Vulnerabilities > CVE-2009-1309 - Configuration vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
mozilla
CWE-16
nessus

Summary

Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.

Vulnerable Configurations

Part Description Count
Application
Mozilla
104

Common Weakness Enumeration (CWE)

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_MOZILLAFIREFOX-090427.NASL
    descriptionFirefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302 / CVE-2009-1303 / CVE-2009-1304 / CVE-2009-1305 / CVE-2009-1306 / CVE-2009-1307 / CVE-2009-1308 / CVE-2009-1309 / CVE-2009-1310 / CVE-2009-1311 / CVE-2009-1312 / CVE-2009-0652)
    last seen2020-06-01
    modified2020-06-02
    plugin id41354
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/41354
    titleSuSE 11 Security Update : MozillaFirefox (SAT Patch Number 835)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(41354);
      script_version("1.17");
      script_cvs_date("Date: 2019/10/25 13:36:35");
    
      script_cve_id("CVE-2009-0652", "CVE-2009-1302", "CVE-2009-1303", "CVE-2009-1304", "CVE-2009-1305", "CVE-2009-1307", "CVE-2009-1308", "CVE-2009-1309", "CVE-2009-1311", "CVE-2009-1312");
    
      script_name(english:"SuSE 11 Security Update : MozillaFirefox (SAT Patch Number 835)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Firefox version upgrade to 3.0.9 to fix various security bugs.
    (CVE-2009-1302 / CVE-2009-1303 / CVE-2009-1304 / CVE-2009-1305 /
    CVE-2009-1306 / CVE-2009-1307 / CVE-2009-1308 / CVE-2009-1309 /
    CVE-2009-1310 / CVE-2009-1311 / CVE-2009-1312 / CVE-2009-0652)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=495473"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-0652.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1302.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1303.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1304.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1305.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1307.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1308.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1309.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1311.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1312.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply SAT patch number 835.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_cwe_id(16, 20, 79, 200, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:MozillaFirefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:MozillaFirefox-translations");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/04/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0");
    
    
    flag = 0;
    if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"MozillaFirefox-3.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"MozillaFirefox-translations-3.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"MozillaFirefox-3.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"MozillaFirefox-translations-3.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"MozillaFirefox-3.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"MozillaFirefox-translations-3.0.9-0.1.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2009-0436.NASL
    descriptionFrom Red Hat Security Advisory 2009:0436 : Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312) A flaw was found in the way Firefox saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.9. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.9, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id67847
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67847
    titleOracle Linux 4 / 5 : firefox (ELSA-2009-0436)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2009:0436 and 
    # Oracle Linux Security Advisory ELSA-2009-0436 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(67847);
      script_version("1.12");
      script_cvs_date("Date: 2019/10/25 13:36:08");
    
      script_cve_id("CVE-2009-0652", "CVE-2009-1302", "CVE-2009-1303", "CVE-2009-1304", "CVE-2009-1305", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1308", "CVE-2009-1309", "CVE-2009-1310", "CVE-2009-1311", "CVE-2009-1312");
      script_xref(name:"RHSA", value:"2009:0436");
    
      script_name(english:"Oracle Linux 4 / 5 : firefox (ELSA-2009-0436)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Oracle Linux host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "From Red Hat Security Advisory 2009:0436 :
    
    Updated firefox packages that fix several security issues are now
    available for Red Hat Enterprise Linux 4 and 5.
    
    This update has been rated as having critical security impact by the
    Red Hat Security Response Team.
    
    Mozilla Firefox is an open source Web browser. XULRunner provides the
    XUL Runtime environment for Mozilla Firefox.
    
    Several flaws were found in the processing of malformed web content. A
    web page containing malicious content could cause Firefox to crash or,
    potentially, execute arbitrary code as the user running Firefox.
    (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305)
    
    Several flaws were found in the way malformed web content was
    processed. A web page containing malicious content could execute
    arbitrary JavaScript in the context of the site, possibly presenting
    misleading data to a user, or stealing sensitive information such as
    login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307,
    CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312)
    
    A flaw was found in the way Firefox saved certain web pages to a local
    file. If a user saved the inner frame of a web page containing POST
    data, the POST data could be revealed to the inner frame, possibly
    surrendering sensitive information such as login credentials.
    (CVE-2009-1311)
    
    For technical details regarding these flaws, refer to the Mozilla
    security advisories for Firefox 3.0.9. You can find a link to the
    Mozilla advisories in the References section of this errata.
    
    All Firefox users should upgrade to these updated packages, which
    contain Firefox version 3.0.9, which corrects these issues. After
    installing the update, Firefox must be restarted for the changes to
    take effect."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2009-April/000981.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2009-April/000983.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected firefox packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_cwe_id(16, 20, 79, 200, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:firefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:xulrunner");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:xulrunner-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:xulrunner-devel-unstable");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:4");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2009/02/20");
      script_set_attribute(attribute:"patch_publication_date", value:"2009/04/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Oracle Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
    os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 4 / 5", "Oracle Linux " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);
    
    flag = 0;
    if (rpm_check(release:"EL4", reference:"firefox-3.0.9-1.0.1.el4")) flag++;
    
    if (rpm_check(release:"EL5", reference:"firefox-3.0.9-1.0.1.el5")) flag++;
    if (rpm_check(release:"EL5", reference:"xulrunner-1.9.0.9-1.0.1.el5")) flag++;
    if (rpm_check(release:"EL5", reference:"xulrunner-devel-1.9.0.9-1.0.1.el5")) flag++;
    if (rpm_check(release:"EL5", reference:"xulrunner-devel-unstable-1.9.0.9-1.0.1.el5")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "firefox / xulrunner / xulrunner-devel / xulrunner-devel-unstable");
    }
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-764-1.NASL
    descriptionSeveral flaws were discovered in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305) It was discovered that Firefox displayed certain Unicode characters which could be visually confused with punctuation in valid web addresses in the location bar. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2009-0652) Several flaws were discovered in the way Firefox processed malformed URI schemes. If a user were tricked into viewing a malicious website, a remote attacker could execute arbitrary JavaScript or steal private data. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312) Cefn Hoile discovered Firefox did not adequately protect against embedded third-party stylesheets. An attacker could exploit this to perform script injection attacks using XBL bindings. (CVE-2009-1308) Paolo Amadini discovered that Firefox would submit POST data when reloading an inner frame of a web page. If a user were tricked into viewing a malicious website, a remote attacker could steal private data. (CVE-2009-1311). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id36228
    published2009-04-23
    reporterUbuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/36228
    titleUbuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-764-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-764-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(36228);
      script_version("1.19");
      script_cvs_date("Date: 2019/10/16 10:34:22");
    
      script_cve_id("CVE-2009-0652", "CVE-2009-1302", "CVE-2009-1303", "CVE-2009-1304", "CVE-2009-1305", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1308", "CVE-2009-1309", "CVE-2009-1310", "CVE-2009-1311", "CVE-2009-1312");
      script_xref(name:"USN", value:"764-1");
    
      script_name(english:"Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-764-1)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Several flaws were discovered in the browser engine. If a user were
    tricked into viewing a malicious website, a remote attacker could
    cause a denial of service or possibly execute arbitrary code with the
    privileges of the user invoking the program. (CVE-2009-1302,
    CVE-2009-1303, CVE-2009-1304, CVE-2009-1305)
    
    It was discovered that Firefox displayed certain Unicode characters
    which could be visually confused with punctuation in valid web
    addresses in the location bar. An attacker could exploit this to spoof
    the location bar, such as in a phishing attack. (CVE-2009-0652)
    
    Several flaws were discovered in the way Firefox processed malformed
    URI schemes. If a user were tricked into viewing a malicious website,
    a remote attacker could execute arbitrary JavaScript or steal private
    data. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1310,
    CVE-2009-1312)
    
    Cefn Hoile discovered Firefox did not adequately protect against
    embedded third-party stylesheets. An attacker could exploit this to
    perform script injection attacks using XBL bindings. (CVE-2009-1308)
    
    Paolo Amadini discovered that Firefox would submit POST data when
    reloading an inner frame of a web page. If a user were tricked into
    viewing a malicious website, a remote attacker could steal private
    data. (CVE-2009-1311).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/764-1/"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_cwe_id(16, 20, 79, 200, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:abrowser");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:abrowser-3.0-branding");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-branding");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-dom-inspector");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-gnome-support");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-venkman");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-dom-inspector");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-gnome-support");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-dom-inspector");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-gnome-support");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-libthai");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-dom-inspector");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-gnome-support");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-venkman");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9-dom-inspector");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9-gnome-support");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9-venkman");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:xulrunner-dev");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.10");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.04");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/04/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! ereg(pattern:"^(8\.04|8\.10|9\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 8.04 / 8.10 / 9.04", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"8.04", pkgname:"firefox", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-3.0", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-3.0-dev", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-3.0-dom-inspector", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-3.0-gnome-support", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-3.0-venkman", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-dev", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-dom-inspector", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-gnome-support", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-granparadiso", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-granparadiso-dev", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-granparadiso-dom-inspector", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-granparadiso-gnome-support", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-libthai", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-trunk", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-trunk-dev", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-trunk-dom-inspector", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-trunk-gnome-support", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"firefox-trunk-venkman", pkgver:"3.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"xulrunner-1.9", pkgver:"1.9.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"xulrunner-1.9-dev", pkgver:"1.9.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"xulrunner-1.9-dom-inspector", pkgver:"1.9.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"xulrunner-1.9-gnome-support", pkgver:"1.9.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"xulrunner-1.9-venkman", pkgver:"1.9.0.9+nobinonly-0ubuntu0.8.04.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"abrowser", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"abrowser-3.0-branding", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-3.0", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-3.0-branding", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-3.0-dev", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-3.0-dom-inspector", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-3.0-gnome-support", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-3.0-venkman", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-dev", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-dom-inspector", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-gnome-support", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-granparadiso", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-granparadiso-dev", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-granparadiso-dom-inspector", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-granparadiso-gnome-support", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-libthai", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-trunk", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-trunk-dev", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-trunk-dom-inspector", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-trunk-gnome-support", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"firefox-trunk-venkman", pkgver:"3.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"xulrunner-1.9", pkgver:"1.9.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"xulrunner-1.9-dev", pkgver:"1.9.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"xulrunner-1.9-dom-inspector", pkgver:"1.9.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"xulrunner-1.9-gnome-support", pkgver:"1.9.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"xulrunner-1.9-venkman", pkgver:"1.9.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"xulrunner-dev", pkgver:"1.9.0.9+nobinonly-0ubuntu0.8.10.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"abrowser", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"abrowser-3.0-branding", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-3.0", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-3.0-branding", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-3.0-dev", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-3.0-dom-inspector", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-3.0-gnome-support", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-3.0-venkman", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-dev", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-dom-inspector", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-gnome-support", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-granparadiso", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-granparadiso-dev", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-granparadiso-dom-inspector", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-granparadiso-gnome-support", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-libthai", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-trunk", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-trunk-dev", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-trunk-dom-inspector", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-trunk-gnome-support", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"firefox-trunk-venkman", pkgver:"3.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"xulrunner-1.9", pkgver:"1.9.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"xulrunner-1.9-dev", pkgver:"1.9.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"xulrunner-1.9-dom-inspector", pkgver:"1.9.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"xulrunner-1.9-gnome-support", pkgver:"1.9.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"xulrunner-1.9-venkman", pkgver:"1.9.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"xulrunner-dev", pkgver:"1.9.0.9+nobinonly-0ubuntu0.9.04.1")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "abrowser / abrowser-3.0-branding / firefox / firefox-3.0 / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_MOZILLA-XULRUNNER190-090427.NASL
    descriptionFirefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302 / CVE-2009-1303 / CVE-2009-1304 / CVE-2009-1305,CVE -2009-1306,CVE-2009-1307 / CVE-2009-1308 / CVE-2009-1309,CVE-200 9-1310,CVE-2009-1311 / CVE-2009-1312 / CVE-2009-0652)
    last seen2020-06-01
    modified2020-06-02
    plugin id41437
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/41437
    titleSuSE 11 Security Update : Mozilla (SAT Patch Number 834)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(41437);
      script_version("1.17");
      script_cvs_date("Date: 2019/10/25 13:36:35");
    
      script_cve_id("CVE-2009-0652", "CVE-2009-1302", "CVE-2009-1303", "CVE-2009-1304", "CVE-2009-1305", "CVE-2009-1307", "CVE-2009-1308", "CVE-2009-1309", "CVE-2009-1311", "CVE-2009-1312");
    
      script_name(english:"SuSE 11 Security Update : Mozilla (SAT Patch Number 834)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Firefox version upgrade to 3.0.9 to fix various security bugs.
    (CVE-2009-1302 / CVE-2009-1303 / CVE-2009-1304 / CVE-2009-1305,CVE
    
    -2009-1306,CVE-2009-1307 / CVE-2009-1308 / CVE-2009-1309,CVE-200
    9-1310,CVE-2009-1311 / CVE-2009-1312 / CVE-2009-0652)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=495473"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-0652.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1302.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1303.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1304.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1305.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1307.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1308.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1309.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1311.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1312.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply SAT patch number 834.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_cwe_id(16, 20, 79, 200, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-gnomevfs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-gnomevfs-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-translations");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-translations-32bit");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/04/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0");
    
    
    flag = 0;
    if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"mozilla-xulrunner190-1.9.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"mozilla-xulrunner190-gnomevfs-1.9.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"mozilla-xulrunner190-translations-1.9.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"mozilla-xulrunner190-1.9.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"mozilla-xulrunner190-32bit-1.9.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"mozilla-xulrunner190-gnomevfs-1.9.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"mozilla-xulrunner190-gnomevfs-32bit-1.9.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"mozilla-xulrunner190-translations-1.9.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"mozilla-xulrunner190-translations-32bit-1.9.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"mozilla-xulrunner190-1.9.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"mozilla-xulrunner190-gnomevfs-1.9.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"mozilla-xulrunner190-translations-1.9.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, cpu:"s390x", reference:"mozilla-xulrunner190-32bit-1.9.0.9-0.1.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, cpu:"x86_64", reference:"mozilla-xulrunner190-32bit-1.9.0.9-0.1.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2009-1125.NASL
    descriptionAn updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird. (CVE-2009-1392, CVE-2009-1303, CVE-2009-1305, CVE-2009-1833, CVE-2009-1838) Several flaws were found in the way malformed HTML mail content was processed. An HTML mail message containing malicious content could execute arbitrary JavaScript in the context of the mail message, possibly presenting misleading data to the user, or stealing sensitive information such as login credentials. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1309) Note: JavaScript support is disabled by default in Thunderbird. None of the above issues are exploitable unless JavaScript is enabled. All Thunderbird users should upgrade to this updated package, which resolves these issues. All running instances of Thunderbird must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id39528
    published2009-06-26
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/39528
    titleRHEL 4 : thunderbird (RHSA-2009:1125)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2009:1125. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(39528);
      script_version ("1.30");
      script_cvs_date("Date: 2019/10/25 13:36:14");
    
      script_cve_id("CVE-2009-1303", "CVE-2009-1305", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1309", "CVE-2009-1392", "CVE-2009-1833", "CVE-2009-1838", "CVE-2009-2210");
      script_bugtraq_id(35370, 35372, 35383);
      script_xref(name:"RHSA", value:"2009:1125");
    
      script_name(english:"RHEL 4 : thunderbird (RHSA-2009:1125)");
      script_summary(english:"Checks the rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An updated thunderbird package that fixes several security issues is
    now available for Red Hat Enterprise Linux 4.
    
    This update has been rated as having moderate security impact by the
    Red Hat Security Response Team.
    
    Mozilla Thunderbird is a standalone mail and newsgroup client.
    
    Several flaws were found in the processing of malformed HTML mail
    content. An HTML mail message containing malicious content could cause
    Thunderbird to crash or, potentially, execute arbitrary code as the
    user running Thunderbird. (CVE-2009-1392, CVE-2009-1303,
    CVE-2009-1305, CVE-2009-1833, CVE-2009-1838)
    
    Several flaws were found in the way malformed HTML mail content was
    processed. An HTML mail message containing malicious content could
    execute arbitrary JavaScript in the context of the mail message,
    possibly presenting misleading data to the user, or stealing sensitive
    information such as login credentials. (CVE-2009-1306, CVE-2009-1307,
    CVE-2009-1309)
    
    Note: JavaScript support is disabled by default in Thunderbird. None
    of the above issues are exploitable unless JavaScript is enabled.
    
    All Thunderbird users should upgrade to this updated package, which
    resolves these issues. All running instances of Thunderbird must be
    restarted for the update to take effect."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-1303"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-1305"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-1306"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-1307"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-1309"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-1392"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-1833"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-1838"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-2210"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2009:1125"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected thunderbird package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_cwe_id(16, 20, 94, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:thunderbird");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.8");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2009/04/22");
      script_set_attribute(attribute:"patch_publication_date", value:"2009/06/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/06/26");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2009:1125";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL4", reference:"thunderbird-1.5.0.12-23.el4")) flag++;
    
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "thunderbird");
      }
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2009-3875.NASL
    descriptionhttp://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.9 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id37309
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/37309
    titleFedora 9 : Miro-2.0.3-3.fc9 / blam-1.8.5-8.fc9.1 / chmsee-1.0.1-11.fc9 / devhelp-0.19.1-11.fc9 / etc (2009-3875)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2009-3875.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(37309);
      script_version ("1.23");
      script_cvs_date("Date: 2019/10/16 10:34:21");
    
      script_cve_id("CVE-2009-0652", "CVE-2009-1302", "CVE-2009-1303", "CVE-2009-1304", "CVE-2009-1305", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1308", "CVE-2009-1309", "CVE-2009-1310", "CVE-2009-1311", "CVE-2009-1312");
      script_xref(name:"FEDORA", value:"2009-3875");
    
      script_name(english:"Fedora 9 : Miro-2.0.3-3.fc9 / blam-1.8.5-8.fc9.1 / chmsee-1.0.1-11.fc9 / devhelp-0.19.1-11.fc9 / etc (2009-3875)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "http://www.mozilla.org/security/known-
    vulnerabilities/firefox30.html#firefox3.0.9
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      # http://www.mozilla.org/security/known-
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/known-"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=486704"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=496252"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=496253"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=496255"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=496256"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=496262"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=496263"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=496266"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=496267"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=496270"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=496271"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=496274"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022628.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?9aa2b83d"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022629.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?6aaaa992"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022630.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?57ba0cab"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022631.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?c452f848"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022632.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?ed2bc550"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022633.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?de5ae17b"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022634.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?9160c89c"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022635.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?5a5e1487"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022636.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?c51bc107"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022637.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?5294cc4d"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022638.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?76e1bd03"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022639.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?746611a6"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022640.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?ce5dd47a"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022641.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?59a05df6"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022642.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?ee681e20"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022643.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?1979407f"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022644.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?30f035ab"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022645.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?20bd9531"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022646.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?f2e57fc3"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022647.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?95acaffc"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_cwe_id(16, 20, 79, 200, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:Miro");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:blam");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:chmsee");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:devhelp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:epiphany");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:epiphany-extensions");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:evolution-rss");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:firefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:galeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:gnome-python2-extras");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:gnome-web-photo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:google-gadgets");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:gtkmozembedmm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kazehakase");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mozvoikko");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mugshot");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:ruby-gnome2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:totem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:xulrunner");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:yelp");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:9");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2009/02/20");
      script_set_attribute(attribute:"patch_publication_date", value:"2009/04/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^9([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 9.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC9", reference:"Miro-2.0.3-3.fc9")) flag++;
    if (rpm_check(release:"FC9", reference:"blam-1.8.5-8.fc9.1")) flag++;
    if (rpm_check(release:"FC9", reference:"chmsee-1.0.1-11.fc9")) flag++;
    if (rpm_check(release:"FC9", reference:"devhelp-0.19.1-11.fc9")) flag++;
    if (rpm_check(release:"FC9", reference:"epiphany-2.22.2-10.fc9")) flag++;
    if (rpm_check(release:"FC9", reference:"epiphany-extensions-2.22.1-10.fc9")) flag++;
    if (rpm_check(release:"FC9", reference:"evolution-rss-0.1.0-10.fc9")) flag++;
    if (rpm_check(release:"FC9", reference:"firefox-3.0.9-1.fc9")) flag++;
    if (rpm_check(release:"FC9", reference:"galeon-2.0.7-9.fc9")) flag++;
    if (rpm_check(release:"FC9", reference:"gnome-python2-extras-2.19.1-26.fc9")) flag++;
    if (rpm_check(release:"FC9", reference:"gnome-web-photo-0.3-20.fc9")) flag++;
    if (rpm_check(release:"FC9", reference:"google-gadgets-0.10.5-5.fc9")) flag++;
    if (rpm_check(release:"FC9", reference:"gtkmozembedmm-1.4.2.cvs20060817-28.fc9")) flag++;
    if (rpm_check(release:"FC9", reference:"kazehakase-0.5.6-4.fc9.1")) flag++;
    if (rpm_check(release:"FC9", reference:"mozvoikko-0.9.5-9.fc9")) flag++;
    if (rpm_check(release:"FC9", reference:"mugshot-1.2.2-8.fc9")) flag++;
    if (rpm_check(release:"FC9", reference:"ruby-gnome2-0.17.0-8.fc9")) flag++;
    if (rpm_check(release:"FC9", reference:"totem-2.23.2-14.fc9")) flag++;
    if (rpm_check(release:"FC9", reference:"xulrunner-1.9.0.9-1.fc9")) flag++;
    if (rpm_check(release:"FC9", reference:"yelp-2.22.1-11.fc9")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Miro / blam / chmsee / devhelp / epiphany / epiphany-extensions / etc");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2009-0437.NASL
    descriptionUpdated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2009-1303, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312) A flaw was found in the way SeaMonkey saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id36214
    published2009-04-22
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/36214
    titleRHEL 2.1 / 3 / 4 : seamonkey (RHSA-2009:0437)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2009:0437. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(36214);
      script_version ("1.32");
      script_cvs_date("Date: 2019/10/25 13:36:14");
    
      script_cve_id("CVE-2009-0652", "CVE-2009-1303", "CVE-2009-1305", "CVE-2009-1306", "CVE-2009-1307", "CVE-2009-1309", "CVE-2009-1311", "CVE-2009-1312");
      script_xref(name:"RHSA", value:"2009:0437");
    
      script_name(english:"RHEL 2.1 / 3 / 4 : seamonkey (RHSA-2009:0437)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated SeaMonkey packages that fix several security issues are now
    available for Red Hat Enterprise Linux 2.1, 3, and 4.
    
    This update has been rated as having critical security impact by the
    Red Hat Security Response Team.
    
    SeaMonkey is an open source Web browser, email and newsgroup client,
    IRC chat client, and HTML editor.
    
    Several flaws were found in the processing of malformed web content. A
    web page containing malicious content could cause SeaMonkey to crash
    or, potentially, execute arbitrary code as the user running SeaMonkey.
    (CVE-2009-1303, CVE-2009-1305)
    
    Several flaws were found in the way malformed web content was
    processed. A web page containing malicious content could execute
    arbitrary JavaScript in the context of the site, possibly presenting
    misleading data to a user, or stealing sensitive information such as
    login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307,
    CVE-2009-1309, CVE-2009-1312)
    
    A flaw was found in the way SeaMonkey saved certain web pages to a
    local file. If a user saved the inner frame of a web page containing
    POST data, the POST data could be revealed to the inner frame,
    possibly surrendering sensitive information such as login credentials.
    (CVE-2009-1311)
    
    All SeaMonkey users should upgrade to these updated packages, which
    correct these issues. After installing the update, SeaMonkey must be
    restarted for the changes to take effect."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-0652"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-1303"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-1305"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-1306"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-1307"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-1309"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-1311"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-1312"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2009:0437"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_cwe_id(16, 20, 200, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-chat");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-dom-inspector");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-js-debugger");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-mail");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-nspr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-nspr-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-nss");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-nss-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2009/02/20");
      script_set_attribute(attribute:"patch_publication_date", value:"2009/04/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/22");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(2\.1|3|4)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1 / 3.x / 4.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2009:0437";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"seamonkey-1.0.9-0.33.el2")) flag++;
    
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"seamonkey-chat-1.0.9-0.33.el2")) flag++;
    
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"seamonkey-devel-1.0.9-0.33.el2")) flag++;
    
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"seamonkey-dom-inspector-1.0.9-0.33.el2")) flag++;
    
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"seamonkey-js-debugger-1.0.9-0.33.el2")) flag++;
    
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"seamonkey-mail-1.0.9-0.33.el2")) flag++;
    
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"seamonkey-nspr-1.0.9-0.33.el2")) flag++;
    
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"seamonkey-nspr-devel-1.0.9-0.33.el2")) flag++;
    
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"seamonkey-nss-1.0.9-0.33.el2")) flag++;
    
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"seamonkey-nss-devel-1.0.9-0.33.el2")) flag++;
    
    
      if (rpm_check(release:"RHEL3", reference:"seamonkey-1.0.9-0.37.el3")) flag++;
    
      if (rpm_check(release:"RHEL3", reference:"seamonkey-chat-1.0.9-0.37.el3")) flag++;
    
      if (rpm_check(release:"RHEL3", reference:"seamonkey-devel-1.0.9-0.37.el3")) flag++;
    
      if (rpm_check(release:"RHEL3", reference:"seamonkey-dom-inspector-1.0.9-0.37.el3")) flag++;
    
      if (rpm_check(release:"RHEL3", reference:"seamonkey-js-debugger-1.0.9-0.37.el3")) flag++;
    
      if (rpm_check(release:"RHEL3", reference:"seamonkey-mail-1.0.9-0.37.el3")) flag++;
    
      if (rpm_check(release:"RHEL3", reference:"seamonkey-nspr-1.0.9-0.37.el3")) flag++;
    
      if (rpm_check(release:"RHEL3", reference:"seamonkey-nspr-devel-1.0.9-0.37.el3")) flag++;
    
      if (rpm_check(release:"RHEL3", reference:"seamonkey-nss-1.0.9-0.37.el3")) flag++;
    
      if (rpm_check(release:"RHEL3", reference:"seamonkey-nss-devel-1.0.9-0.37.el3")) flag++;
    
    
      if (rpm_check(release:"RHEL4", reference:"seamonkey-1.0.9-41.el4")) flag++;
    
      if (rpm_check(release:"RHEL4", reference:"seamonkey-chat-1.0.9-41.el4")) flag++;
    
      if (rpm_check(release:"RHEL4", reference:"seamonkey-devel-1.0.9-41.el4")) flag++;
    
      if (rpm_check(release:"RHEL4", reference:"seamonkey-dom-inspector-1.0.9-41.el4")) flag++;
    
      if (rpm_check(release:"RHEL4", reference:"seamonkey-js-debugger-1.0.9-41.el4")) flag++;
    
      if (rpm_check(release:"RHEL4", reference:"seamonkey-mail-1.0.9-41.el4")) flag++;
    
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "seamonkey / seamonkey-chat / seamonkey-devel / etc");
      }
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_MOZILLAFIREFOX-090427.NASL
    descriptionFirefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302,CVE-2009-1303,CVE-2009-1304,CVE-2009-1305,CVE -2009-1306,CVE-2009-1307,CVE-2009-1308,CVE-2009-1309,CVE-200 9-1310,CVE-2009-1311,CVE-2009-1312,CVE-2009-0652)
    last seen2020-06-01
    modified2020-06-02
    plugin id40172
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/40172
    titleopenSUSE Security Update : MozillaFirefox (MozillaFirefox-833)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update MozillaFirefox-833.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(40172);
      script_version("1.18");
      script_cvs_date("Date: 2019/10/25 13:36:34");
    
      script_cve_id("CVE-2009-0652", "CVE-2009-1302", "CVE-2009-1303", "CVE-2009-1304", "CVE-2009-1305", "CVE-2009-1307", "CVE-2009-1308", "CVE-2009-1309", "CVE-2009-1311", "CVE-2009-1312");
    
      script_name(english:"openSUSE Security Update : MozillaFirefox (MozillaFirefox-833)");
      script_summary(english:"Check for the MozillaFirefox-833 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Firefox version upgrade to 3.0.9 to fix various security bugs.
    (CVE-2009-1302,CVE-2009-1303,CVE-2009-1304,CVE-2009-1305,CVE
    
    -2009-1306,CVE-2009-1307,CVE-2009-1308,CVE-2009-1309,CVE-200
    9-1310,CVE-2009-1311,CVE-2009-1312,CVE-2009-0652)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=495473"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected MozillaFirefox packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_cwe_id(16, 20, 79, 200, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2009/02/20");
      script_set_attribute(attribute:"patch_publication_date", value:"2009/04/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.1", reference:"MozillaFirefox-3.0.9-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"MozillaFirefox-branding-upstream-3.0.9-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"MozillaFirefox-translations-3.0.9-0.1.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox / MozillaFirefox-branding-upstream / etc");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2009-3893.NASL
    descriptionhttp://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.9 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id38160
    published2009-04-27
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/38160
    titleFedora 10 : Miro-2.0.3-3.fc10 / blam-1.8.5-9.fc10 / devhelp-0.22-7.fc10 / epiphany-2.24.3-5.fc10 / etc (2009-3893)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20090421_SEAMONKEY_ON_SL3_X.NASL
    descriptionSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2009-1303, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312) A flaw was found in the way SeaMonkey saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) SeaMonkey must be restarted for the changes to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id60573
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60573
    titleScientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2009-0436.NASL
    descriptionUpdated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312) A flaw was found in the way Firefox saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.9. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.9, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id36213
    published2009-04-22
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/36213
    titleRHEL 4 / 5 : firefox (RHSA-2009:0436)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_3B18E2372F1511DE96720030843D3802.NASL
    descriptionMozilla Foundation reports : MFSA 2009-22: Firefox allows Refresh header to redirect to javascript: URIs MFSA 2009-21: POST data sent to wrong site when saving web page with embedded frame MFSA 2009-20: Malicious search plugins can inject code into arbitrary sites MFSA 2009-19: Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString MFSA 2009-18: XSS hazard using third-party stylesheets and XBL bindings MFSA 2009-17: Same-origin violations when Adobe Flash loaded via view-source: scheme MFSA 2009-16: jar: scheme ignores the content-disposition: header on the inner URI MFSA 2009-15: URL spoofing with box drawing character MFSA 2009-14 Crashes with evidence of memory corruption (rv:1.9.0.9)
    last seen2020-06-01
    modified2020-06-02
    plugin id36212
    published2009-04-22
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/36212
    titleFreeBSD : mozilla -- multiple vulnerabilities (3b18e237-2f15-11de-9672-0030843d3802)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20090421_FIREFOX_ON_SL4_X.NASL
    descriptionSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312) A flaw was found in the way Firefox saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) After installing the update, Firefox must be restarted for the changes to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id60572
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60572
    titleScientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2009-0437.NASL
    descriptionFrom Red Hat Security Advisory 2009:0437 : Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2009-1303, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312) A flaw was found in the way SeaMonkey saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id67848
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67848
    titleOracle Linux 3 / 4 : seamonkey (ELSA-2009-0437)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20090625_THUNDERBIRD_ON_SL4_X.NASL
    descriptionSeveral flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird. (CVE-2009-1392, CVE-2009-1303, CVE-2009-1305, CVE-2009-1833, CVE-2009-1838) Several flaws were found in the way malformed HTML mail content was processed. An HTML mail message containing malicious content could execute arbitrary JavaScript in the context of the mail message, possibly presenting misleading data to the user, or stealing sensitive information such as login credentials. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309) A flaw was found in the way Thunderbird handled error responses returned from proxy servers. If an attacker is able to conduct a man-in-the-middle attack against a Thunderbird instance that is using a proxy server, they may be able to steal sensitive information from the site Thunderbird is displaying. (CVE-2009-1836) Note: JavaScript support is disabled by default in Thunderbird. None of the above issues are exploitable unless JavaScript is enabled. All running instances of Thunderbird must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id60608
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60608
    titleScientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-782-1.NASL
    descriptionSeveral flaws were discovered in the JavaScript engine of Thunderbird. If a user had JavaScript enabled and were tricked into viewing malicious web content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-1303, CVE-2009-1305, CVE-2009-1392, CVE-2009-1833, CVE-2009-1838) Several flaws were discovered in the way Thunderbird processed malformed URI schemes. If a user were tricked into viewing a malicious website and had JavaScript and plugins enabled, a remote attacker could execute arbitrary JavaScript or steal private data. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1309) Cefn Hoile discovered Thunderbird did not adequately protect against embedded third-party stylesheets. If JavaScript were enabled, an attacker could exploit this to perform script injection attacks using XBL bindings. (CVE-2009-1308) Shuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang discovered that Thunderbird did not properly handle error responses when connecting to a proxy server. If a user had JavaScript enabled while using Thunderbird to view websites and a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. (CVE-2009-1836) It was discovered that Thunderbird could be made to run scripts with elevated privileges. If a user had JavaScript enabled while having certain non-default add-ons installed and were tricked into viewing a malicious website, an attacker could cause a chrome privileged object, such as the browser sidebar, to run arbitrary code via interactions with the attacker controlled website. (CVE-2009-1841). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id39533
    published2009-06-26
    reporterUbuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/39533
    titleUbuntu 8.04 LTS / 8.10 / 9.04 : thunderbird vulnerabilities (USN-782-1)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2009-111.NASL
    descriptionSecurity vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Firefox 3.x, version 3.0.10. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305, CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1311, CVE-2009-1312, CVE-2009-1313) This update provides the latest Mozilla Firefox 3.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates. Update : The recent Mozilla Firefox update missed the Firefox language packs for Mandriva Linux 2009. This update provides them, fixing the issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id38853
    published2009-05-13
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/38853
    titleMandriva Linux Security Advisory : firefox (MDVSA-2009:111-1)
  • NASL familyWindows
    NASL idMOZILLA_FIREFOX_309.NASL
    descriptionThe installed version of Firefox is earlier than 3.0.9. Such versions are potentially affected by the following security issues : - Multiple remote memory corruption vulnerabilities exist that can be exploited to execute arbitrary code in the context of the user running the affected application. (MFSA 2009-14) - A flaw may exist where Unicode box drawing characters are allowed in Internationalized Domain Names where they could be visually confused with punctuation used in valid web addresses. An attacker can leverage this to launch a phishing-type scam against a victim. (MFSA 2009-15) - A vulnerability exists when the
    last seen2020-06-01
    modified2020-06-02
    plugin id36215
    published2009-04-22
    reporterThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/36215
    titleFirefox < 3.0.9 Multiple Vulnerabilities
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2009-1125.NASL
    descriptionFrom Red Hat Security Advisory 2009:1125 : An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird. (CVE-2009-1392, CVE-2009-1303, CVE-2009-1305, CVE-2009-1833, CVE-2009-1838) Several flaws were found in the way malformed HTML mail content was processed. An HTML mail message containing malicious content could execute arbitrary JavaScript in the context of the mail message, possibly presenting misleading data to the user, or stealing sensitive information such as login credentials. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1309) Note: JavaScript support is disabled by default in Thunderbird. None of the above issues are exploitable unless JavaScript is enabled. All Thunderbird users should upgrade to this updated package, which resolves these issues. All running instances of Thunderbird must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id67881
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67881
    titleOracle Linux 4 : thunderbird (ELSA-2009-1125)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2009-1126.NASL
    descriptionAn updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird. (CVE-2009-1392, CVE-2009-1303, CVE-2009-1305, CVE-2009-1833, CVE-2009-1838) Several flaws were found in the way malformed HTML mail content was processed. An HTML mail message containing malicious content could execute arbitrary JavaScript in the context of the mail message, possibly presenting misleading data to the user, or stealing sensitive information such as login credentials. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309) A flaw was found in the way Thunderbird handled error responses returned from proxy servers. If an attacker is able to conduct a man-in-the-middle attack against a Thunderbird instance that is using a proxy server, they may be able to steal sensitive information from the site Thunderbird is displaying. (CVE-2009-1836) Note: JavaScript support is disabled by default in Thunderbird. None of the above issues are exploitable unless JavaScript is enabled. All Thunderbird users should upgrade to this updated package, which resolves these issues. All running instances of Thunderbird must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id43762
    published2010-01-06
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/43762
    titleCentOS 5 : thunderbird (CESA-2009:1126)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2009-141.NASL
    descriptionA number of security vulnerabilities have been discovered for Mozilla Thunderbird version 2.0.0.21 (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-2210, CVE-2009-1392, CVE-2009-1832, CVE-2009-1833, CVE-2009-1838, CVE-2009-1836, CVE-2009-1840, CVE-2009-1841). This update provides the latest Thunderbird to correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id39581
    published2009-06-28
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/39581
    titleMandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2009:141)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2009-0437.NASL
    descriptionUpdated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2009-1303, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312) A flaw was found in the way SeaMonkey saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id38899
    published2009-05-26
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/38899
    titleCentOS 3 / 4 : seamonkey (CESA-2009:0437)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201301-01.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201301-01 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL&rsquo;s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser&rsquo;s font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id63402
    published2013-01-08
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63402
    titleGLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1797.NASL
    descriptionSeveral remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0652 Moxie Marlinspike discovered that Unicode box drawing characters inside of internationalised domain names could be used for phishing attacks. - CVE-2009-1302 Olli Pettay, Martijn Wargers, Mats Palmgren, Oleg Romashin, Jesse Ruderman and Gary Kwong reported crashes in the layout engine, which might allow the execution of arbitrary code. - CVE-2009-1303 Olli Pettay, Martijn Wargers, Mats Palmgren, Oleg Romashin, Jesse Ruderman and Gary Kwong reported crashes in the layout engine, which might allow the execution of arbitrary code. - CVE-2009-1304 Igor Bukanov and Bob Clary discovered crashes in the JavaScript engine, which might allow the execution of arbitrary code. - CVE-2009-1305 Igor Bukanov and Bob Clary discovered crashes in the JavaScript engine, which might allow the execution of arbitrary code. - CVE-2009-1306 Daniel Veditz discovered that the Content-Disposition: header is ignored within the jar: URI scheme. - CVE-2009-1307 Gregory Fleischer discovered that the same-origin policy for Flash files is inproperly enforced for files loaded through the view-source scheme, which may result in bypass of cross-domain policy restrictions. - CVE-2009-1308 Cefn Hoile discovered that sites, which allow the embedding of third-party stylesheets are vulnerable to cross-site scripting attacks through XBL bindings. - CVE-2009-1309
    last seen2020-06-01
    modified2020-06-02
    plugin id38724
    published2009-05-11
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/38724
    titleDebian DSA-1797-1 : xulrunner - several vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_MOZILLA-XULRUNNER190-090427.NASL
    descriptionFirefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302,CVE-2009-1303,CVE-2009-1304,CVE-2009-1305,CVE -2009-1306,CVE-2009-1307,CVE-2009-1308,CVE-2009-1309,CVE-200 9-1310,CVE-2009-1311,CVE-2009-1312,CVE-2009-0652)
    last seen2020-06-01
    modified2020-06-02
    plugin id40280
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/40280
    titleopenSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-832)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2009-0436.NASL
    descriptionUpdated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312) A flaw was found in the way Firefox saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.9. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.9, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id43743
    published2010-01-06
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/43743
    titleCentOS 4 / 5 : firefox (CESA-2009:0436)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2009-1126.NASL
    descriptionAn updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird. (CVE-2009-1392, CVE-2009-1303, CVE-2009-1305, CVE-2009-1833, CVE-2009-1838) Several flaws were found in the way malformed HTML mail content was processed. An HTML mail message containing malicious content could execute arbitrary JavaScript in the context of the mail message, possibly presenting misleading data to the user, or stealing sensitive information such as login credentials. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309) A flaw was found in the way Thunderbird handled error responses returned from proxy servers. If an attacker is able to conduct a man-in-the-middle attack against a Thunderbird instance that is using a proxy server, they may be able to steal sensitive information from the site Thunderbird is displaying. (CVE-2009-1836) Note: JavaScript support is disabled by default in Thunderbird. None of the above issues are exploitable unless JavaScript is enabled. All Thunderbird users should upgrade to this updated package, which resolves these issues. All running instances of Thunderbird must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id63881
    published2013-01-24
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63881
    titleRHEL 5 : thunderbird (RHSA-2009:1126)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_MOZILLAFIREFOX-090427.NASL
    descriptionFirefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302,CVE-2009-1303,CVE-2009-1304,CVE-2009-1305,CVE -2009-1306,CVE-2009-1307,CVE-2009-1308,CVE-2009-1309,CVE-200 9-1310,CVE-2009-1311,CVE-2009-1312,CVE-2009-0652)
    last seen2020-06-01
    modified2020-06-02
    plugin id39889
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/39889
    titleopenSUSE Security Update : MozillaFirefox (MozillaFirefox-833)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_MOZILLA-XULRUNNER190-090427.NASL
    descriptionFirefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302,CVE-2009-1303,CVE-2009-1304,CVE-2009-1305,CVE -2009-1306,CVE-2009-1307,CVE-2009-1308,CVE-2009-1309,CVE-200 9-1310,CVE-2009-1311,CVE-2009-1312,CVE-2009-0652)
    last seen2020-06-01
    modified2020-06-02
    plugin id40076
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/40076
    titleopenSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-832)

Oval

  • accepted2009-07-06T04:00:06.503-04:00
    classvulnerability
    contributors
    • nameChandan S
      organizationSecPod Technologies
    • nameBrendan Miles
      organizationThe MITRE Corporation
    • nameJ. Daniel Brown
      organizationDTCC
    • nameShane Shaffer
      organizationG2, Inc.
    definition_extensions
    • commentMicrosoft Windows XP (x86) SP2 is installed
      ovaloval:org.mitre.oval:def:754
    • commentMicrosoft Windows XP (x86) SP3 is installed
      ovaloval:org.mitre.oval:def:5631
    • commentMicrosoft Windows Vista (32-bit) is installed
      ovaloval:org.mitre.oval:def:1282
    • commentMicrosoft Windows Vista (32-bit) Service Pack 1 is installed
      ovaloval:org.mitre.oval:def:4873
    • commentMicrosoft Windows Server 2003 SP1 (x86) is installed
      ovaloval:org.mitre.oval:def:565
    • commentMicrosoft Windows Server 2003 SP2 (x86) is installed
      ovaloval:org.mitre.oval:def:1935
    descriptionMozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.
    familywindows
    idoval:org.mitre.oval:def:5265
    statusdeprecated
    submitted2009-04-30T09:45:11
    titleMozilla Seamonkey Multiple XSS Vulnerabilities
    version23
  • accepted2009-07-06T04:00:24.271-04:00
    classvulnerability
    contributors
    • nameChandan S
      organizationSecPod Technologies
    • nameBrendan Miles
      organizationThe MITRE Corporation
    • nameJ. Daniel Brown
      organizationDTCC
    • nameShane Shaffer
      organizationG2, Inc.
    • nameRichard Helbing
      organizationbaramundi software
    • nameEvgeniy Pavlov
      organizationALTX-SOFT
    • nameEvgeniy Pavlov
      organizationALTX-SOFT
    • nameEvgeniy Pavlov
      organizationALTX-SOFT
    definition_extensions
    • commentMicrosoft Windows XP (x86) SP2 is installed
      ovaloval:org.mitre.oval:def:754
    • commentMicrosoft Windows XP (x86) SP3 is installed
      ovaloval:org.mitre.oval:def:5631
    • commentMicrosoft Windows Vista (32-bit) is installed
      ovaloval:org.mitre.oval:def:1282
    • commentMicrosoft Windows Vista (32-bit) Service Pack 1 is installed
      ovaloval:org.mitre.oval:def:4873
    • commentMicrosoft Windows Server 2003 SP1 (x86) is installed
      ovaloval:org.mitre.oval:def:565
    • commentMicrosoft Windows Server 2003 SP2 (x86) is installed
      ovaloval:org.mitre.oval:def:1935
    • commentMozilla Thunderbird Mainline release is installed
      ovaloval:org.mitre.oval:def:22093
    descriptionMozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.
    familywindows
    idoval:org.mitre.oval:def:5591
    statusdeprecated
    submitted2009-04-30T09:45:11
    titleMozilla Thunderbird Multiple XSS Vulnerabilities
    version26
  • accepted2009-07-06T04:00:39.092-04:00
    classvulnerability
    contributors
    • nameChandan S
      organizationSecPod Technologies
    • nameBrendan Miles
      organizationThe MITRE Corporation
    • nameJ. Daniel Brown
      organizationDTCC
    • nameSergey Artykhov
      organizationALTX-SOFT
    • nameSergey Artykhov
      organizationALTX-SOFT
    definition_extensions
    • commentMicrosoft Windows XP (x86) SP2 is installed
      ovaloval:org.mitre.oval:def:754
    • commentMicrosoft Windows XP (x86) SP3 is installed
      ovaloval:org.mitre.oval:def:5631
    • commentMicrosoft Windows Vista (32-bit) is installed
      ovaloval:org.mitre.oval:def:1282
    • commentMicrosoft Windows Vista (32-bit) Service Pack 1 is installed
      ovaloval:org.mitre.oval:def:4873
    • commentMicrosoft Windows Server 2003 SP1 (x86) is installed
      ovaloval:org.mitre.oval:def:565
    • commentMicrosoft Windows Server 2003 SP2 (x86) is installed
      ovaloval:org.mitre.oval:def:1935
    descriptionMozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.
    familywindows
    idoval:org.mitre.oval:def:6139
    statusdeprecated
    submitted2009-04-30T09:45:11
    titleMozilla Firefox Multiple XSS Vulnerabilities
    version23
  • accepted2014-10-06T04:04:18.631-04:00
    classvulnerability
    contributors
    • nameJ. Daniel Brown
      organizationDTCC
    • nameSergey Artykhov
      organizationALTX-SOFT
    • nameSergey Artykhov
      organizationALTX-SOFT
    • nameShane Shaffer
      organizationG2, Inc.
    • nameMaria Kedovskaya
      organizationALTX-SOFT
    • nameMaria Mikhno
      organizationALTX-SOFT
    • nameRichard Helbing
      organizationbaramundi software
    • nameEvgeniy Pavlov
      organizationALTX-SOFT
    • nameEvgeniy Pavlov
      organizationALTX-SOFT
    • nameEvgeniy Pavlov
      organizationALTX-SOFT
    definition_extensions
    • commentMozilla Thunderbird Mainline release is installed
      ovaloval:org.mitre.oval:def:22093
    • commentMozilla Seamonkey is installed
      ovaloval:org.mitre.oval:def:6372
    • commentMozilla Firefox Mainline release is installed
      ovaloval:org.mitre.oval:def:22259
    descriptionMozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.
    familywindows
    idoval:org.mitre.oval:def:6831
    statusaccepted
    submitted2009-12-26T17:00:00.000-05:00
    titleMozilla Firefox, Thunderbird, and Seamonkey Multiple XSS Vulnerabilities
    version33
  • accepted2013-04-29T04:19:46.453-04:00
    classvulnerability
    contributors
    • nameAharon Chernin
      organizationSCAP.com, LLC
    • nameDragos Prisaca
      organizationG2, Inc.
    definition_extensions
    • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
      ovaloval:org.mitre.oval:def:11782
    • commentCentOS Linux 3.x
      ovaloval:org.mitre.oval:def:16651
    • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
      ovaloval:org.mitre.oval:def:11831
    • commentCentOS Linux 4.x
      ovaloval:org.mitre.oval:def:16636
    • commentOracle Linux 4.x
      ovaloval:org.mitre.oval:def:15990
    • commentThe operating system installed on the system is Red Hat Enterprise Linux 5
      ovaloval:org.mitre.oval:def:11414
    • commentThe operating system installed on the system is CentOS Linux 5.x
      ovaloval:org.mitre.oval:def:15802
    • commentOracle Linux 5.x
      ovaloval:org.mitre.oval:def:15459
    descriptionMozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.
    familyunix
    idoval:org.mitre.oval:def:9494
    statusaccepted
    submitted2010-07-09T03:56:16-04:00
    titleMozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.
    version27

Redhat

advisories
  • rhsa
    idRHSA-2009:0436
  • rhsa
    idRHSA-2009:0437
  • rhsa
    idRHSA-2009:1125
  • rhsa
    idRHSA-2009:1126
rpms
  • firefox-0:3.0.9-1.el4
  • firefox-0:3.0.9-1.el5
  • firefox-debuginfo-0:3.0.9-1.el4
  • firefox-debuginfo-0:3.0.9-1.el5
  • xulrunner-0:1.9.0.9-1.el5
  • xulrunner-debuginfo-0:1.9.0.9-1.el5
  • xulrunner-devel-0:1.9.0.9-1.el5
  • xulrunner-devel-unstable-0:1.9.0.9-1.el5
  • seamonkey-0:1.0.9-0.33.el2
  • seamonkey-0:1.0.9-0.37.el3
  • seamonkey-0:1.0.9-41.el4
  • seamonkey-chat-0:1.0.9-0.33.el2
  • seamonkey-chat-0:1.0.9-0.37.el3
  • seamonkey-chat-0:1.0.9-41.el4
  • seamonkey-debuginfo-0:1.0.9-0.37.el3
  • seamonkey-debuginfo-0:1.0.9-41.el4
  • seamonkey-devel-0:1.0.9-0.33.el2
  • seamonkey-devel-0:1.0.9-0.37.el3
  • seamonkey-devel-0:1.0.9-41.el4
  • seamonkey-dom-inspector-0:1.0.9-0.33.el2
  • seamonkey-dom-inspector-0:1.0.9-0.37.el3
  • seamonkey-dom-inspector-0:1.0.9-41.el4
  • seamonkey-js-debugger-0:1.0.9-0.33.el2
  • seamonkey-js-debugger-0:1.0.9-0.37.el3
  • seamonkey-js-debugger-0:1.0.9-41.el4
  • seamonkey-mail-0:1.0.9-0.33.el2
  • seamonkey-mail-0:1.0.9-0.37.el3
  • seamonkey-mail-0:1.0.9-41.el4
  • seamonkey-nspr-0:1.0.9-0.33.el2
  • seamonkey-nspr-0:1.0.9-0.37.el3
  • seamonkey-nspr-devel-0:1.0.9-0.33.el2
  • seamonkey-nspr-devel-0:1.0.9-0.37.el3
  • seamonkey-nss-0:1.0.9-0.33.el2
  • seamonkey-nss-0:1.0.9-0.37.el3
  • seamonkey-nss-devel-0:1.0.9-0.33.el2
  • seamonkey-nss-devel-0:1.0.9-0.37.el3
  • thunderbird-0:1.5.0.12-23.el4
  • thunderbird-debuginfo-0:1.5.0.12-23.el4
  • thunderbird-0:2.0.0.22-2.el5_3
  • thunderbird-debuginfo-0:2.0.0.22-2.el5_3

References