Vulnerabilities > CVE-2008-5913 - Information Disclosure vulnerability in Multiple Browser JavaScript Engine 'Math.Random()' Cross Domain
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote attackers to track a user, or trick a user into acting upon a spoofed pop-up message, by calculating the seed value, related to a "temporary footprint" and an "in-session phishing attack."
Vulnerable Configurations
Nessus
NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0499.NASL description From Red Hat Security Advisory 2010:0499 : Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1200) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1198) An integer overflow flaw was found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1199) A flaw was found in the way SeaMonkey processed mail attachments. A specially crafted mail message could cause SeaMonkey to crash. (CVE-2010-0163) A flaw was found in the way SeaMonkey handled the last seen 2020-06-01 modified 2020-06-02 plugin id 68053 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68053 title Oracle Linux 3 / 4 : seamonkey (ELSA-2010-0499) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-930-5.NASL description USN-930-4 fixed vulnerabilities in Firefox and Xulrunner on Ubuntu 9.04 and 9.10. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2. If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS. (CVE-2010-1121) Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203) A flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1198) An integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1196) Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1199) Michal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. (CVE-2010-1125) Ilja van Sprundel discovered that the last seen 2020-06-01 modified 2020-06-02 plugin id 47825 published 2010-07-26 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47825 title Ubuntu 9.04 / 9.10 : ant, apturl, epiphany-browser, gluezilla, gnome-python-extras, liferea, mozvoikko, openjdk-6, packagekit, ubufox, webfav, yelp update (USN-930-5) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0501.NASL description Updated firefox packages that address several security issues, fix bugs, add numerous enhancements, and upgrade Firefox to version 3.6.4, are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. [Updated 25 June 2010] The original packages distributed with this erratum had a bug which could cause unintended dependencies to be installed when upgrading. We have updated the packages to correct this bug. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the last seen 2020-06-01 modified 2020-06-02 plugin id 47119 published 2010-06-23 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47119 title RHEL 5 : firefox (RHSA-2010:0501) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0501.NASL description Updated firefox packages that address several security issues, fix bugs, add numerous enhancements, and upgrade Firefox to version 3.6.4, are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. [Updated 25 June 2010] The original packages distributed with this erratum had a bug which could cause unintended dependencies to be installed when upgrading. We have updated the packages to correct this bug. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the last seen 2020-06-01 modified 2020-06-02 plugin id 47129 published 2010-06-25 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47129 title CentOS 5 : firefox (CESA-2010:0501) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0500.NASL description An updated firefox package that addresses security issues, fixes bugs, adds numerous enhancements, and upgrades Firefox to version 3.6.4, is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the last seen 2020-06-01 modified 2020-06-02 plugin id 48265 published 2010-08-09 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/48265 title CentOS 4 : firefox (CESA-2010:0500) NASL family SuSE Local Security Checks NASL id SUSE_11_2_MOZILLAFIREFOX-100625.NASL description Mozilla Firefox was updated to version 3.5.10, fixing various bugs and security issues. MFSA 2010-33 / CVE-2008-5913: Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random(). Since the pseudo-random number generator was only seeded once per browsing session, this seed value could be used as a unique token to identify and track users across different websites. MFSA 2010-32 / CVE-2010-1197: Security researcher Ilja van Sprundel of IOActive reported that the Content-Disposition: attachment HTTP header was ignored when Content-Type: multipart was also present. This issue could potentially lead to XSS problems in sites that allow users to upload arbitrary files and specify a Content-Type but rely on Content-Disposition: attachment to prevent the content from being displayed inline. MFSA 2010-31 / CVE-2010-1125: Google security researcher Michal Zalewski reported that focus() could be used to change a user last seen 2020-06-01 modified 2020-06-02 plugin id 47693 published 2010-07-09 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47693 title openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0358-2) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0499.NASL description Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1200) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1198) An integer overflow flaw was found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1199) A flaw was found in the way SeaMonkey processed mail attachments. A specially crafted mail message could cause SeaMonkey to crash. (CVE-2010-0163) A flaw was found in the way SeaMonkey handled the last seen 2020-06-01 modified 2020-06-02 plugin id 47788 published 2010-07-22 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47788 title CentOS 3 / 4 : seamonkey (CESA-2010:0499) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-930-4.NASL description USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update provides the corresponding updates for Ubuntu 9.04 and 9.10, along with additional updates affecting Firefox 3.6.6. Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211, CVE-2010-1212) An integer overflow was discovered in how Firefox processed plugin parameters. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1214) A flaw was discovered in the Firefox JavaScript engine. If a user were tricked into viewing a malicious site, a remote attacker code execute arbitrary JavaScript with chrome privileges. (CVE-2010-1215) An integer overflow was discovered in how Firefox processed CSS values. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2752) An integer overflow was discovered in how Firefox interpreted the XUL <tree> element. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2753) Aki Helin discovered that libpng did not properly handle certain malformed PNG images. If a user were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1205) Yosuke Hasegawa and Vladimir Vukicevic discovered that the same-origin check in Firefox could be bypassed by utilizing the importScripts Web Worker method. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-1213, CVE-2010-1207) O. Andersen that Firefox did not properly map undefined positions within certain 8 bit encodings. An attacker could utilize this to perform cross-site scripting attacks. (CVE-2010-1210) Michal Zalewski discovered flaws in how Firefox processed the HTTP 204 (no content) code. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-1206) Jordi Chancel discovered that Firefox did not properly handle when a server responds to an HTTPS request with plaintext and then processes JavaScript history events. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-2751) Chris Evans discovered that Firefox did not properly process improper CSS selectors. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-0654) Soroush Dalili discovered that Firefox did not properly handle script error output. An attacker could use this to access URL parameters from other domains. (CVE-2010-2754) If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1121) Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203) A flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1198) An integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1196) Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1199) Michal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. (CVE-2010-1125) Ilja van Sprundel discovered that the last seen 2020-06-01 modified 2020-06-02 plugin id 47824 published 2010-07-26 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47824 title Ubuntu 9.04 / 9.10 : firefox-3.0, firefox-3.5, xulrunner-1.9.2 vulnerabilities (USN-930-4) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-930-1.NASL description If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS. (CVE-2010-1121) Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203) A flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1198) An integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1196) Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1199) Michal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. (CVE-2010-1125) Ilja van Sprundel discovered that the last seen 2020-06-01 modified 2020-06-02 plugin id 47161 published 2010-06-30 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47161 title Ubuntu 8.04 LTS / 10.04 LTS : firefox, firefox-3.0, xulrunner-1.9.2 vulnerabilities (USN-930-1) NASL family SuSE Local Security Checks NASL id SUSE_MOZILLAFIREFOX-7083.NASL description Mozilla Firefox has been updated to version 3.5.10, fixing various bugs and security issues. - Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random(). Since the pseudo-random number generator was only seeded once per browsing session, this seed value could be used as a unique token to identify and track users across different websites. (MFSA 2010-33/ CVE-2008-5913) - Security researcher Ilja van Sprundel of IOActive reported that the Content-Disposition: attachment HTTP header was ignored when `Content-Type: multipart` was also present. This issue could potentially lead to XSS problems in sites that allow users to upload arbitrary files and specify a content type but rely on Content-Disposition: attachment to prevent the content from being displayed inline. (MFSA 2010-32/ CVE-2010-1197) - Google security researcher Michal Zalewski reported that focus() could be used to change a user last seen 2020-06-01 modified 2020-06-02 plugin id 49893 published 2010-10-11 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/49893 title SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7083) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0500.NASL description From Red Hat Security Advisory 2010:0500 : An updated firefox package that addresses security issues, fixes bugs, adds numerous enhancements, and upgrades Firefox to version 3.6.4, is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the last seen 2020-06-01 modified 2020-06-02 plugin id 68054 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68054 title Oracle Linux 4 : firefox (ELSA-2010-0500) NASL family SuSE Local Security Checks NASL id SUSE_11_1_MOZILLAFIREFOX-100628.NASL description Mozilla Firefox was updated to version 3.5.10, fixing various bugs and security issues. MFSA 2010-33 / CVE-2008-5913: Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random(). Since the pseudo-random number generator was only seeded once per browsing session, this seed value could be used as a unique token to identify and track users across different websites. MFSA 2010-32 / CVE-2010-1197: Security researcher Ilja van Sprundel of IOActive reported that the Content-Disposition: attachment HTTP header was ignored when Content-Type: multipart was also present. This issue could potentially lead to XSS problems in sites that allow users to upload arbitrary files and specify a Content-Type but rely on Content-Disposition: attachment to prevent the content from being displayed inline. MFSA 2010-31 / CVE-2010-1125: Google security researcher Michal Zalewski reported that focus() could be used to change a user last seen 2020-06-01 modified 2020-06-02 plugin id 47691 published 2010-07-09 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47691 title openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0358-2) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-930-2.NASL description USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2 on Ubuntu 8.04 LTS. If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS. (CVE-2010-1121) Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203) A flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1198) An integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1196) Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1199) Michal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. (CVE-2010-1125) Ilja van Sprundel discovered that the last seen 2020-06-01 modified 2020-06-02 plugin id 47162 published 2010-06-30 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47162 title Ubuntu 8.04 LTS : apturl, epiphany-browser, gecko-sharp, gnome-python-extras, liferea, rhythmbox, totem, ubufox, yelp update (USN-930-2) NASL family Windows NASL id MOZILLA_FIREFOX_364.NASL description The installed version of Firefox 3.6.x is earlier than 3.6.4. Such versions are potentially affected by the following security issues : - Multiple crashes can result in arbitrary code execution. (MFSA 2010-26) - A plugin is allowed to hold a reference to an object owned by a second plugin even after the second plugin is unloaded and the referenced object no longer exists. This could allow arbitrary code execution. (MFSA 2010-28) - An error in last seen 2020-06-01 modified 2020-06-02 plugin id 47124 published 2010-06-23 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47124 title Firefox 3.6 < 3.6.4 Multiple Vulnerabilities NASL family Windows NASL id MOZILLA_FIREFOX_369.NASL description The installed version of Firefox 3.6 is earlier than 3.6.9. Such versions are potentially affected by the following security issues : - The pseudo-random number generator is only seeded once per browsing session and last seen 2020-06-01 modified 2020-06-02 plugin id 49146 published 2010-09-08 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/49146 title Firefox 3.6 < 3.6.9 Multiple Vulnerabilities NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-930-3.NASL description USN-930-1 fixed vulnerabilities in Firefox. Due to a software packaging problem, the Firefox 3.6 update could not be installed when the firefox-2 package was also installed. This update fixes the problem and updates apturl for the change. If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS. (CVE-2010-1121) Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203) A flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1198) An integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1196) Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1199) Michal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. (CVE-2010-1125) Ilja van Sprundel discovered that the last seen 2020-06-01 modified 2020-06-02 plugin id 47574 published 2010-07-01 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47574 title Ubuntu 8.04 LTS : firefox regression (USN-930-3) NASL family Fedora Local Security Checks NASL id FEDORA_2010-10363.NASL description Update to new upstream SeaMonkey version 2.0.5, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/seamonkey20.html#seamonkey2.0.5 CVE-2010-1121 CVE-2010-1200 CVE-2010-1201 CVE-2010-1202 CVE-2010-1203 CVE-2010-0183 CVE-2010-1198 CVE-2010-1196 CVE-2010-1199 CVE-2010-1125 CVE-2010-1197 CVE-2008-5913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47226 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47226 title Fedora 13 : seamonkey-2.0.5-1.fc13 (2010-10363) NASL family Scientific Linux Local Security Checks NASL id SL_20100622_FIREFOX_ON_SL4_X.NASL description Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the last seen 2020-06-01 modified 2020-06-02 plugin id 60807 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60807 title Scientific Linux Security Update : firefox on SL4.x i386/x86_64 NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0500.NASL description An updated firefox package that addresses security issues, fixes bugs, adds numerous enhancements, and upgrades Firefox to version 3.6.4, is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the last seen 2020-06-01 modified 2020-06-02 plugin id 47118 published 2010-06-23 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47118 title RHEL 4 : firefox (RHSA-2010:0500) NASL family Fedora Local Security Checks NASL id FEDORA_2010-10329.NASL description Update to new upstream SeaMonkey version 2.0.5, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/seamonkey20.html#seamonkey2.0.5 CVE-2010-1121 CVE-2010-1200 CVE-2010-1201 CVE-2010-1202 CVE-2010-1203 CVE-2010-0183 CVE-2010-1198 CVE-2010-1196 CVE-2010-1199 CVE-2010-1125 CVE-2010-1197 CVE-2008-5913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47222 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47222 title Fedora 12 : seamonkey-2.0.5-1.fc12 (2010-10329) NASL family Scientific Linux Local Security Checks NASL id SL_20100622_FIREFOX_ON_SL5_X.NASL description Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the last seen 2020-06-01 modified 2020-06-02 plugin id 60808 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60808 title Scientific Linux Security Update : firefox on SL5.x i386/x86_64 NASL family SuSE Local Security Checks NASL id SUSE_11_MOZILLAFIREFOX-100628.NASL description Mozilla Firefox has been updated to version 3.5.10, fixing various bugs and security issues. - Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random(). Since the pseudo-random number generator was only seeded once per browsing session, this seed value could be used as a unique token to identify and track users across different web sites. (MFSA 2010-33/ CVE-2008-5913) - Security researcher Ilja van Sprundel of IOActive reported that the Content-Disposition: attachment HTTP header was ignored when `Content-Type: multipart` was also present. This issue could potentially lead to XSS problems in sites that allow users to upload arbitrary files and specify a content type but rely on Content-Disposition: attachment to prevent the content from being displayed inline. (MFSA 2010-32/ CVE-2010-1197) - Google security researcher Michal Zalewski reported that focus() could be used to change a user last seen 2020-06-01 modified 2020-06-02 plugin id 50873 published 2010-12-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50873 title SuSE 11 / 11.1 Security Update : Mozilla Firefox (SAT Patch Numbers 2608 / 2609) NASL family Fedora Local Security Checks NASL id FEDORA_2010-10361.NASL description Update to new upstream Firefox version 3.6.4, fixing a security issue detailed in the upstream advisory: http://www.mozilla.org/security/known- vulnerabilities/firefox36.html#firefox3.6.4 Update also includes packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. CVE-2010-1200 CVE-2010-1202 CVE-2010-1203 CVE-2010-1198 CVE-2010-1196 CVE-2010-1199 CVE-2010-1125 CVE-2010-1197 CVE-2008-5913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47225 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47225 title Fedora 13 : firefox-3.6.4-1.fc13 / galeon-2.0.7-29.fc13 / gnome-python2-extras-2.25.3-19.fc13 / etc (2010-10361) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_99858B7C7ECE11DFA007000F20797EDE.NASL description Mozilla Project reports : MFSA 2010-33 User tracking across sites using Math.random() MFSA 2010-32 Content-Disposition: attachment ignored if Content-Type: multipart also present MFSA 2010-31 focus() behavior can be used to inject or steal keystrokes MFSA 2010-30 Integer Overflow in XSLT Node Sorting MFSA 2010-29 Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal MFSA 2010-28 Freed object reuse across plugin instances MFSA 2010-27 Use-after-free error in nsCycleCollector::MarkRoots() MFSA 2010-26 Crashes with evidence of memory corruption (rv:1.9.2.4/ 1.9.1.10) MFSA 2010-25 Re-use of freed object due to scope confusion last seen 2020-06-01 modified 2020-06-02 plugin id 47130 published 2010-06-25 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47130 title FreeBSD : mozilla -- multiple vulnerabilities (99858b7c-7ece-11df-a007-000f20797ede) NASL family Windows NASL id SEAMONKEY_205.NASL description The installed version of SeaMonkey is earlier than 2.0.5. Such versions are potentially affected by the following security issues : - A memory corruption vulnerability can lead to arbitrary code execution if garbage collection is carefully timed after DOM nodes are moved between documents. (MFSA 2010-25) - Multiple crashes can result in arbitrary code execution. (MFSA 2010-26) - An error in last seen 2020-06-01 modified 2020-06-02 plugin id 47126 published 2010-06-23 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47126 title SeaMonkey < 2.0.5 Multiple Vulnerabilities NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201301-01.NASL description The remote host is affected by the vulnerability described in GLSA-201301-01 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL’s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser’s font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 63402 published 2013-01-08 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63402 title GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2010-125.NASL description Security issues were identified and fixed in firefox : An unspecified function in the JavaScript implementation in Mozilla Firefox creates and exposes a temporary footprint when there is a current login to a website, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up message, aka an in-session phishing attack. (CVE-2008-5913). The JavaScript implementation in Mozilla Firefox 3.x allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method (CVE-2010-1125). Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow (CVE-2010-1196). Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both Content-Disposition: attachment and Content-Type: multipart are present in HTTP headers, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an uploaded HTML document (CVE-2010-1197). Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances (CVE-2010-1198). Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node (CVE-2010-1199). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2010-1200). Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2010-1202). Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2010-1203). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=4 90 Additionally, some packages which require so, have been rebuilt and are being provided as updates. last seen 2020-06-01 modified 2020-06-02 plugin id 47132 published 2010-06-25 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47132 title Mandriva Linux Security Advisory : firefox (MDVSA-2010:125) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0499.NASL description Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1200) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1198) An integer overflow flaw was found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1199) A flaw was found in the way SeaMonkey processed mail attachments. A specially crafted mail message could cause SeaMonkey to crash. (CVE-2010-0163) A flaw was found in the way SeaMonkey handled the last seen 2020-06-01 modified 2020-06-02 plugin id 47117 published 2010-06-23 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47117 title RHEL 3 / 4 : seamonkey (RHSA-2010:0499) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0501.NASL description From Red Hat Security Advisory 2010:0501 : Updated firefox packages that address several security issues, fix bugs, add numerous enhancements, and upgrade Firefox to version 3.6.4, are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. [Updated 25 June 2010] The original packages distributed with this erratum had a bug which could cause unintended dependencies to be installed when upgrading. We have updated the packages to correct this bug. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the last seen 2020-06-01 modified 2020-06-02 plugin id 68055 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68055 title Oracle Linux 5 : firefox (ELSA-2010-0501) NASL family Fedora Local Security Checks NASL id FEDORA_2010-10344.NASL description Update to new upstream Firefox version 3.5.10, fixing a security issue detailed in the upstream advisory: http://www.mozilla.org/security/known- vulnerabilities/firefox36.html#firefox3.5.10 Update also includes packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. CVE-2010-1121 CVE-2010-1200 CVE-2010-1201 CVE-2010-1202 CVE-2010-0183 CVE-2010-1198 CVE-2010-1196 CVE-2010-1199 CVE-2010-1125 CVE-2010-1197 CVE-2008-5913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47223 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47223 title Fedora 12 : firefox-3.5.10-1.fc12 / galeon-2.0.7-23.fc12 / gnome-python2-extras-2.25.3-18.fc12 / etc (2010-10344) NASL family Windows NASL id MOZILLA_FIREFOX_3510.NASL description The installed version of Firefox is earlier than 3.5.10. Such versions are potentially affected by the following security issues : - A memory corruption vulnerability can lead to arbitrary code execution if garbage collection is carefully timed after DOM nodes are moved between documents. (MFSA 2010-25) - Multiple crashes can result in arbitrary code execution. (MFSA 2010-26) - An error in last seen 2020-06-01 modified 2020-06-02 plugin id 47123 published 2010-06-23 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47123 title Firefox < 3.5.10 Multiple Vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_11_0_MOZILLAFIREFOX-100625.NASL description Mozilla Firefox was updated to version 3.5.10, fixing various bugs and security issues. MFSA 2010-33 / CVE-2008-5913: Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random(). Since the pseudo-random number generator was only seeded once per browsing session, this seed value could be used as a unique token to identify and track users across different websites. MFSA 2010-32 / CVE-2010-1197: Security researcher Ilja van Sprundel of IOActive reported that the Content-Disposition: attachment HTTP header was ignored when Content-Type: multipart was also present. This issue could potentially lead to XSS problems in sites that allow users to upload arbitrary files and specify a Content-Type but rely on Content-Disposition: attachment to prevent the content from being displayed inline. MFSA 2010-31 / CVE-2010-1125: Google security researcher Michal Zalewski reported that focus() could be used to change a user last seen 2020-06-01 modified 2020-06-02 plugin id 47689 published 2010-07-09 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47689 title openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0358-2) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-930-6.NASL description USN-957-1 fixed vulnerabilities in Firefox and Xulrunner. Daniel Holbert discovered that the fix for CVE-2010-1214 introduced a regression which did not properly initialize a plugin pointer. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or run arbitrary code as the user invoking the program. (CVE-2010-2755) This update fixes the problem. If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS. (CVE-2010-1121) Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203) A flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1198) An integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1196) Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1199) Michal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. (CVE-2010-1125) Ilja van Sprundel discovered that the last seen 2020-06-01 modified 2020-06-02 plugin id 47855 published 2010-07-27 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47855 title Ubuntu 9.04 / 9.10 : firefox, firefox-3.0, xulrunner-1.9.2 vulnerability (USN-930-6)
Oval
| accepted | 2013-04-29T04:11:47.665-04:00 | ||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||
| description | The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote attackers to track a user, or trick a user into acting upon a spoofed pop-up message, by calculating the seed value, related to a "temporary footprint" and an "in-session phishing attack." | ||||||||||||||||||||||||
| family | unix | ||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:11139 | ||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||||||
| title | The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote attackers to track a user, or trick a user into acting upon a spoofed pop-up message, by calculating the seed value, related to a "temporary footprint" and an "in-session phishing attack." | ||||||||||||||||||||||||
| version | 28 |
Redhat
| advisories |
| ||||||||
| rpms |
|
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 33276 CVE ID: CVE-2009-1696,CVE-2008-5913 Firefox是非常流行的开源WEB浏览器。 Firefox的JavaScript实现的Math.random()函数中存在安全漏洞,攻击者可以对该函数的种子值进行逆向。由于对于每个浏览的会话伪随机数生成器仅提供了一次种子,因此可以将这个种子值用作唯一的令牌跨不同的网站识别和追踪用户。 Mozilla Firefox 3.6.x Mozilla Firefox 3.5.x Mozilla SeaMonkey < 2.0.5 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-2064-1)以及相应补丁: DSA-2064-1:New xulrunner packages fix several vulnerabilities 链接:http://www.debian.org/security/2010/dsa-2064 补丁下载: Source archives: http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19.orig.tar.gz Size/MD5 checksum: 44174623 83667df1e46399960593fdd8832e958e http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-2.dsc Size/MD5 checksum: 1755 417c6652438319f99497be2d751a8173 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-2.diff.gz Size/MD5 checksum: 131694 adaff492562749fc0deb0b3a9aa98a6a Architecture independent packages: http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.9.0.19-2_all.deb Size/MD5 checksum: 1465474 9147fba7fd01e7692ce317eee6df74ed alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-2_alpha.deb Size/MD5 checksum: 9484704 ccb788e476329f5d8601ac46c3324402 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-2_alpha.deb Size/MD5 checksum: 223352 d935848a008a633456abab7eb6408673 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-2_alpha.deb Size/MD5 checksum: 433056 9b05559c9e7dceaa71e7470419ccd2ef http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-2_alpha.deb Size/MD5 checksum: 940244 309d3d7cc8e1551081ec0249656d2ce9 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-2_alpha.deb Size/MD5 checksum: 165414 2672110161283eec4d2cb9b1b7bd245b http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-2_alpha.deb Size/MD5 checksum: 113404 b58e8e0c45c434df5e96e821bb17aedc http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-2_alpha.deb Size/MD5 checksum: 51139568 b363f55880ffd0b827379edbb3f0602b http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-2_alpha.deb Size/MD5 checksum: 72496 637eb8ed29c6ebb843151c7628f66869 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-2_alpha.deb Size/MD5 checksum: 3356878 63c85461418061e8987bacfc76caf62f amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-2_amd64.deb Size/MD5 checksum: 890602 00af69b2dffb6d7a61e18efc0b226b74 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-2_amd64.deb Size/MD5 checksum: 7732578 58fc9b422b09d3faa026bc95ed065edb http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-2_amd64.deb Size/MD5 checksum: 152220 d675895b72aa8e6bbf35d2c5c09849d3 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-2_amd64.deb Size/MD5 checksum: 101778 60ab2e8035019d73c6f3b1363c52d597 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-2_amd64.deb Size/MD5 checksum: 374562 c2d65837de4ab1793033fcb604c57f64 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-2_amd64.deb Size/MD5 checksum: 70170 088bba00712801bf522dbb2e1b81d031 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-2_amd64.deb Size/MD5 checksum: 3290310 0684b22dad0402705db3850a4572eb55 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-2_amd64.deb Size/MD5 checksum: 223252 983d0009fcb3aff8ab0e61acda30e73e http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-2_amd64.deb Size/MD5 checksum: 50368084 449665d4b1348ee262b09aa01c10ca2f arm architecture (ARM) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-2_arm.deb Size/MD5 checksum: 84154 c38cf0e79bc8fc7b4459dba239e0f633 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-2_arm.deb Size/MD5 checksum: 6799136 6b0eb2cbcab63d0c4a2dcbd77ca5de12 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-2_arm.deb Size/MD5 checksum: 222308 052db8a2b1ff4954054146106173c39e http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-2_arm.deb Size/MD5 checksum: 49322578 56c89f3d0c6a6d3317a371a2add64129 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-2_arm.deb Size/MD5 checksum: 815382 6a48ade57480ab360b4d8308538c753a http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-2_arm.deb Size/MD5 checksum: 68488 7d1cd5f9ef7b884d1bfe0a0ad96e62a3 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-2_arm.deb Size/MD5 checksum: 140892 3630b02fa23def97a0393bcb4edf9c28 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-2_arm.deb Size/MD5 checksum: 3583726 3f43328bfefd3dc1ec3790cacf7b4c4c http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-2_arm.deb Size/MD5 checksum: 350918 3c294e0a24835cc97a727bcbf8f0e247 armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-2_armel.deb Size/MD5 checksum: 69978 937428415481c1976e599b338562bcf5 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-2_armel.deb Size/MD5 checksum: 223614 8fd71a0c2ea76fa0d22ee7217709e658 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-2_armel.deb Size/MD5 checksum: 6958220 96188e513073e23576641f76f8122577 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-2_armel.deb Size/MD5 checksum: 3581070 b74bbbe6b208b96ed6cb8a29255df522 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-2_armel.deb Size/MD5 checksum: 822336 acd000d0d058940363e086b0bf74ca89 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-2_armel.deb Size/MD5 checksum: 50161620 0d52664ef75395be9c4c303d6e01c75d http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-2_armel.deb Size/MD5 checksum: 141432 8374f4999c95a85af32373e6454e4556 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-2_armel.deb Size/MD5 checksum: 353252 d2fef0d7e42e071da38500952bac25a0 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-2_armel.deb Size/MD5 checksum: 84468 e88ffba8ed74f94a4e857cf92c4990fe hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-2_hppa.deb Size/MD5 checksum: 51253494 494d60aef7e2d7860e0a300907c3bf8d http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-2_hppa.deb Size/MD5 checksum: 106944 6091943971bec65a5aa53583b15090c3 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-2_hppa.deb Size/MD5 checksum: 413270 05e1bc9367c11dbff9733d0f7c8dbb2c http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-2_hppa.deb Size/MD5 checksum: 223546 26946f1a97c1323c522cf4f206f15be7 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-2_hppa.deb Size/MD5 checksum: 158712 a5d03f9c671ca98f97283a077a025a02 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-2_hppa.deb Size/MD5 checksum: 72230 366cfa2959438258c951e65268a701ea http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-2_hppa.deb Size/MD5 checksum: 899556 cabb8ccc698d3fd4885583606b901736 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-2_hppa.deb Size/MD5 checksum: 9517606 e70e8173e428f4e7ac292ec75b6616b1 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-2_hppa.deb Size/MD5 checksum: 3631282 c0207a8714ba380f339144d7763f978f i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-2_i386.deb Size/MD5 checksum: 6605590 435fc0a456535eada574d09179cf697e http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-2_i386.deb Size/MD5 checksum: 68370 a6aff46291d47363210ba869def030c4 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-2_i386.deb Size/MD5 checksum: 140990 000267e271547d136052f6f51df4922e http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-2_i386.deb Size/MD5 checksum: 3569886 fb82669f63f637bd004652f22323b050 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-2_i386.deb Size/MD5 checksum: 852136 c073bc6e0a84b8b449f2ac4a6835cfc6 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-2_i386.deb Size/MD5 checksum: 82772 ca7763ef6791fcf37163b4ffd9a8faab http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-2_i386.deb Size/MD5 checksum: 351188 778ea8dc4ba55afa057f227bc7040caa http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-2_i386.deb Size/MD5 checksum: 222150 c75a359f4230c6e731c98b0a637757ee http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-2_i386.deb Size/MD5 checksum: 49537814 cb1c1548047447465a1fb5b0eeb00374 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-2_ia64.deb Size/MD5 checksum: 543316 d53f87afd74d7c521b790f932f671078 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-2_ia64.deb Size/MD5 checksum: 120786 6a400d3187c7dc38584de9f3de429cf6 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-2_ia64.deb Size/MD5 checksum: 49720446 c2990e1293bbf5d2111f91c8a97ec3ec http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-2_ia64.deb Size/MD5 checksum: 76478 192e115017a1f3eebc0a8c5c99704f6d http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-2_ia64.deb Size/MD5 checksum: 179644 41788aab793a0cc10c25c0c107706b0d http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-2_ia64.deb Size/MD5 checksum: 11307860 f49d046a5aa64d33878feedea7e3ec5d http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-2_ia64.deb Size/MD5 checksum: 3392470 596baf4e48701811bc77d8d9cdabed55 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-2_ia64.deb Size/MD5 checksum: 223242 296a200cb10263e6f61e47c4e2cb3a3b http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-2_ia64.deb Size/MD5 checksum: 810068 54a2ed9c1025cbf453b0be47990d8622 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-2_mips.deb Size/MD5 checksum: 145350 b58696b904f82ed7fb7237766503743c http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-2_mips.deb Size/MD5 checksum: 7672140 c11eea29282f7afa80e9f82e7e864052 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-2_mips.deb Size/MD5 checksum: 51883884 238e6833eaccc9fe353826ec2e2ea70b http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-2_mips.deb Size/MD5 checksum: 379844 01d3e756d62776e2c01f8871470bee57 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-2_mips.deb Size/MD5 checksum: 96276 c113eb6863dd2c1bdefe71bf884eb661 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-2_mips.deb Size/MD5 checksum: 222384 5486230dfa7ae2eab6f8068fa21bf76e http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-2_mips.deb Size/MD5 checksum: 3607762 64fd108d8b6a0aaf6b519d89e7e3a4f2 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-2_mips.deb Size/MD5 checksum: 69512 b37b38fecb8aa8b86ee8d6cb6ec2f5b4 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-2_mips.deb Size/MD5 checksum: 918302 dd1004ee4c0c6999d215a39e38d9a4d9 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-2_mipsel.deb Size/MD5 checksum: 96982 183bdcf817805540cdf6015ae0b85a83 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-2_mipsel.deb Size/MD5 checksum: 145246 d845585edb7d3f5c8144f13854fc8606 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-2_mipsel.deb Size/MD5 checksum: 378882 b9d2d689539ed6fc53dc7f44ae6bf54b http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-2_mipsel.deb Size/MD5 checksum: 7382594 09afb7262cf650330c586648ae4c6fd3 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-2_mipsel.deb Size/MD5 checksum: 3310262 f344b5fe156e20fbcd36484a9d993284 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-2_mipsel.deb Size/MD5 checksum: 900882 e68c0075ca23ce8b0986822ef05eb643 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-2_mipsel.deb Size/MD5 checksum: 223348 8319e80747bc288ab3f44db2d04f142e http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-2_mipsel.deb Size/MD5 checksum: 50006906 8b794da4ab347acf7565b861bb88b897 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-2_mipsel.deb Size/MD5 checksum: 70122 58b6f926ff60210626229f470421b62e powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-2_powerpc.deb Size/MD5 checksum: 3592536 7551dfd63a7b43e9a1669da97e5593a9 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-2_powerpc.deb Size/MD5 checksum: 888570 97a2be2273abd565933a3a8d399182f4 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-2_powerpc.deb Size/MD5 checksum: 363526 2f863c8631dbdee8f47cce05cb783fe1 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-2_powerpc.deb Size/MD5 checksum: 51437824 21d72b750e6bb60525e37bbb80cddb24 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-2_powerpc.deb Size/MD5 checksum: 7306516 c87d2e02134a094864f5b855f52d8439 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-2_powerpc.deb Size/MD5 checksum: 152786 890104ba8be602a5f16d4dc338a1c9c0 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-2_powerpc.deb Size/MD5 checksum: 223370 ef8da6ed4bb453367301918aa1c0eb80 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-2_powerpc.deb Size/MD5 checksum: 73574 bb59623bcbb45bd6c898090281ebb50f http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-2_powerpc.deb Size/MD5 checksum: 94584 0d6e75fc74b64d0034a8375c7ca28eb8 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-2_s390.deb Size/MD5 checksum: 3607064 40f70e8bbc8c8825a9da4f4eecc7ef83 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-2_s390.deb Size/MD5 checksum: 8418766 8f4d975d1d06d70ded82311b7b7aaa64 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-2_s390.deb Size/MD5 checksum: 51216094 db3f0645c964f2978b9dcadaa7377f24 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-2_s390.deb Size/MD5 checksum: 105648 4d55f5f22ac553181f499d0519788b87 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-2_s390.deb Size/MD5 checksum: 407360 10f44ee635484dcf058c93a930a9db17 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-2_s390.deb Size/MD5 checksum: 909424 a659639cb459491110a02f04d1568860 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-2_s390.deb Size/MD5 checksum: 155384 310aa3e4a80f88deb24adc2143485a09 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-2_s390.deb Size/MD5 checksum: 223126 a2404446949c11207551549f700297e8 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-2_s390.deb Size/MD5 checksum: 73426 bf629f49c166ee1241f68578479a00f5 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-2_sparc.deb Size/MD5 checksum: 222506 4b66d7353c58a79af12c706c2791ca4a http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-2_sparc.deb Size/MD5 checksum: 3569724 c70447e9c1d9a34deab3d23f81cfd8b5 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-2_sparc.deb Size/MD5 checksum: 88464 a52b143930867a5e7a5706ee7fb22336 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-2_sparc.deb Size/MD5 checksum: 821862 36bfba9ec0a1fdf8610d78296d9465ac http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-2_sparc.deb Size/MD5 checksum: 143382 bc21e94220ea092643657d387a02d4c8 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-2_sparc.deb Size/MD5 checksum: 350410 d3bd6721ded9caa19c8686a6513f3b22 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-2_sparc.deb Size/MD5 checksum: 69614 b8f344735b818b6ebb90edde9896851f http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-2_sparc.deb Size/MD5 checksum: 49386956 988b0a0395fc50425cf1bf03bda46e2d http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-2_sparc.deb Size/MD5 checksum: 7174040 5fb3f68909ceddba12950c4e0446d17d 补丁安装方法: 1. 手工安装补丁包: 首先,使用下面的命令来下载补丁软件: # wget url (url是补丁下载链接地址) 然后,使用下面的命令来安装补丁: # dpkg -i file.deb (file是相应的补丁名) 2. 使用apt-get自动安装补丁包: 首先,使用下面的命令更新内部数据库: # apt-get update 然后,使用下面的命令安装更新软件包: # apt-get upgrade Mozilla ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.mozilla.org/ RedHat ------ RedHat已经为此发布了一个安全公告(RHSA-2010:0500-01)以及相应补丁: RHSA-2010:0500-01:Critical: firefox security, bug fix, and enhancement update 链接:https://www.redhat.com/support/errata/RHSA-2010-0500.html |
| id | SSV:19872 |
| last seen | 2017-11-19 |
| modified | 2010-06-28 |
| published | 2010-06-28 |
| reporter | Root |
| title | Firefox JavaScript引擎Math.Random()跨域信息泄露漏洞 |
References
- http://arstechnica.com/news.ars/post/20090113-new-method-of-phishmongering-could-fool-experienced-users.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html
- http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html
- http://secunia.com/advisories/40326
- http://secunia.com/advisories/40401
- http://secunia.com/advisories/40481
- http://support.avaya.com/css/P8/documents/100091069
- http://ubuntu.com/usn/usn-930-1
- http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=212900161
- http://www.infoworld.com/article/09/01/13/Browser_bug_could_allow_phishing_without_email_1.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:125
- http://www.mozilla.org/security/announce/2010/mfsa2010-33.html
- http://www.redhat.com/support/errata/RHSA-2010-0500.html
- http://www.redhat.com/support/errata/RHSA-2010-0501.html
- http://www.securityfocus.com/bid/33276
- http://www.trusteer.com/files/In-session-phishing-advisory-2.pdf
- http://www.ubuntu.com/usn/usn-930-2
- http://www.vupen.com/english/advisories/2010/1551
- http://www.vupen.com/english/advisories/2010/1557
- http://www.vupen.com/english/advisories/2010/1592
- http://www.vupen.com/english/advisories/2010/1640
- http://www.vupen.com/english/advisories/2010/1773
- https://bugzilla.mozilla.org/show_bug.cgi?id=475585
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11139