3.centos3")) flag++; if (rpm_check(release:"CentOS-3", reference:"seamonkey-devel-1.0.9-0.9.el3.centos3")) flag++; if (rpm_check(release:"CentOS-3", reference:"seamonkey-dom-inspector-1.0.9-0.9.el3.centos3")) flag++; if (rpm_check(release:"CentOS-3", reference:"seamonkey-js-debugger-1.0.9-0.9.el3.centos3")) flag++; if (rpm_check(release:"CentOS-3", reference:"seamonkey-mail-1.0.9-0.9.el3.centos3")) flag++; if (rpm_check(release:"CentOS-3", reference:"seamonkey-nspr-1.0.9-0.9.el3.centos3")) flag++; if (rpm_check(release:"CentOS-3", reference:"seamonkey-nspr-devel-1.0.9-0.9.el3.centos3")) flag++; if (rpm_check(release:"CentOS-3", reference:"seamonkey-nss-1.0.9-0.9.el3.centos3")) flag++; if (rpm_check(release:"CentOS-3", reference:"seamonkey-nss-devel-1.0.9-0.9.el3.centos3")) flag++; if (rpm_check(release:"CentOS-4", reference:"seamonkey-1.0.9-9.el4.centos")) flag++; if (rpm_check(release:"CentOS-4", reference:"seamonkey-chat-1.0.9-9.el4.centos")) flag++; if (rpm_check(release:"CentOS-4", reference:"seamonkey-devel-1.0.9-9.el4.centos")) flag++; if (rpm_check(release:"CentOS-4", reference:"seamonkey-dom-inspector-1.0.9-9.el4.centos")) flag++; if (rpm_check(release:"CentOS-4", reference:"seamonkey-js-debugger-1.0.9-9.el4.centos")) flag++; if (rpm_check(release:"CentOS-4", reference:"seamonkey-mail-1.0.9-9.el4.centos")) flag++; if (rpm_check(release:"CentOS-4", reference:"seamonkey-nspr-1.0.9-9.el4.centos")) flag++; if (rpm_check(release:"CentOS-4", reference:"seamonkey-nspr-devel-1.0.9-9.el4.centos")) flag++; if (rpm_check(release:"CentOS-4", reference:"seamonkey-nss-1.0.9-9.el4.centos")) flag++; if (rpm_check(release:"CentOS-4", reference:"seamonkey-nss-devel-1.0.9-9.el4.centos")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "seamonkey / seamonkey-chat / seamonkey-devel / etc"); }

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2008-0103.NASL
description	Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Firefox displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418) A flaw was found in the way Firefox saves certain text files. If a website offers a file of type
last seen	2020-06-01
modified	2020-06-02
plugin id	30245
published	2008-02-11
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/30245
title	RHEL 4 / 5 : firefox (RHSA-2008:0103)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2008:0103. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(30245); script_version ("1.26"); script_cvs_date("Date: 2019/10/25 13:36:13"); script_cve_id("CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"); script_bugtraq_id(24293, 27406, 27683); script_xref(name:"RHSA", value:"2008:0103"); script_name(english:"RHEL 4 / 5 : firefox (RHSA-2008:0103)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Firefox displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418) A flaw was found in the way Firefox saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', Firefox will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of firefox are advised to upgrade to these updated packages, which contain backported patches to resolve these issues." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2008-0412" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2008-0413" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2008-0415" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2008-0416" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2008-0417" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2008-0418" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2008-0419" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2008-0420" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2008-0591" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2008-0592" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2008-0593" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2008:0103" ); script_set_attribute( attribute:"solution", value:"Update the affected firefox and / or firefox-devel packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(22, 79, 94, 200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:firefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:firefox-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.1"); script_set_attribute(attribute:"vuln_publication_date", value:"2008/02/08"); script_set_attribute(attribute:"patch_publication_date", value:"2008/02/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/02/11"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^(4\|5)([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x / 5.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2008:0103"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL4", reference:"firefox-1.5.0.12-0.10.el4")) flag++; if (rpm_check(release:"RHEL5", reference:"firefox-1.5.0.12-9.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"firefox-devel-1.5.0.12-9.el5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "firefox / firefox-devel"); } }

NASL family	SuSE Local Security Checks
NASL id	SUSE_MOZILLATHUNDERBIRD-5095.NASL
description	This update brings Mozilla Thunderbird to security fix level of version 2.0.0.12 Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA 2008-08/CVE-2008-0591 File action dialog tampering - MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing - MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI - MFSA 2008-04/CVE-2008-0417 Stored password corruption - MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities - MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory corruption (rv:1.8.1.12)
last seen	2020-06-01
modified	2020-06-02
plugin id	31620
published	2008-03-19
reporter	This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/31620
title	openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-5095)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update MozillaThunderbird-5095. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(31620); script_version ("1.11"); script_cvs_date("Date: 2019/10/25 13:36:31"); script_cve_id("CVE-2008-0412", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593", "CVE-2008-0594"); script_name(english:"openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-5095)"); script_summary(english:"Check for the MozillaThunderbird-5095 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update brings Mozilla Thunderbird to security fix level of version 2.0.0.12 Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA 2008-08/CVE-2008-0591 File action dialog tampering - MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing - MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI - MFSA 2008-04/CVE-2008-0417 Stored password corruption - MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities - MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory corruption (rv:1.8.1.12)" ); script_set_attribute( attribute:"solution", value:"Update the affected MozillaThunderbird packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_cwe_id(20, 22, 79, 94, 200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.2"); script_set_attribute(attribute:"patch_publication_date", value:"2008/03/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/03/19"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE10\.1\|SUSE10\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.1 / 10.2", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE10.1", reference:"MozillaThunderbird-1.5.0.14-0.3") ) flag++; if ( rpm_check(release:"SUSE10.1", reference:"MozillaThunderbird-translations-1.5.0.14-0.3") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"MozillaThunderbird-1.5.0.14-0.3") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"MozillaThunderbird-translations-1.5.0.14-0.3") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaThunderbird"); }

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2008-2060.NASL
description	Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way Thunderbird processed certain malformed HTML mail content. A HTML mail message containing malicious content could cause Thunderbird to crash, or potentially execute arbitrary code as the user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Thunderbird displayed malformed HTML mail content. A HTML mail message containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Thunderbird handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious HTML mail message to steal sensitive session data. Note: this flaw does not affect a default installation of Thunderbird. (CVE-2008-0418) Note: JavaScript support is disabled by default in Thunderbird; the above issues are not exploitable unless JavaScript is enabled. A flaw was found in the way Thunderbird saves certain text files. If a remote site offers a file of type
last seen	2020-06-01
modified	2020-06-02
plugin id	31314
published	2008-02-29
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/31314
title	Fedora 8 : thunderbird-2.0.0.12-1.fc8 (2008-2060)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2008-2060. # include("compat.inc"); if (description) { script_id(31314); script_version ("1.19"); script_cvs_date("Date: 2019/08/02 13:32:27"); script_cve_id("CVE-2008-0304", "CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"); script_bugtraq_id(27406, 27683, 28012); script_xref(name:"FEDORA", value:"2008-2060"); script_name(english:"Fedora 8 : thunderbird-2.0.0.12-1.fc8 (2008-2060)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way Thunderbird processed certain malformed HTML mail content. A HTML mail message containing malicious content could cause Thunderbird to crash, or potentially execute arbitrary code as the user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Thunderbird displayed malformed HTML mail content. A HTML mail message containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Thunderbird handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious HTML mail message to steal sensitive session data. Note: this flaw does not affect a default installation of Thunderbird. (CVE-2008-0418) Note: JavaScript support is disabled by default in Thunderbird; the above issues are not exploitable unless JavaScript is enabled. A flaw was found in the way Thunderbird saves certain text files. If a remote site offers a file of type 'plain/text', rather than 'text/plain', Thunderbird will not show future 'text/plain' content to the user, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of thunderbird are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431732" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431733" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431739" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431748" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431749" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431750" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431751" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431752" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431756" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=435123" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/008286.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?9a0a8007" ); script_set_attribute( attribute:"solution", value:"Update the affected thunderbird package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(22, 79, 119, 200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:thunderbird"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:8"); script_set_attribute(attribute:"vuln_publication_date", value:"2008/02/08"); script_set_attribute(attribute:"patch_publication_date", value:"2008/02/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/02/29"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^8([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 8.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC8", reference:"thunderbird-2.0.0.12-1.fc8")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "thunderbird"); }

NASL family	Windows
NASL id	SEAMONKEY_118.NASL
description	The installed version of SeaMonkey is affected by various security issues : - Several stability bugs leading to crashes which, in some cases, show traces of memory corruption - Several file input focus stealing vulnerabilities that could result in uploading of arbitrary files provided their full path and file names are known. - Several issues that allow scripts from page content to escape from their sandboxed context and/or run with chrome privileges, resulting in privilege escalation, XSS, and/or remote code execution. - A directory traversal vulnerability via the
last seen	2020-06-01
modified	2020-06-02
plugin id	30210
published	2008-02-08
reporter	This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/30210
title	SeaMonkey < 1.1.8 Multiple Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(30210); script_version("1.21"); script_cve_id("CVE-2008-0304", "CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0592", "CVE-2008-0593"); script_bugtraq_id(27406, 27683, 27826, 28012, 29303); script_name(english:"SeaMonkey < 1.1.8 Multiple Vulnerabilities"); script_summary(english:"Checks version of SeaMonkey"); script_set_attribute(attribute:"synopsis", value: "A web browser on the remote host is affected by multiple vulnerabilities." ); script_set_attribute(attribute:"description", value: "The installed version of SeaMonkey is affected by various security issues : - Several stability bugs leading to crashes which, in some cases, show traces of memory corruption - Several file input focus stealing vulnerabilities that could result in uploading of arbitrary files provided their full path and file names are known. - Several issues that allow scripts from page content to escape from their sandboxed context and/or run with chrome privileges, resulting in privilege escalation, XSS, and/or remote code execution. - A directory traversal vulnerability via the 'chrome:' URI. - A vulnerability involving 'designMode' frames that may result in web browsing history and forward navigation stealing. - An information disclosure issue in the BMP decoder. - Mis-handling of locally-saved plaintext files. - Possible disclosure of sensitive URL parameters, such as session tokens, via the .href property of stylesheet DOM nodes reflecting the final URI of the stylesheet after following any 302 redirects. - A heap-based buffer overflow that can be triggered when viewing an email with an external MIME body. - Multiple cross-site scripting vulnerabilities related to character encoding." ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2008-01/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2008-02/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2008-03/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2008-05/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2008-06/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2008-07/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2008-09/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2008-10/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2008-12/" ); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2008-13/" ); script_set_attribute(attribute:"solution", value: "Upgrade to SeaMonkey 1.1.8 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(20, 22, 79, 119, 200, 399); script_set_attribute(attribute:"plugin_publication_date", value: "2008/02/08"); script_cvs_date("Date: 2018/07/27 18:38:15"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:seamonkey"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc."); script_dependencies("mozilla_org_installed.nasl"); script_require_keys("SeaMonkey/Version"); exit(0); } include("mozilla_version.inc"); port = get_kb_item("SMB/transport"); if (!port) port = 445; installs = get_kb_list("SMB/SeaMonkey/*"); if (isnull(installs)) audit(AUDIT_NOT_INST, "SeaMonkey"); mozilla_check_version(installs:installs, product:'seamonkey', fix:'1.1.8', severity:SECURITY_HOLE);

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2008-0105.NASL
description	From Red Hat Security Advisory 2008:0105 : Updated thunderbird packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. [Updated 27th February 2008] The erratum text has been updated to include the details of additional issues that were fixed by these erratum packages, but which were not public at the time of release. No changes have been made to the packages. Mozilla Thunderbird is a standalone mail and newsgroup client. A heap-based buffer overflow flaw was found in the way Thunderbird processed messages with external-body Multipurpose Internet Message Extensions (MIME) types. A HTML mail message containing malicious content could cause Thunderbird to execute arbitrary code as the user running Thunderbird. (CVE-2008-0304) Several flaws were found in the way Thunderbird processed certain malformed HTML mail content. A HTML mail message containing malicious content could cause Thunderbird to crash, or potentially execute arbitrary code as the user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Thunderbird displayed malformed HTML mail content. A HTML mail message containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0420, CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Thunderbird handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious HTML mail message to steal sensitive session data. Note: this flaw does not affect a default installation of Thunderbird. (CVE-2008-0418) Note: JavaScript support is disabled by default in Thunderbird; the above issues are not exploitable unless JavaScript is enabled. A flaw was found in the way Thunderbird saves certain text files. If a remote site offers a file of type
last seen	2020-06-01
modified	2020-06-02
plugin id	67649
published	2013-07-12
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/67649
title	Oracle Linux 4 : thunderbird (ELSA-2008-0105)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2008:0105 and # Oracle Linux Security Advisory ELSA-2008-0105 respectively. # include("compat.inc"); if (description) { script_id(67649); script_version("1.12"); script_cvs_date("Date: 2019/10/25 13:36:07"); script_cve_id("CVE-2008-0304", "CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"); script_bugtraq_id(24293, 27406, 27683, 28012); script_xref(name:"RHSA", value:"2008:0105"); script_name(english:"Oracle Linux 4 : thunderbird (ELSA-2008-0105)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing a security update." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2008:0105 : Updated thunderbird packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. [Updated 27th February 2008] The erratum text has been updated to include the details of additional issues that were fixed by these erratum packages, but which were not public at the time of release. No changes have been made to the packages. Mozilla Thunderbird is a standalone mail and newsgroup client. A heap-based buffer overflow flaw was found in the way Thunderbird processed messages with external-body Multipurpose Internet Message Extensions (MIME) types. A HTML mail message containing malicious content could cause Thunderbird to execute arbitrary code as the user running Thunderbird. (CVE-2008-0304) Several flaws were found in the way Thunderbird processed certain malformed HTML mail content. A HTML mail message containing malicious content could cause Thunderbird to crash, or potentially execute arbitrary code as the user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Thunderbird displayed malformed HTML mail content. A HTML mail message containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0420, CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Thunderbird handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious HTML mail message to steal sensitive session data. Note: this flaw does not affect a default installation of Thunderbird. (CVE-2008-0418) Note: JavaScript support is disabled by default in Thunderbird; the above issues are not exploitable unless JavaScript is enabled. A flaw was found in the way Thunderbird saves certain text files. If a remote site offers a file of type 'plain/text', rather than 'text/plain', Thunderbird will not show future 'text/plain' content to the user, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of thunderbird are advised to upgrade to these updated packages, which contain backported patches to resolve these issues." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2008-February/000511.html" ); script_set_attribute( attribute:"solution", value:"Update the affected thunderbird package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(22, 79, 119, 200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:thunderbird"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:4"); script_set_attribute(attribute:"vuln_publication_date", value:"2008/02/08"); script_set_attribute(attribute:"patch_publication_date", value:"2008/02/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| !pregmatch(pattern: "Oracle (?:Linux Server\|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server\|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^4([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 4", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL4", cpu:"i386", reference:"thunderbird-1.5.0.12-8.el4.0.1")) flag++; if (rpm_check(release:"EL4", cpu:"x86_64", reference:"thunderbird-1.5.0.12-8.el4.0.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "thunderbird"); }

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2008-1669.NASL
description	- Fri Feb 8 2008 Kai Engert <kengert at redhat.com> - 1.1.8-1 - SeaMonkey 1.1.8 - Sun Dec 2 2007 Kai Engert <kengert at redhat.com> - 1.1.7-1 - SeaMonkey 1.1.7 - Mon Nov 5 2007 Kai Engert <kengert at redhat.com> - 1.1.6-1 - SeaMonkey 1.1.6 - Fri Oct 19 2007 Kai Engert <kengert at redhat.com> - 1.1.5-1 - SeaMonkey 1.1.5 - Fri Jul 27 2007 Martin Stransky <stransky at redhat.com> - 1.1.3-2 - added pango patches - Fri Jul 20 2007 Kai Engert <kengert at redhat.com> - 1.1.3-1 - SeaMonkey 1.1.3 - Thu May 31 2007 Kai Engert <kengert at redhat.com> 1.1.2-1 - SeaMonkey 1.1.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	31080
published	2008-02-14
reporter	This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/31080
title	Fedora 7 : seamonkey-1.1.8-1.fc7 (2008-1669)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2008-1669. # include("compat.inc"); if (description) { script_id(31080); script_version ("1.14"); script_cvs_date("Date: 2019/08/02 13:32:27"); script_cve_id("CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"); script_xref(name:"FEDORA", value:"2008-1669"); script_name(english:"Fedora 7 : seamonkey-1.1.8-1.fc7 (2008-1669)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Fri Feb 8 2008 Kai Engert <kengert at redhat.com> - 1.1.8-1 - SeaMonkey 1.1.8 - Sun Dec 2 2007 Kai Engert <kengert at redhat.com> - 1.1.7-1 - SeaMonkey 1.1.7 - Mon Nov 5 2007 Kai Engert <kengert at redhat.com> - 1.1.6-1 - SeaMonkey 1.1.6 - Fri Oct 19 2007 Kai Engert <kengert at redhat.com> - 1.1.5-1 - SeaMonkey 1.1.5 - Fri Jul 27 2007 Martin Stransky <stransky at redhat.com> - 1.1.3-2 - added pango patches - Fri Jul 20 2007 Kai Engert <kengert at redhat.com> - 1.1.3-1 - SeaMonkey 1.1.3 - Thu May 31 2007 Kai Engert <kengert at redhat.com> 1.1.2-1 - SeaMonkey 1.1.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431732" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431733" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431739" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431742" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431748" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431749" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431751" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431752" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431756" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=432040" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007899.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?83497686" ); script_set_attribute( attribute:"solution", value:"Update the affected seamonkey package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_cwe_id(20, 22, 79, 94, 200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:seamonkey"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:7"); script_set_attribute(attribute:"patch_publication_date", value:"2008/02/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/02/14"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^7([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 7.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC7", reference:"seamonkey-1.1.8-1.fc7")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "seamonkey"); }

NASL family	SuSE Local Security Checks
NASL id	SUSE_EPIPHANY-5102.NASL
description	The Mozilla XULRunner 1.8.1 engine was updated to security update version 1.8.1.12. This includes fixes for the following security issues : - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing - MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI - MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities - MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory corruption (rv:1.8.1.12)
last seen	2020-06-01
modified	2020-06-02
plugin id	31622
published	2008-03-19
reporter	This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/31622
title	openSUSE 10 Security Update : epiphany (epiphany-5102)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update epiphany-5102. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(31622); script_version ("1.9"); script_cvs_date("Date: 2019/10/25 13:36:32"); script_cve_id("CVE-2008-0412", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0592", "CVE-2008-0593"); script_name(english:"openSUSE 10 Security Update : epiphany (epiphany-5102)"); script_summary(english:"Check for the epiphany-5102 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "The Mozilla XULRunner 1.8.1 engine was updated to security update version 1.8.1.12. This includes fixes for the following security issues : - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing - MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI - MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities - MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory corruption (rv:1.8.1.12)" ); script_set_attribute( attribute:"solution", value:"Update the affected epiphany packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_cwe_id(20, 22, 79, 200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:epiphany"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:epiphany-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:epiphany-extensions"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner181"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner181-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner181-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner181-l10n"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.3"); script_set_attribute(attribute:"patch_publication_date", value:"2008/03/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/03/19"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE10\.2\|SUSE10\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.2 / 10.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE10.2", reference:"epiphany-2.16.1-31") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"epiphany-devel-2.16.1-31") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"epiphany-extensions-2.16.1-31") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"mozilla-xulrunner181-1.8.1.12-1.2") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"mozilla-xulrunner181-devel-1.8.1.12-1.2") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"mozilla-xulrunner181-l10n-1.8.1.12-1.2") ) flag++; if ( rpm_check(release:"SUSE10.2", cpu:"x86_64", reference:"mozilla-xulrunner181-32bit-1.8.1.12-1.2") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"epiphany-2.20.0-8.2") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"epiphany-devel-2.20.0-8.2") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"epiphany-extensions-2.20.0-8.2") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"mozilla-xulrunner181-1.8.1.12-1.2") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"mozilla-xulrunner181-devel-1.8.1.12-1.2") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"mozilla-xulrunner181-l10n-1.8.1.12-1.2") ) flag++; if ( rpm_check(release:"SUSE10.3", cpu:"x86_64", reference:"mozilla-xulrunner181-32bit-1.8.1.12-1.2") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "epiphany / epiphany-devel / epiphany-extensions / etc"); }

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2008-0103.NASL
description	From Red Hat Security Advisory 2008:0103 : Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Firefox displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418) A flaw was found in the way Firefox saves certain text files. If a website offers a file of type
last seen	2020-06-01
modified	2020-06-02
plugin id	67647
published	2013-07-12
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/67647
title	Oracle Linux 4 / 5 : firefox (ELSA-2008-0103)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2008:0103 and # Oracle Linux Security Advisory ELSA-2008-0103 respectively. # include("compat.inc"); if (description) { script_id(67647); script_version("1.12"); script_cvs_date("Date: 2019/10/25 13:36:07"); script_cve_id("CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0420", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593"); script_bugtraq_id(24293, 27406, 27683); script_xref(name:"RHSA", value:"2008:0103"); script_name(english:"Oracle Linux 4 / 5 : firefox (ELSA-2008-0103)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2008:0103 : Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Firefox displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418) A flaw was found in the way Firefox saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', Firefox will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of firefox are advised to upgrade to these updated packages, which contain backported patches to resolve these issues." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2008-February/000508.html" ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2008-February/000509.html" ); script_set_attribute( attribute:"solution", value:"Update the affected firefox packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(22, 79, 94, 200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:firefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:firefox-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2008/02/08"); script_set_attribute(attribute:"patch_publication_date", value:"2008/02/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| !pregmatch(pattern: "Oracle (?:Linux Server\|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server\|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^(4\|5)([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 4 / 5", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL4", cpu:"i386", reference:"firefox-1.5.0.12-0.10.el4.0.1")) flag++; if (rpm_check(release:"EL4", cpu:"x86_64", reference:"firefox-1.5.0.12-0.10.el4.0.1")) flag++; if (rpm_check(release:"EL5", reference:"firefox-1.5.0.12-9.el5.0.1")) flag++; if (rpm_check(release:"EL5", reference:"firefox-devel-1.5.0.12-9.el5.0.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "firefox / firefox-devel"); }

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2008-1535.NASL
description	Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed web content. A web page containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Firefox displayed malformed web content. A web page containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418) A flaw was found in the way Firefox saves certain text files. If a website offers a file of type
last seen	2020-06-01
modified	2020-06-02
plugin id	31067
published	2008-02-14
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/31067
title	Fedora 8 : Miro-1.1-3.fc8 / blam-1.8.3-13.fc8 / chmsee-1.0.0-1.28.fc8 / devhelp-0.16.1-5.fc8 / etc (2008-1535)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2008-1535. # include("compat.inc"); if (description) { script_id(31067); script_version ("1.18"); script_cvs_date("Date: 2019/08/02 13:32:27"); script_cve_id("CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593", "CVE-2008-0594"); script_xref(name:"FEDORA", value:"2008-1535"); script_name(english:"Fedora 8 : Miro-1.1-3.fc8 / blam-1.8.3-13.fc8 / chmsee-1.0.0-1.28.fc8 / devhelp-0.16.1-5.fc8 / etc (2008-1535)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed web content. A web page containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Firefox displayed malformed web content. A web page containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418) A flaw was found in the way Firefox saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', Firefox will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of firefox are advised to upgrade to these updated packages, which contain updated packages to resolve these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431732" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431733" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431739" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431742" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431748" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431749" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431751" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431752" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=431756" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=432036" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=432040" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007754.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?150b6c21" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007755.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?b751fe08" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007756.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?c8bd9950" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007757.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?d571352f" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007758.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?df5f34ea" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007759.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?080b7023" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007760.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?1bc21d1f" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007761.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?cb3ac43d" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007762.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?406b01bc" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007763.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?fe5d5ec2" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007764.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?d0528e90" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007765.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?4dd87a98" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007766.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?2dbdbc11" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007767.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?67a56ae1" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007768.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?11b25edd" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007769.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?34ff5880" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_cwe_id(20, 22, 79, 94, 200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:Miro"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:blam"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:chmsee"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:devhelp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:epiphany"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:epiphany-extensions"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:firefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:galeon"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:gnome-python2-extras"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:gnome-web-photo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:gtkmozembedmm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kazehakase"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:liferea"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openvrml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:ruby-gnome2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:yelp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:8"); script_set_attribute(attribute:"vuln_publication_date", value:"2008/02/08"); script_set_attribute(attribute:"patch_publication_date", value:"2008/02/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/02/14"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^8([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 8.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC8", reference:"Miro-1.1-3.fc8")) flag++; if (rpm_check(release:"FC8", reference:"blam-1.8.3-13.fc8")) flag++; if (rpm_check(release:"FC8", reference:"chmsee-1.0.0-1.28.fc8")) flag++; if (rpm_check(release:"FC8", reference:"devhelp-0.16.1-5.fc8")) flag++; if (rpm_check(release:"FC8", reference:"epiphany-2.20.2-3.fc8")) flag++; if (rpm_check(release:"FC8", reference:"epiphany-extensions-2.20.1-5.fc8")) flag++; if (rpm_check(release:"FC8", reference:"firefox-2.0.0.12-1.fc8")) flag++; if (rpm_check(release:"FC8", reference:"galeon-2.0.4-1.fc8.2")) flag++; if (rpm_check(release:"FC8", reference:"gnome-python2-extras-2.19.1-12.fc8")) flag++; if (rpm_check(release:"FC8", reference:"gnome-web-photo-0.3-8.fc8")) flag++; if (rpm_check(release:"FC8", reference:"gtkmozembedmm-1.4.2.cvs20060817-18.fc8")) flag++; if (rpm_check(release:"FC8", reference:"kazehakase-0.5.2-1.fc8.2")) flag++; if (rpm_check(release:"FC8", reference:"liferea-1.4.11-2.fc8")) flag++; if (rpm_check(release:"FC8", reference:"openvrml-0.17.5-2.fc8")) flag++; if (rpm_check(release:"FC8", reference:"ruby-gnome2-0.16.0-20.fc8")) flag++; if (rpm_check(release:"FC8", reference:"yelp-2.20.0-7.fc8")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Miro / blam / chmsee / devhelp / epiphany / epiphany-extensions / etc"); }

NASL family	SuSE Local Security Checks
NASL id	SUSE_SEAMONKEY-5011.NASL
description	This update backports changes to Mozilla SeaMonkey to the level of the security update version 1.8.1.12 Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA 2008-08/CVE-2008-0591 File action dialog tampering - MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing - MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI - MFSA 2008-04/CVE-2008-0417 Stored password corruption - MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities - MFSA 2008-01/CVE-2008-0412/CVE-2008-0413 Crashes with evidence of memory corruption (rv:1.8.1.12)
last seen	2020-06-01
modified	2020-06-02
plugin id	31113
published	2008-02-18
reporter	This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/31113
title	openSUSE 10 Security Update : seamonkey (seamonkey-5011)

NASL family	SuSE Local Security Checks
NASL id	SUSE_MOZILLAFIREFOX-5002.NASL
description	This update brings Mozilla Firefox to security update version 2.0.0.12 Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA 2008-08/CVE-2008-0591 File action dialog tampering - MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing - MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI - MFSA 2008-04/CVE-2008-0417 Stored password corruption - MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities - MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory corruption (rv:1.8.1.12)
last seen	2020-06-01
modified	2020-06-02
plugin id	31088
published	2008-02-14
reporter	This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/31088
title	openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-5002)

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-576-1.NASL
description	Various flaws were discovered in the browser and JavaScript engine. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user
last seen	2020-06-01
modified	2020-06-02
plugin id	30252
published	2008-02-11
reporter	Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/30252
title	Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : firefox vulnerabilities (USN-576-1)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2008-0105.NASL
description	Updated thunderbird packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. [Updated 27th February 2008] The erratum text has been updated to include the details of additional issues that were fixed by these erratum packages, but which were not public at the time of release. No changes have been made to the packages. Mozilla Thunderbird is a standalone mail and newsgroup client. A heap-based buffer overflow flaw was found in the way Thunderbird processed messages with external-body Multipurpose Internet Message Extensions (MIME) types. A HTML mail message containing malicious content could cause Thunderbird to execute arbitrary code as the user running Thunderbird. (CVE-2008-0304) Several flaws were found in the way Thunderbird processed certain malformed HTML mail content. A HTML mail message containing malicious content could cause Thunderbird to crash, or potentially execute arbitrary code as the user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Thunderbird displayed malformed HTML mail content. A HTML mail message containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0420, CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Thunderbird handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious HTML mail message to steal sensitive session data. Note: this flaw does not affect a default installation of Thunderbird. (CVE-2008-0418) Note: JavaScript support is disabled by default in Thunderbird; the above issues are not exploitable unless JavaScript is enabled. A flaw was found in the way Thunderbird saves certain text files. If a remote site offers a file of type
last seen	2020-06-01
modified	2020-06-02
plugin id	30247
published	2008-02-11
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/30247
title	RHEL 4 / 5 : thunderbird (RHSA-2008:0105)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2008-2118.NASL
description	Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way Thunderbird processed certain malformed HTML mail content. A HTML mail message containing malicious content could cause Thunderbird to crash, or potentially execute arbitrary code as the user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Thunderbird displayed malformed HTML mail content. A HTML mail message containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Thunderbird handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious HTML mail message to steal sensitive session data. Note: this flaw does not affect a default installation of Thunderbird. (CVE-2008-0418) Note: JavaScript support is disabled by default in Thunderbird; the above issues are not exploitable unless JavaScript is enabled. A flaw was found in the way Thunderbird saves certain text files. If a remote site offers a file of type
last seen	2020-06-01
modified	2020-06-02
plugin id	31318
published	2008-02-29
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/31318
title	Fedora 7 : thunderbird-2.0.0.12-1.fc7 (2008-2118)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20080207_SEAMONKEY_ON_SL3_X.NASL
description	Several flaws were found in the way SeaMonkey processed certain malformed web content. A webpage containing malicious content could cause SeaMonkey to crash, or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way SeaMonkey displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way SeaMonkey stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way SeaMonkey handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of SeaMonkey. (CVE-2008-0418) A flaw was found in the way SeaMonkey saves certain text files. If a website offers a file of type
last seen	2020-06-01
modified	2020-06-02
plugin id	60356
published	2012-08-01
reporter	This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/60356
title	Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64

NASL family	Windows
NASL id	MOZILLA_FIREFOX_20012.NASL
description	The installed version of Firefox is affected by various security issues : - Several stability bugs leading to crashes which, in some cases, show traces of memory corruption - Several file input focus stealing vulnerabilities that could result in uploading of arbitrary files provided their full path and file names are known. - Several issues that allow scripts from page content to escape from their sandboxed context and/or run with chrome privileges, resulting in privilege escalation, XSS, and/or remote code execution. - An issue that could allow a malicious site to inject newlines into the application
last seen	2020-06-01
modified	2020-06-02
plugin id	30209
published	2008-02-08
reporter	This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/30209
title	Firefox < 2.0.0.12 Multiple Vulnerabilities

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2008-0104.NASL
description	From Red Hat Security Advisory 2008:0104 : Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed web content. A webpage containing malicious content could cause SeaMonkey to crash, or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way SeaMonkey displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way SeaMonkey stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way SeaMonkey handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of SeaMonkey. (CVE-2008-0418) A flaw was found in the way SeaMonkey saves certain text files. If a website offers a file of type
last seen	2020-06-01
modified	2020-06-02
plugin id	67648
published	2013-07-12
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/67648
title	Oracle Linux 3 / 4 : seamonkey (ELSA-2008-0104)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2008-0105.NASL
description	Updated thunderbird packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. [Updated 27th February 2008] The erratum text has been updated to include the details of additional issues that were fixed by these erratum packages, but which were not public at the time of release. No changes have been made to the packages. Mozilla Thunderbird is a standalone mail and newsgroup client. A heap-based buffer overflow flaw was found in the way Thunderbird processed messages with external-body Multipurpose Internet Message Extensions (MIME) types. A HTML mail message containing malicious content could cause Thunderbird to execute arbitrary code as the user running Thunderbird. (CVE-2008-0304) Several flaws were found in the way Thunderbird processed certain malformed HTML mail content. A HTML mail message containing malicious content could cause Thunderbird to crash, or potentially execute arbitrary code as the user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Thunderbird displayed malformed HTML mail content. A HTML mail message containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0420, CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Thunderbird handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious HTML mail message to steal sensitive session data. Note: this flaw does not affect a default installation of Thunderbird. (CVE-2008-0418) Note: JavaScript support is disabled by default in Thunderbird; the above issues are not exploitable unless JavaScript is enabled. A flaw was found in the way Thunderbird saves certain text files. If a remote site offers a file of type
last seen	2020-06-01
modified	2020-06-02
plugin id	30222
published	2008-02-11
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/30222
title	CentOS 4 / 5 : thunderbird (CESA-2008:0105)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2008-0103.NASL
description	Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Firefox displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418) A flaw was found in the way Firefox saves certain text files. If a website offers a file of type
last seen	2020-06-01
modified	2020-06-02
plugin id	30220
published	2008-02-11
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/30220
title	CentOS 4 / 5 : firefox (CESA-2008:0103)

NASL family	Mandriva Local Security Checks
NASL id	MANDRIVA_MDVSA-2008-048.NASL
description	A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.12. This update provides the latest Firefox to correct these issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	37189
published	2009-04-23
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/37189
title	Mandriva Linux Security Advisory : mozilla-firefox (MDVSA-2008:048)

NASL family	SuSE Local Security Checks
NASL id	SUSE_MOZILLA-XULRUNNER-5123.NASL
description	This update of the Mozilla XULRunner engine catches up on all previous security problems found in the XULRunner engine. Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA 2008-08/CVE-2008-0591 File action dialog tampering - MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing - MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI - MFSA 2008-04/CVE-2008-0417 Stored password corruption - MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities - MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory corruption (rv:1.8.1.12)
last seen	2020-06-01
modified	2020-06-02
plugin id	31697
published	2008-03-28
reporter	This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/31697
title	openSUSE 10 Security Update : mozilla-xulrunner (mozilla-xulrunner-5123)

NASL family	SuSE Local Security Checks
NASL id	SUSE_MOZILLA-XULRUNNER-5118.NASL
description	This update of the Mozilla XULRunner engine catches up on all previous security problems found in the XULRunner engine. Following security problems were fixed : - Web forgery overwrite with div overlay. (MFSA 2008-11 / CVE-2008-0594) - URL token stealing via stylesheet redirect. (MFSA 2008-10 / CVE-2008-0593) - Mishandling of locally-saved plain text files. (MFSA 2008-09 / CVE-2008-0592) - File action dialog tampering. (MFSA 2008-08 / CVE-2008-0591) - Web browsing history and forward navigation stealing. (MFSA 2008-06 / CVE-2008-0419) - Directory traversal via chrome: URI. (MFSA 2008-05 / CVE-2008-0418) - Stored password corruption. (MFSA 2008-04 / CVE-2008-0417) - Privilege escalation, XSS, Remote Code Execution. (MFSA 2008-03 / CVE-2008-0415) - Multiple file input focus stealing vulnerabilities. (MFSA 2008-02 / CVE-2008-0414) - Crashes with evidence of memory corruption (rv:1.8.1.12). (MFSA 2008-01 / CVE-2008-0412)
last seen	2020-06-01
modified	2020-06-02
plugin id	31696
published	2008-03-28
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/31696
title	SuSE 10 Security Update : epiphany (ZYPP Patch Number 5118)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20080207_THUNDERBIRD_ON_SL4_X.NASL
description	Several flaws were found in the way Thunderbird processed certain malformed HTML mail content. A HTML mail message containing malicious content could cause Thunderbird to crash, or potentially execute arbitrary code as the user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Thunderbird displayed malformed HTML mail content. A HTML mail message containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Thunderbird handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious HTML mail message to steal sensitive session data. Note: this flaw does not affect a default installation of Thunderbird. (CVE-2008-0418) Note: JavaScript support is disabled by default in Thunderbird; the above issues are not exploitable unless JavaScript is enabled. A flaw was found in the way Thunderbird saves certain text files. If a remote site offers a file of type
last seen	2020-06-01
modified	2020-06-02
plugin id	60357
published	2012-08-01
reporter	This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/60357
title	Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2008-1435.NASL
description	Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed web content. A web page containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Firefox displayed malformed web content. A web page containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418) A flaw was found in the way Firefox saves certain text files. If a website offers a file of type
last seen	2020-06-01
modified	2020-06-02
plugin id	31060
published	2008-02-14
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/31060
title	Fedora 7 : Miro-1.1-3.fc7 / chmsee-1.0.0-1.28.fc7 / devhelp-0.13-13.fc7 / epiphany-2.18.3-6.fc7 / etc (2008-1435)

NASL family	Windows
NASL id	NETSCAPE_BROWSER_9006.NASL
description	The installed version of Netscape is affected by various security issues : - Several stability bugs leading to crashes which, in some cases, show traces of memory corruption. - Several file input focus stealing vulnerabilities that could result in uploading of arbitrary files provided their full path and file names are known. - Several issues that allow scripts from page content to escape from their sandboxed context and/or run with chrome privileges, resulting in privilege escalation, XSS, and/or remote code execution. - An issue that could allow a malicious site to inject newlines into the application
last seen	2020-06-01
modified	2020-06-02
plugin id	31135
published	2008-02-22
reporter	This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/31135
title	Netscape Browser < 9.0.0.6 Multiple Vulnerabilities

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-1489.NASL
description	Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0412 Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul Nickerson discovered crashes in the layout engine, which might allow the execution of arbitrary code. - CVE-2008-0413 Carsten Book, Wesley Garland, Igor Bukanov,
last seen	2020-06-01
modified	2020-06-02
plugin id	30228
published	2008-02-11
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/30228
title	Debian DSA-1489-1 : iceweasel - several vulnerabilities

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_810A5197E0D911DC891A02061B08FC24.NASL
description	The Mozilla Foundation reports of multiple security issues in Firefox, SeaMonkey, and Thunderbird. Several of these issues can probably be used to run arbitrary code with the privilege of the user running the program. - Web forgery overwrite with div overlay - URL token stealing via stylesheet redirect - Mishandling of locally-saved plain text files - File action dialog tampering - Possible information disclosure in BMP decoder - Web browsing history and forward navigation stealing - Directory traversal via chrome: URI - Stored password corruption - Privilege escalation, XSS, Remote Code Execution - Multiple file input focus stealing vulnerabilities - Crashes with evidence of memory corruption (rv:1.8.1.12)
last seen	2020-06-01
modified	2020-06-02
plugin id	31155
published	2008-02-25
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/31155
title	FreeBSD : mozilla -- multiple vulnerabilities (810a5197-e0d9-11dc-891a-02061b08fc24)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2008-0104.NASL
description	Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed web content. A webpage containing malicious content could cause SeaMonkey to crash, or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way SeaMonkey displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way SeaMonkey stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way SeaMonkey handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of SeaMonkey. (CVE-2008-0418) A flaw was found in the way SeaMonkey saves certain text files. If a website offers a file of type
last seen	2020-06-01
modified	2020-06-02
plugin id	30246
published	2008-02-11
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/30246
title	RHEL 2.1 / 3 / 4 : seamonkey (RHSA-2008:0104)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2008-1459.NASL
description	- Fri Feb 8 2008 Kai Engert <kengert at redhat.com> - 1.1.8-1 - SeaMonkey 1.1.8 - Sun Dec 2 2007 Kai Engert <kengert at redhat.com> - 1.1.7-1 - SeaMonkey 1.1.7 - Mon Nov 5 2007 Kai Engert <kengert at redhat.com> - 1.1.6-1 - SeaMonkey 1.1.6 - Fri Oct 19 2007 Kai Engert <kengert at redhat.com> - 1.1.5-2 - SeaMonkey 1.1.5 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	31061
published	2008-02-14
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/31061
title	Fedora 8 : seamonkey-1.1.8-1.fc8 (2008-1459)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-1484.NASL
description	Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0412 Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul Nickerson discovered crashes in the layout engine, which might allow the execution of arbitrary code. - CVE-2008-0413 Carsten Book, Wesley Garland, Igor Bukanov,
last seen	2020-06-01
modified	2020-06-02
plugin id	30224
published	2008-02-11
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/30224
title	Debian DSA-1484-1 : xulrunner - several vulnerabilities

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-1506.NASL
description	Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the SeaMonkey Internet Suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0412 Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul Nickerson discovered crashes in the layout engine, which might allow the execution of arbitrary code. - CVE-2008-0413 Carsten Book, Wesley Garland, Igor Bukanov,
last seen	2020-06-01
modified	2020-06-02
plugin id	31150
published	2008-02-25
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/31150
title	Debian DSA-1506-1 : iceape - several vulnerabilities

NASL family	SuSE Local Security Checks
NASL id	SUSE_MOZILLAFIREFOX-5001.NASL
description	This update brings Mozilla Firefox to security update version 2.0.0.12 Following security problems were fixed : - Web forgery overwrite with div overlay. (MFSA 2008-11 / CVE-2008-0594) - URL token stealing via stylesheet redirect. (MFSA 2008-10 / CVE-2008-0593) - Mishandling of locally-saved plain text files. (MFSA 2008-09 / CVE-2008-0592) - File action dialog tampering. (MFSA 2008-08 / CVE-2008-0591) - Web browsing history and forward navigation stealing. (MFSA 2008-06 / CVE-2008-0419) - Directory traversal via chrome: URI. (MFSA 2008-05 / CVE-2008-0418) - Stored password corruption. (MFSA 2008-04 / CVE-2008-0417) - Privilege escalation, XSS, Remote Code Execution. (MFSA 2008-03 / CVE-2008-0415) - Multiple file input focus stealing vulnerabilities. (MFSA 2008-02 / CVE-2008-0414) - Crashes with evidence of memory corruption (rv:1.8.1.12). (MFSA 2008-01 / CVE-2008-0412)
last seen	2020-06-01
modified	2020-06-02
plugin id	31087
published	2008-02-14
reporter	This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/31087
title	SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 5001)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SEAMONKEY-5012.NASL
description	This update brings Mozilla SeaMonkey to security update version 1.8.1.12 Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA 2008-08/CVE-2008-0591 File action dialog tampering - MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing - MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI - MFSA 2008-04/CVE-2008-0417 Stored password corruption - MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities - MFSA 2008-01/CVE-2008-0412/CVE-2008-0413 Crashes with evidence of memory corruption (rv:1.8.1.12)
last seen	2020-06-01
modified	2020-06-02
plugin id	31114
published	2008-02-18
reporter	This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/31114
title	openSUSE 10 Security Update : seamonkey (seamonkey-5012)

NASL family	SuSE Local Security Checks
NASL id	SUSE_MOZILLATHUNDERBIRD-5098.NASL
description	This update brings Mozilla Thunderbird to security update version 2.0.0.12 Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA 2008-08/CVE-2008-0591 File action dialog tampering - MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing - MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI - MFSA 2008-04/CVE-2008-0417 Stored password corruption - MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities - MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory corruption (rv:1.8.1.12)
last seen	2020-06-01
modified	2020-06-02
plugin id	31602
published	2008-03-17
reporter	This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/31602
title	openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-5098)

Oval

accepted

2013-04-29T04:15:11.783-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 3
oval oval:org.mitre.oval:def:11782
comment CentOS Linux 3.x
oval oval:org.mitre.oval:def:16651
comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990
comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

family

unix

oval:org.mitre.oval:def:11652

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

version

Redhat

advisories

rhsa
id RHSA-2008:0103
rhsa
id RHSA-2008:0104
rhsa
id RHSA-2008:0105

rpms

firefox-0:1.5.0.12-0.10.el4
firefox-0:1.5.0.12-9.el5
firefox-debuginfo-0:1.5.0.12-0.10.el4
firefox-debuginfo-0:1.5.0.12-9.el5
seamonkey-0:1.0.9-0.9.el2
seamonkey-0:1.0.9-0.9.el3
seamonkey-0:1.0.9-9.el4
seamonkey-chat-0:1.0.9-0.9.el2
seamonkey-chat-0:1.0.9-0.9.el3
seamonkey-chat-0:1.0.9-9.el4
seamonkey-debuginfo-0:1.0.9-0.9.el3
seamonkey-debuginfo-0:1.0.9-9.el4
seamonkey-devel-0:1.0.9-0.9.el2
seamonkey-devel-0:1.0.9-0.9.el3
seamonkey-devel-0:1.0.9-9.el4
seamonkey-dom-inspector-0:1.0.9-0.9.el2
seamonkey-dom-inspector-0:1.0.9-0.9.el3
seamonkey-dom-inspector-0:1.0.9-9.el4
seamonkey-js-debugger-0:1.0.9-0.9.el2
seamonkey-js-debugger-0:1.0.9-0.9.el3
seamonkey-js-debugger-0:1.0.9-9.el4
seamonkey-mail-0:1.0.9-0.9.el2
seamonkey-mail-0:1.0.9-0.9.el3
seamonkey-mail-0:1.0.9-9.el4
seamonkey-nspr-0:1.0.9-0.9.el2
seamonkey-nspr-0:1.0.9-0.9.el3
seamonkey-nspr-devel-0:1.0.9-0.9.el2
seamonkey-nspr-devel-0:1.0.9-0.9.el3
seamonkey-nss-0:1.0.9-0.9.el2
seamonkey-nss-0:1.0.9-0.9.el3
seamonkey-nss-devel-0:1.0.9-0.9.el2
seamonkey-nss-devel-0:1.0.9-0.9.el3
thunderbird-0:1.5.0.12-8.el4
thunderbird-0:1.5.0.12-8.el5
thunderbird-debuginfo-0:1.5.0.12-8.el4
thunderbird-debuginfo-0:1.5.0.12-8.el5

Seebug

bulletinFamily	exploit
description	BUGTRAQ ID: 27683 CVE(CAN) ID: CVE-2008-0412,CVE-2008-0413,CVE-2008-0414,CVE-2008-0415,CVE-2008-0417,CVE-2008-0419,CVE-2008-0591,CVE-2008-0592,CVE-2008-0593,CVE-2008-0594 Firefox/Thunderbird/SeaMonkey是Mozilla所发布的WEB浏览器和邮件/新闻组客户端。 Firefox中的多个安全漏洞允许恶意用户泄露敏感信息、绕过安全限制、执行欺骗攻击或入侵用户系统。由于代码共享，Thunderbird和SeaMonkey也受这些漏洞的影响。 1) 浏览器引擎和Javascript引擎中的多个内存破坏漏洞可能导致执行任意指令。 2) 如果远程攻击者创建了MouseEvent并使用dispatchEvent将click发送给文件输入单元或文件相关的标记，就可能将文件焦点设置到文件输入的文本部分，导致有选择性的捕获键盘动作并创建可用于上传用户机器上任意文件的路径。 3) Javascript引擎中的错误可能导致以chrome权限运行Javascript代码，或通过XMLDocument.load()函数绕过同源策略。 4) 如果用户保存了口令的话，恶意站点就可能向Firefox的口令存储中注入换行符，破坏其他站点的保存口令。 5) 当用户离开使用designMode帧的页面时Firefox处理图形的方式存在漏洞，导致泄露用户的导航记录、转发导航信息或触发内存破坏。 6) 攻击者可以使用JavaScript绕过启用了定时器的安全对话，更改窗口焦点，诱骗用户在无疑中确认这类安全对话框。 7) 如果用户本地保存了带有Content-Disposition: attachment和不正确Content-Type: plain/text的文件的话，浏览器就会不再打开带有.txt扩展名的本地文件，而是提示用户保存文件。 8) Firefox会对<LINK REL="stylesheet" HREF="...">请求跟随302重新定向，然后允许通过访问element.sheet.href属性访问目标URL，这可能导致泄露敏感URL参数。 9) 如果整个网页的内容都用绝对定位包装在了<div>中，则除非用户将标签页从伪造页面切换走然后又切换回来，否则不会显示Web伪造警告对话框。 Mozilla Firefox <= 2.0.0.11 Mozilla Thunderbird <= 2.0.0.11 Mozilla SeaMonkey <= 1.1.7 临时解决方法：如果您不能立刻安装补丁或者升级，NSFOCUS建议您采取以下措施以降低威胁： * 在浏览器中禁用JavaScript。厂商补丁： Debian ------ Debian已经为此发布了一个安全公告（DSA-1484-1）以及相应补丁: DSA-1484-1：New xulrunner packages fix several vulnerabilities 链接：<a href=http://www.debian.org/security/2008/dsa-1484 target=_blank>http://www.debian.org/security/2008/dsa-1484</a>
id	SSV:2926
last seen	2017-11-19
modified	2008-02-22
published	2008-02-22
reporter	Root
source	https://www.seebug.org/vuldb/ssvid-2926
title	Mozilla Thunderbird/Seamonkey/Firefox 2.0.0.12修复多个安全漏洞

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

Oval

Redhat

Seebug

References