Vulnerabilities > CVE-2010-0159 - Remote Memory Corruption vulnerability in Mozilla Firefox
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors.
Vulnerable Configurations
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_11_0_MOZILLAFIREFOX-100223.NASL description Mozilla Firefox was upgraded to version 3.0.18, fixing various bugs and security issues. Following security issues have been fixed: MFSA 2010-01 / CVE-2010-0159: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. MFSA 2010-02 / CVE-2010-0160: Security researcher Orlando Barrera II reported via TippingPoint last seen 2020-06-01 modified 2020-06-02 plugin id 44899 published 2010-02-25 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44899 title openSUSE Security Update : MozillaFirefox (MozillaFirefox-2052) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update MozillaFirefox-2052. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(44899); script_version("1.10"); script_cvs_date("Date: 2019/10/25 13:36:37"); script_cve_id("CVE-2009-1571", "CVE-2009-3988", "CVE-2010-0159", "CVE-2010-0160", "CVE-2010-0162"); script_name(english:"openSUSE Security Update : MozillaFirefox (MozillaFirefox-2052)"); script_summary(english:"Check for the MozillaFirefox-2052 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Mozilla Firefox was upgraded to version 3.0.18, fixing various bugs and security issues. Following security issues have been fixed: MFSA 2010-01 / CVE-2010-0159: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. MFSA 2010-02 / CVE-2010-0160: Security researcher Orlando Barrera II reported via TippingPoint's Zero Day Initiative that Mozilla's implementation of Web Workers contained an error in its handling of array data types when processing posted messages. This error could be used by an attacker to corrupt heap memory and crash the browser, potentially running arbitrary code on a victim's computer. MFSA 2010-03 / CVE-2009-1571: Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called. MFSA 2010-04 / CVE-2009-3988: Security researcher Hidetake Jo of Microsoft Vulnerability Research reported that the properties set on an object passed to showModalDialog were readable by the document contained in the dialog, even when the document was from a different domain. This is a violation of the same-origin policy and could result in a website running untrusted JavaScript if it assumed the dialogArguments could not be initialized by another site. An anonymous security researcher, via TippingPoint's Zero Day Initiative, also independently reported this issue to Mozilla. MFSA 2010-05 / CVE-2010-0162: Mozilla security researcher Georgi Guninski reported that when a SVG document which is served with Content-Type: application/octet-stream is embedded into another document via an <embed> tag with type='image/svg+xml', the Content-Type is ignored and the SVG document is processed normally. A website which allows arbitrary binary data to be uploaded but which relies on Content-Type: application/octet-stream to prevent script execution could have such protection bypassed. An attacker could upload a SVG document containing JavaScript as a binary file to a website, embed the SVG document into a malicous page on another site, and gain access to the script environment from the SVG-serving site, bypassing the same-origin policy." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=576969" ); script_set_attribute( attribute:"solution", value:"Update the affected MozillaFirefox packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(79, 94, 264, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner190"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner190-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner190-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner190-gnomevfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner190-gnomevfs-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner190-translations"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner190-translations-32bit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0"); script_set_attribute(attribute:"patch_publication_date", value:"2010/02/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.0", reference:"MozillaFirefox-3.0.18-0.1") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"MozillaFirefox-translations-3.0.18-0.1") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"mozilla-xulrunner190-1.9.0.18-0.1") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"mozilla-xulrunner190-devel-1.9.0.18-0.1") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"mozilla-xulrunner190-gnomevfs-1.9.0.18-0.1") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"mozilla-xulrunner190-translations-1.9.0.18-0.1") ) flag++; if ( rpm_check(release:"SUSE11.0", cpu:"x86_64", reference:"mozilla-xulrunner190-32bit-1.9.0.18-0.1") ) flag++; if ( rpm_check(release:"SUSE11.0", cpu:"x86_64", reference:"mozilla-xulrunner190-gnomevfs-32bit-1.9.0.18-0.1") ) flag++; if ( rpm_check(release:"SUSE11.0", cpu:"x86_64", reference:"mozilla-xulrunner190-translations-32bit-1.9.0.18-0.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox"); }NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0154.NASL description An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2466, CVE-2009-3072, CVE-2009-3075, CVE-2009-3380, CVE-2009-3979, CVE-2010-0159) A use-after-free flaw was found in Thunderbird. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-3077) A heap-based buffer overflow flaw was found in the Thunderbird string to floating point conversion routines. An HTML mail message containing malicious JavaScript could crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-0689) A use-after-free flaw was found in Thunderbird. Under low memory conditions, viewing an HTML mail message containing malicious content could result in Thunderbird executing arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-1571) A flaw was found in the way Thunderbird created temporary file names for downloaded files. If a local attacker knows the name of a file Thunderbird is going to download, they can replace the contents of that file with arbitrary contents. (CVE-2009-3274) A flaw was found in the way Thunderbird displayed a right-to-left override character when downloading a file. In these cases, the name displayed in the title bar differed from the name displayed in the dialog body. An attacker could use this flaw to trick a user into downloading a file that has a file name or extension that is different from what the user expected. (CVE-2009-3376) A flaw was found in the way Thunderbird processed SOCKS5 proxy replies. A malicious SOCKS5 server could send a specially crafted reply that would cause Thunderbird to crash. (CVE-2009-2470) Descriptions in the dialogs when adding and removing PKCS #11 modules were not informative. An attacker able to trick a user into installing a malicious PKCS #11 module could use this flaw to install their own Certificate Authority certificates on a user last seen 2020-06-01 modified 2020-06-02 plugin id 45093 published 2010-03-19 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/45093 title CentOS 4 : thunderbird (CESA-2010:0154) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-896-1.NASL description Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0159) Orlando Barrera II discovered a flaw in the Web Workers implementation of Firefox. If a user were tricked into posting to a malicious website, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0160) Alin Rad Pop discovered that Firefox last seen 2020-06-01 modified 2020-06-02 plugin id 44656 published 2010-02-18 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44656 title Ubuntu 9.10 : firefox-3.5, xulrunner-1.9.1 vulnerabilities (USN-896-1) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0112.NASL description Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A use-after-free flaw was found in Firefox. Under low memory conditions, visiting a web page containing malicious content could result in Firefox executing arbitrary code with the privileges of the user running Firefox. (CVE-2009-1571) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-0159, CVE-2010-0160) Two flaws were found in the way certain content was processed. An attacker could use these flaws to create a malicious web page that could bypass the same-origin policy, or possibly run untrusted JavaScript. (CVE-2009-3988, CVE-2010-0162) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.18. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.18, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 44648 published 2010-02-18 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44648 title CentOS 4 / 5 : firefox (CESA-2010:0112) NASL family Fedora Local Security Checks NASL id FEDORA_2010-1936.NASL description Update to new upstream Firefox version 3.5.8, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/firefox35.html#firefox3.5.8 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47288 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47288 title Fedora 11 : Miro-2.5.4-2.fc11 / blam-1.8.5-18.fc11 / chmsee-1.0.1-15.fc11 / eclipse-3.4.2-20.fc11 / etc (2010-1936) NASL family Fedora Local Security Checks NASL id FEDORA_2010-1727.NASL description Update to new upstream Firefox version 3.5.8, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/firefox35.html#firefox3.5.8 Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47268 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47268 title Fedora 12 : blam-1.8.5-22.fc12 / firefox-3.5.8-1.fc12 / galeon-2.0.7-20.fc12 / etc (2010-1727) NASL family Windows NASL id MOZILLA_FIREFOX_358.NASL description The installed version of Firefox is 3.5.x earlier than 3.5.8. Such versions are potentially affected by the following security issues : - Multiple crashes can result in arbitrary code execution. (MFSA 2010-01) - The implementation of last seen 2020-06-01 modified 2020-06-02 plugin id 44659 published 2010-02-18 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44659 title Firefox 3.5 < 3.5.8 Multiple Vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_MOZILLA-XULRUNNER190-6866.NASL description Mozilla XUL Runner engine 1.9.0 was upgraded to version 1.9.0.8, fixing various bugs and security issues. The following security issues have been fixed : - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2010-01 / CVE-2010-0159) - Security researcher Orlando Barrera II reported via TippingPoint last seen 2020-06-01 modified 2020-06-02 plugin id 49900 published 2010-10-11 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/49900 title SuSE 10 Security Update : Mozilla XULRunner (ZYPP Patch Number 6866) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0153.NASL description An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2466, CVE-2009-3072, CVE-2009-3075, CVE-2009-3380, CVE-2009-3979, CVE-2010-0159) A use-after-free flaw was found in Thunderbird. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-3077) A heap-based buffer overflow flaw was found in the Thunderbird string to floating point conversion routines. An HTML mail message containing malicious JavaScript could crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-0689) A use-after-free flaw was found in Thunderbird. Under low memory conditions, viewing an HTML mail message containing malicious content could result in Thunderbird executing arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-1571) A flaw was found in the way Thunderbird created temporary file names for downloaded files. If a local attacker knows the name of a file Thunderbird is going to download, they can replace the contents of that file with arbitrary contents. (CVE-2009-3274) A flaw was found in the way Thunderbird displayed a right-to-left override character when downloading a file. In these cases, the name displayed in the title bar differed from the name displayed in the dialog body. An attacker could use this flaw to trick a user into downloading a file that has a file name or extension that is different from what the user expected. (CVE-2009-3376) A flaw was found in the way Thunderbird processed SOCKS5 proxy replies. A malicious SOCKS5 server could send a specially crafted reply that would cause Thunderbird to crash. (CVE-2009-2470) Descriptions in the dialogs when adding and removing PKCS #11 modules were not informative. An attacker able to trick a user into installing a malicious PKCS #11 module could use this flaw to install their own Certificate Authority certificates on a user last seen 2020-06-01 modified 2020-06-02 plugin id 63923 published 2013-01-24 reporter This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/63923 title RHEL 5 : thunderbird (RHSA-2010:0153) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0113.NASL description From Red Hat Security Advisory 2010:0113 : Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. A use-after-free flaw was found in SeaMonkey. Under low memory conditions, visiting a web page containing malicious content could result in SeaMonkey executing arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-1571) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-0159) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 68000 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68000 title Oracle Linux 3 / 4 : seamonkey (ELSA-2010-0113) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2010-071.NASL description Multiple vulnerabilities has been found and corrected in mozilla-thunderbird : Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing (CVE-2009-0689). Integer overflow in a base64 decoding function in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors (CVE-2009-2463). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2009-3072). Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2009-3075). Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns (aka TreeColumns) of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a dangling pointer vulnerability. (CVE-2009-3077) Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file (CVE-2009-3376). Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user (CVE-2009-3983). Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing (CVE-2010-0163). This update provides the latest version of Thunderbird which are not vulnerable to these issues. Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products. Additionally, some packages which require so, have been rebuilt and are being provided as updates. last seen 2020-06-01 modified 2020-06-02 plugin id 45521 published 2010-04-14 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/45521 title Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2010:071) NASL family Fedora Local Security Checks NASL id FEDORA_2010-1932.NASL description Update to new upstream SeaMonkey version 2.0.3, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/seamonkey20.html#seamonkey2.0.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47285 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47285 title Fedora 12 : seamonkey-2.0.3-1.fc12 (2010-1932) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1999.NASL description Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-1571 Alin Rad Pop discovered that incorrect memory handling in the HTML parser could lead to the execution of arbitrary code. - CVE-2009-3988 Hidetake Jo discovered that the same-origin policy can be bypassed through window.dialogArguments. - CVE-2010-0159 Henri Sivonen, Boris Zbarsky, Zack Weinberg, Bob Clary, Martijn Wargers and Paul Nickerson reported crashes in layout engine, which might allow the execution of arbitrary code. - CVE-2010-0160 Orlando Barrera II discovered that incorrect memory handling in the implementation of the web worker API could lead to the execution of arbitrary code. - CVE-2010-0162 Georgi Guninski discovered that the same origin policy can be bypassed through specially crafted SVG documents. last seen 2020-06-01 modified 2020-06-02 plugin id 44863 published 2010-02-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44863 title Debian DSA-1999-1 : xulrunner - several vulnerabilities NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0113.NASL description Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. A use-after-free flaw was found in SeaMonkey. Under low memory conditions, visiting a web page containing malicious content could result in SeaMonkey executing arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-1571) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-0159) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 44649 published 2010-02-18 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44649 title CentOS 3 / 4 : seamonkey (CESA-2010:0113) NASL family SuSE Local Security Checks NASL id SUSE_MOZILLAFIREFOX-6863.NASL description Mozilla Firefox was upgraded to version 3.5.8, fixing various bugs and security issues. The following security issues have been fixed : - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2010-01 / CVE-2010-0159) - Security researcher Orlando Barrera II reported via TippingPoint last seen 2020-06-01 modified 2020-06-02 plugin id 44910 published 2010-02-25 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44910 title SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6863) NASL family SuSE Local Security Checks NASL id SUSE_11_1_MOZILLAFIREFOX-100223.NASL description Mozilla Firefox was upgraded to version 3.0.18, fixing various bugs and security issues. Following security issues have been fixed: MFSA 2010-01 / CVE-2010-0159: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. MFSA 2010-02 / CVE-2010-0160: Security researcher Orlando Barrera II reported via TippingPoint last seen 2020-06-01 modified 2020-06-02 plugin id 44901 published 2010-02-25 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44901 title openSUSE Security Update : MozillaFirefox (MozillaFirefox-2052) NASL family Scientific Linux Local Security Checks NASL id SL_20100217_SEAMONKEY_ON_SL3_X.NASL description CVE-2010-0159 Mozilla crashes with evidence of memory corruption (MFSA 2010-01) CVE-2009-1571 Mozilla incorrectly frees used memory (MFSA 2010-03) A use-after-free flaw was found in SeaMonkey. Under low memory conditions, visiting a web page containing malicious content could result in SeaMonkey executing arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-1571) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-0159) After installing the update, SeaMonkey must be restarted for the changes to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 60737 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60737 title Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64 NASL family Windows NASL id SEAMONKEY_203.NASL description The installed version of SeaMonkey is earlier than 2.0.3. Such versions are potentially affected by the following security issues : - Multiple crashes can result in arbitrary code execution. (MFSA 2010-01) - The implementation of last seen 2020-06-01 modified 2020-06-02 plugin id 44660 published 2010-02-18 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44660 title SeaMonkey < 2.0.3 Multiple Vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_MOZILLAFIREFOX-6867.NASL description Mozilla Firefox was upgraded to version 3.5.8, fixing various bugs and security issues. The following security issues have been fixed : - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2010-01 / CVE-2010-0159) - Security researcher Orlando Barrera II reported via TippingPoint last seen 2020-06-01 modified 2020-06-02 plugin id 49891 published 2010-10-11 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/49891 title SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6867) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0153.NASL description An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2466, CVE-2009-3072, CVE-2009-3075, CVE-2009-3380, CVE-2009-3979, CVE-2010-0159) A use-after-free flaw was found in Thunderbird. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-3077) A heap-based buffer overflow flaw was found in the Thunderbird string to floating point conversion routines. An HTML mail message containing malicious JavaScript could crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-0689) A use-after-free flaw was found in Thunderbird. Under low memory conditions, viewing an HTML mail message containing malicious content could result in Thunderbird executing arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-1571) A flaw was found in the way Thunderbird created temporary file names for downloaded files. If a local attacker knows the name of a file Thunderbird is going to download, they can replace the contents of that file with arbitrary contents. (CVE-2009-3274) A flaw was found in the way Thunderbird displayed a right-to-left override character when downloading a file. In these cases, the name displayed in the title bar differed from the name displayed in the dialog body. An attacker could use this flaw to trick a user into downloading a file that has a file name or extension that is different from what the user expected. (CVE-2009-3376) A flaw was found in the way Thunderbird processed SOCKS5 proxy replies. A malicious SOCKS5 server could send a specially crafted reply that would cause Thunderbird to crash. (CVE-2009-2470) Descriptions in the dialogs when adding and removing PKCS #11 modules were not informative. An attacker able to trick a user into installing a malicious PKCS #11 module could use this flaw to install their own Certificate Authority certificates on a user last seen 2020-06-01 modified 2020-06-02 plugin id 45361 published 2010-03-29 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/45361 title CentOS 5 : thunderbird (CESA-2010:0153) NASL family Fedora Local Security Checks NASL id FEDORA_2010-3230.NASL description Update thunderbird to upstream version 3.0.2. * http://www.mozillamessaging.com/en-US/thunderbird/3.0.2/releasenotes/ * http://www.mozilla.org/security/known- vulnerabilities/thunderbird30.html#thunderbird3.0.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47303 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47303 title Fedora 12 : sunbird-1.0-0.19.20090916hg.fc12 / thunderbird-3.0.2-1.fc12 (2010-3230) NASL family SuSE Local Security Checks NASL id SUSE_11_MOZILLA-XULRUNNER190-100219.NASL description Mozilla XUL Runner engine 1.9.0 was upgraded to version 1.9.0.8, fixing various bugs and security issues. The following security issues have been fixed : - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2010-01 / CVE-2010-0159) - Security researcher Orlando Barrera II reported via TippingPoint last seen 2020-06-01 modified 2020-06-02 plugin id 44909 published 2010-02-25 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44909 title SuSE 11 Security Update : Mozilla XULRunner (SAT Patch Number 2033) NASL family SuSE Local Security Checks NASL id SUSE_11_2_SEAMONKEY-100218.NASL description Mozilla SeaMonkey was upgraded to version 2.0.3, fixing various bugs and security issues. Following security issues have been fixed: MFSA 2010-01 / CVE-2010-0159: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. MFSA 2010-02 / CVE-2010-0160: Security researcher Orlando Barrera II reported via TippingPoint last seen 2020-06-01 modified 2020-06-02 plugin id 44906 published 2010-02-25 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44906 title openSUSE Security Update : seamonkey (seamonkey-2013) NASL family Scientific Linux Local Security Checks NASL id SL_20100317_THUNDERBIRD_ON_SL4_X.NASL description Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2466, CVE-2009-3072, CVE-2009-3075, CVE-2009-3380, CVE-2009-3979, CVE-2010-0159) A use-after-free flaw was found in Thunderbird. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-3077) A heap-based buffer overflow flaw was found in the Thunderbird string to floating point conversion routines. An HTML mail message containing malicious JavaScript could crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-0689) A use-after-free flaw was found in Thunderbird. Under low memory conditions, viewing an HTML mail message containing malicious content could result in Thunderbird executing arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-1571) A flaw was found in the way Thunderbird created temporary file names for downloaded files. If a local attacker knows the name of a file Thunderbird is going to download, they can replace the contents of that file with arbitrary contents. (CVE-2009-3274) A flaw was found in the way Thunderbird displayed a right-to-left override character when downloading a file. In these cases, the name displayed in the title bar differed from the name displayed in the dialog body. An attacker could use this flaw to trick a user into downloading a file that has a file name or extension that is different from what the user expected. (CVE-2009-3376) A flaw was found in the way Thunderbird processed SOCKS5 proxy replies. A malicious SOCKS5 server could send a specially crafted reply that would cause Thunderbird to crash. (CVE-2009-2470) Descriptions in the dialogs when adding and removing PKCS #11 modules were not informative. An attacker able to trick a user into installing a malicious PKCS #11 module could use this flaw to install their own Certificate Authority certificates on a user last seen 2020-06-01 modified 2020-06-02 plugin id 60750 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60750 title Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64 NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0154.NASL description From Red Hat Security Advisory 2010:0154 : An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2466, CVE-2009-3072, CVE-2009-3075, CVE-2009-3380, CVE-2009-3979, CVE-2010-0159) A use-after-free flaw was found in Thunderbird. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-3077) A heap-based buffer overflow flaw was found in the Thunderbird string to floating point conversion routines. An HTML mail message containing malicious JavaScript could crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-0689) A use-after-free flaw was found in Thunderbird. Under low memory conditions, viewing an HTML mail message containing malicious content could result in Thunderbird executing arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-1571) A flaw was found in the way Thunderbird created temporary file names for downloaded files. If a local attacker knows the name of a file Thunderbird is going to download, they can replace the contents of that file with arbitrary contents. (CVE-2009-3274) A flaw was found in the way Thunderbird displayed a right-to-left override character when downloading a file. In these cases, the name displayed in the title bar differed from the name displayed in the dialog body. An attacker could use this flaw to trick a user into downloading a file that has a file name or extension that is different from what the user expected. (CVE-2009-3376) A flaw was found in the way Thunderbird processed SOCKS5 proxy replies. A malicious SOCKS5 server could send a specially crafted reply that would cause Thunderbird to crash. (CVE-2009-2470) Descriptions in the dialogs when adding and removing PKCS #11 modules were not informative. An attacker able to trick a user into installing a malicious PKCS #11 module could use this flaw to install their own Certificate Authority certificates on a user last seen 2020-06-01 modified 2020-06-02 plugin id 68015 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68015 title Oracle Linux 4 : thunderbird (ELSA-2010-0154) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0112.NASL description Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A use-after-free flaw was found in Firefox. Under low memory conditions, visiting a web page containing malicious content could result in Firefox executing arbitrary code with the privileges of the user running Firefox. (CVE-2009-1571) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-0159, CVE-2010-0160) Two flaws were found in the way certain content was processed. An attacker could use these flaws to create a malicious web page that could bypass the same-origin policy, or possibly run untrusted JavaScript. (CVE-2009-3988, CVE-2010-0162) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.18. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.18, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 44651 published 2010-02-18 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44651 title RHEL 4 / 5 : firefox (RHSA-2010:0112) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_F82C85D81C6E11DFABB2000F20797EDE.NASL description Mozilla Project reports : MFSA 2010-05 XSS hazard using SVG document and binary Content-Type MFSA 2010-04 XSS due to window.dialogArguments being readable cross-domain MFSA 2010-03 Use-after-free crash in HTML parser MFSA 2010-02 Web Worker Array Handling Heap Corruption Vulnerability MFSA 2010-01 Crashes with evidence of memory corruption (rv:1.9.1.8/ 1.9.0.18) last seen 2020-06-01 modified 2020-06-02 plugin id 44661 published 2010-02-19 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44661 title FreeBSD : mozilla -- multiple vulnerabilities (f82c85d8-1c6e-11df-abb2-000f20797ede) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-895-1.NASL description Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0159) Orlando Barrera II discovered a flaw in the Web Workers implementation of Firefox. If a user were tricked into posting to a malicious website, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0160) Alin Rad Pop discovered that Firefox last seen 2020-06-01 modified 2020-06-02 plugin id 44655 published 2010-02-18 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44655 title Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-895-1) NASL family SuSE Local Security Checks NASL id SUSE_MOZILLA-XULRUNNER190-6871.NASL description Mozilla XUL Runner engine 1.9.0 was upgraded to version 1.9.0.8, fixing various bugs and security issues. The following security issues have been fixed : - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2010-01 / CVE-2010-0159) - Security researcher Orlando Barrera II reported via TippingPoint last seen 2020-06-01 modified 2020-06-02 plugin id 44911 published 2010-02-25 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44911 title SuSE 10 Security Update : Mozilla XULRunner (ZYPP Patch Number 6871) NASL family Fedora Local Security Checks NASL id FEDORA_2010-3267.NASL description Update thunderbird to upstream version 3.0.2. * http://www.mozillamessaging.com/en-US/thunderbird/3.0.2/releasenotes/ * http://www.mozilla.org/security/known- vulnerabilities/thunderbird30.html#thunderbird3.0.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47305 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47305 title Fedora 11 : sunbird-1.0-0.14.20090715hg.fc11 / thunderbird-3.0.2-1.fc11 (2010-3267) NASL family Windows NASL id MOZILLA_THUNDERBIRD_302.NASL description The installed version of Thunderbird is earlier than 3.0.2. Such versions are potentially affected by the following security issues : - Multiple crashes can result in arbitrary code execution. (MFSA 2010-01) - The HTML parser incorrectly frees used memory when insufficient space is available to process remaining input. (MFSA 2010-03) - Multiple crashes can result in arbitrary code execution. (MFSA 2010-11) - A cross-site scripting issue when using last seen 2020-06-01 modified 2020-06-02 plugin id 44961 published 2010-03-02 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44961 title Mozilla Thunderbird < 3.0.2 Multiple Vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_11_2_MOZILLATHUNDERBIRD-100305.NASL description Mozilla Thunderbird was upgraded to version 3.0.3, fixing various bugs and security issues. Following security issues have been fixed: MFSA 2010-01 / CVE-2010-0159: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. MFSA 2010-03 / CVE-2009-1571: Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called. MFSA 2009-65 / CVE-2009-3979 / CVE-2009-3980 / CVE-2009-3982: Crashes with evidence of memory corruption were fixed. (rv:1.9.1.6) MFSA 2009-66 / CVE-2009-3388 (bmo#504843,bmo#523816): Memory safety fixes in liboggplay media library were added. MFSA 2009-67 / CVE-2009-3389 (bmo#515882,bmo#504613): An Integer overflow, crash in libtheora video library was fixed. last seen 2020-06-01 modified 2020-06-02 plugin id 45034 published 2010-03-11 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/45034 title SuSE 11.2 Security Update: MozillaThunderbird (2010-03-05) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0112.NASL description From Red Hat Security Advisory 2010:0112 : Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A use-after-free flaw was found in Firefox. Under low memory conditions, visiting a web page containing malicious content could result in Firefox executing arbitrary code with the privileges of the user running Firefox. (CVE-2009-1571) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-0159, CVE-2010-0160) Two flaws were found in the way certain content was processed. An attacker could use these flaws to create a malicious web page that could bypass the same-origin policy, or possibly run untrusted JavaScript. (CVE-2009-3988, CVE-2010-0162) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.18. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.18, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 67999 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67999 title Oracle Linux 4 / 5 : firefox (ELSA-2010-0112) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0113.NASL description Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. A use-after-free flaw was found in SeaMonkey. Under low memory conditions, visiting a web page containing malicious content could result in SeaMonkey executing arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-1571) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-0159) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 44652 published 2010-02-18 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44652 title RHEL 3 / 4 : seamonkey (RHSA-2010:0113) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2010-042.NASL description Security issues were identified and fixed in firefox 3.0.x and 3.5.x : Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2010-0159). Security researcher Orlando Barrera II reported via TippingPoint last seen 2020-06-01 modified 2020-06-02 plugin id 44672 published 2010-02-22 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44672 title Mandriva Linux Security Advisory : firefox (MDVSA-2010:042) NASL family Windows NASL id MOZILLA_FIREFOX_3018.NASL description The installed version of Firefox is earlier than 3.0.18. Such versions are potentially affected by the following security issues : - Multiple crashes can result in arbitrary code execution. (MFSA 2010-01) - The implementation of last seen 2020-06-01 modified 2020-06-02 plugin id 44658 published 2010-02-18 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44658 title Firefox < 3.0.18 Multiple Vulnerabilities NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201301-01.NASL description The remote host is affected by the vulnerability described in GLSA-201301-01 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL’s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser’s font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 63402 published 2013-01-08 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63402 title GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST) NASL family SuSE Local Security Checks NASL id SUSE_11_2_MOZILLAFIREFOX-100218.NASL description Mozilla Firefox was upgraded to version 3.5.8, fixing various bugs and security issues. Following security issues have been fixed: MFSA 2010-01 / CVE-2010-0159: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. MFSA 2010-02 / CVE-2010-0160: Security researcher Orlando Barrera II reported via TippingPoint last seen 2020-06-01 modified 2020-06-02 plugin id 44903 published 2010-02-25 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44903 title openSUSE Security Update : MozillaFirefox (MozillaFirefox-2017) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0154.NASL description An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2466, CVE-2009-3072, CVE-2009-3075, CVE-2009-3380, CVE-2009-3979, CVE-2010-0159) A use-after-free flaw was found in Thunderbird. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-3077) A heap-based buffer overflow flaw was found in the Thunderbird string to floating point conversion routines. An HTML mail message containing malicious JavaScript could crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-0689) A use-after-free flaw was found in Thunderbird. Under low memory conditions, viewing an HTML mail message containing malicious content could result in Thunderbird executing arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-1571) A flaw was found in the way Thunderbird created temporary file names for downloaded files. If a local attacker knows the name of a file Thunderbird is going to download, they can replace the contents of that file with arbitrary contents. (CVE-2009-3274) A flaw was found in the way Thunderbird displayed a right-to-left override character when downloading a file. In these cases, the name displayed in the title bar differed from the name displayed in the dialog body. An attacker could use this flaw to trick a user into downloading a file that has a file name or extension that is different from what the user expected. (CVE-2009-3376) A flaw was found in the way Thunderbird processed SOCKS5 proxy replies. A malicious SOCKS5 server could send a specially crafted reply that would cause Thunderbird to crash. (CVE-2009-2470) Descriptions in the dialogs when adding and removing PKCS #11 modules were not informative. An attacker able to trick a user into installing a malicious PKCS #11 module could use this flaw to install their own Certificate Authority certificates on a user last seen 2020-06-01 modified 2020-06-02 plugin id 46271 published 2010-05-11 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/46271 title RHEL 4 : thunderbird (RHSA-2010:0154) NASL family SuSE Local Security Checks NASL id SUSE_11_MOZILLAFIREFOX-100219.NASL description Mozilla Firefox was upgraded to version 3.5.8, fixing various bugs and security issues. The following security issues have been fixed : - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2010-01 / CVE-2010-0159) - Security researcher Orlando Barrera II reported via TippingPoint last seen 2020-06-01 modified 2020-06-02 plugin id 44907 published 2010-02-25 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44907 title SuSE 11 Security Update : Mozilla Firefox (SAT Patch Number 2025)
Oval
accepted 2014-10-06T04:04:38.148-04:00 class vulnerability contributors name J. Daniel Brown organization DTCC name Sergey Artykhov organization ALTX-SOFT name Sergey Artykhov organization ALTX-SOFT name Shane Shaffer organization G2, Inc. name Maria Kedovskaya organization ALTX-SOFT name Maria Mikhno organization ALTX-SOFT name Richard Helbing organization baramundi software name Evgeniy Pavlov organization ALTX-SOFT name Evgeniy Pavlov organization ALTX-SOFT name Evgeniy Pavlov organization ALTX-SOFT name Evgeniy Pavlov organization ALTX-SOFT name Evgeniy Pavlov organization ALTX-SOFT name Evgeniy Pavlov organization ALTX-SOFT
definition_extensions comment Mozilla Firefox Mainline release is installed oval oval:org.mitre.oval:def:22259 comment Mozilla Seamonkey is installed oval oval:org.mitre.oval:def:6372 comment Mozilla Thunderbird Mainline release is installed oval oval:org.mitre.oval:def:22093
description The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors. family windows id oval:org.mitre.oval:def:8485 status accepted submitted 2010-03-02T17:30:00.000-05:00 title Mozilla Firefox, Thunderbird and SeaMonkey Browser Engine Memory Corruption Vulnerability version 36 accepted 2013-04-29T04:20:28.950-04:00 class vulnerability contributors name Aharon Chernin organization SCAP.com, LLC name Dragos Prisaca organization G2, Inc.
definition_extensions comment The operating system installed on the system is Red Hat Enterprise Linux 3 oval oval:org.mitre.oval:def:11782 comment CentOS Linux 3.x oval oval:org.mitre.oval:def:16651 comment The operating system installed on the system is Red Hat Enterprise Linux 4 oval oval:org.mitre.oval:def:11831 comment CentOS Linux 4.x oval oval:org.mitre.oval:def:16636 comment Oracle Linux 4.x oval oval:org.mitre.oval:def:15990 comment The operating system installed on the system is Red Hat Enterprise Linux 5 oval oval:org.mitre.oval:def:11414 comment The operating system installed on the system is CentOS Linux 5.x oval oval:org.mitre.oval:def:15802 comment Oracle Linux 5.x oval oval:org.mitre.oval:def:15459
description The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors. family unix id oval:org.mitre.oval:def:9590 status accepted submitted 2010-07-09T03:56:16-04:00 title The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors. version 27
Redhat
| advisories |
| ||||||||||||||||
| rpms |
|
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 38286 CVE ID: CVE-2010-0159 Firefox是一款流行的开源WEB浏览器。 Firefox浏览器引擎的layout/generic/nsBlockFrame.cpp文件中的nsBlockFrame::StealFrame 函数中存在内存破坏漏洞。用户受骗访问了恶意网页就可能触发这个漏洞,导致浏览器崩溃或执行任意代码。 Mozilla Firefox 3.5.x Mozilla Firefox 3.0.x Mozilla Thunderbird 3.0 Mozilla SeaMonkey 2.0 临时解决方法: * 禁用JavaScript。 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1999-1)以及相应补丁: DSA-1999-1:New xulrunner packages fix several vulnerabilities 链接:http://www.debian.org/security/2010/dsa-1999 补丁下载: Source archives: http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.18-1.diff.gz Size/MD5 checksum: 116111 961d458012f83e32e0c3eb153359cc23 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.18.orig.tar.gz Size/MD5 checksum: 44161859 eeb10647fe0fe9a6b20cb725732b79a9 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.18-1.dsc Size/MD5 checksum: 1755 cbbc2a673c56439890e4c75c0062e06a Architecture independent packages: http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.9.0.18-1_all.deb Size/MD5 checksum: 1465392 7874b2aefed84b79736a44ef0589b3e2 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_alpha.deb Size/MD5 checksum: 3666096 3382b0eae2d985ae9bbcf16014806825 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_alpha.deb Size/MD5 checksum: 432294 c2ec2c14cabb28156734e9e6c96c84c5 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_alpha.deb Size/MD5 checksum: 112122 7d0db4c185015b0ec7caeb1e9843216c http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_alpha.deb Size/MD5 checksum: 163800 e31c406c36c7ea503f772dbebc7039ba http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_alpha.deb Size/MD5 checksum: 938384 af22c500dae1c84c661b0afa62b5fc2c http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_alpha.deb Size/MD5 checksum: 72604 4a6d162a104fd021e52e61bffe28d70e http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_alpha.deb Size/MD5 checksum: 223528 ebfeb23f90f207524d2b14c1ab25b742 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_alpha.deb Size/MD5 checksum: 51113942 62902bb1c3c8349090b9055d6efa1482 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_alpha.deb Size/MD5 checksum: 9501180 538eb45320247045794a15c4bd1071ac amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_amd64.deb Size/MD5 checksum: 50351080 62a347648f988e78ca90d1d65be9ed13 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_amd64.deb Size/MD5 checksum: 101614 206328a373e5d2992ccb19ed064c8295 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_amd64.deb Size/MD5 checksum: 70008 41913d4df58730fe256a0bd480308d8e http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_amd64.deb Size/MD5 checksum: 223086 7eeb2da5ef7f96811b88e6cc97181a99 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_amd64.deb Size/MD5 checksum: 374298 b864e663810235886e5880c494043a01 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_amd64.deb Size/MD5 checksum: 890318 6fe29f796873ccdcfef29a98ca623b9c http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_amd64.deb Size/MD5 checksum: 7730124 0ccda6e5dbfac8f7d943b809ea6cb3dd http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_amd64.deb Size/MD5 checksum: 152064 f7f7bc816f78aed6b1afa7a9b42469b4 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_amd64.deb Size/MD5 checksum: 3290046 806026ede74d749bc3a900ff56371f18 arm architecture (ARM) http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_arm.deb Size/MD5 checksum: 350644 37e691c10c63e6b489e6540cdef420e2 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_arm.deb Size/MD5 checksum: 49307652 46a58ff355717da9e5ff845bcf9981b5 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_arm.deb Size/MD5 checksum: 68334 da39688fccc9ee6e5a166af30995fbde http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_arm.deb Size/MD5 checksum: 222152 8c0347c37daff67429faba68b94d12a3 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_arm.deb Size/MD5 checksum: 83992 85a600ebcf53662d7b43f1b06e3bf86a http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_arm.deb Size/MD5 checksum: 3583634 561e9b19477c0dc7a397fd068bf69230 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_arm.deb Size/MD5 checksum: 815240 8815149ae297fc80b6a6583a87129f71 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_arm.deb Size/MD5 checksum: 6797362 cb6388fb24c282d11557598dc5fdf67c http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_arm.deb Size/MD5 checksum: 140764 11c84fe62069de449a85b88a747ab55b armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_armel.deb Size/MD5 checksum: 223466 9ca0da7a2de7faa57d73138f20eb1951 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_armel.deb Size/MD5 checksum: 6957582 15ac2699febcd1aa80eb5777b107f9a1 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_armel.deb Size/MD5 checksum: 50145544 ea9e32f6fdbbb13c6c13ceabd754fe46 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_armel.deb Size/MD5 checksum: 3581130 b848057bc9531db0d45f3e546b9008d2 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_armel.deb Size/MD5 checksum: 352992 88696f63901aad373381a57648ae5b97 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_armel.deb Size/MD5 checksum: 141322 ffb5f9bd526ae8332796af053ffa443f http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_armel.deb Size/MD5 checksum: 84358 83aa9d77331cacc83d499f051045e5f2 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_armel.deb Size/MD5 checksum: 822052 b1b624be2de8d879031968da29db1204 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_armel.deb Size/MD5 checksum: 69828 bf44c1a8dd3032732a5f095531bb60bc hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_hppa.deb Size/MD5 checksum: 158562 0fc6d96735f5cf70d0c6919a8957b626 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_hppa.deb Size/MD5 checksum: 9515012 6ed8f49f167bb6ed571d69bb6b4e7e80 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_hppa.deb Size/MD5 checksum: 413118 1c44a3840c9d819df841c1364065ae51 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_hppa.deb Size/MD5 checksum: 899168 791aecc32ffad7c9c8a8e262d89e2f4c http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_hppa.deb Size/MD5 checksum: 51229704 feeafa3d9f4c2a019eb6d7d6ed86e384 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_hppa.deb Size/MD5 checksum: 223408 760eebdfd9d75de15598b6942c24ed58 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_hppa.deb Size/MD5 checksum: 72076 4c1af3bdcc34ed60fa67046f8c0f27b6 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_hppa.deb Size/MD5 checksum: 106790 34128b587f9bc4440273f2a9c50c60dd http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_hppa.deb Size/MD5 checksum: 3631216 879fb7d48fac57fb7cbc7b745aefc80a i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_i386.deb Size/MD5 checksum: 6602846 f4a442cd4340401eaf15b3789c6440a3 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_i386.deb Size/MD5 checksum: 221986 f5952c4ff53f23dcbb5e83d4a1dc735a http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_i386.deb Size/MD5 checksum: 68144 aa5b5b1f2bd1dd4dca1d6f23a1e77475 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_i386.deb Size/MD5 checksum: 82650 c92d7cdd88482af8d17372fb206a7771 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_i386.deb Size/MD5 checksum: 49521182 ab05f06480be3fccd20cdf24f3316170 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_i386.deb Size/MD5 checksum: 350912 5d04bea3ead683aa294c3c6a69ca51df http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_i386.deb Size/MD5 checksum: 3569664 9b88aef38d9c9afa92404e5a1aa1858a http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_i386.deb Size/MD5 checksum: 852056 fc6194c645bad45268962040cf2f741f http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_i386.deb Size/MD5 checksum: 140810 8bf780e4cd352063c1db860ba2ce6442 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_ia64.deb Size/MD5 checksum: 3399426 8368a170abe08b475502ffaa8f6ef01a http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_ia64.deb Size/MD5 checksum: 542202 f339fded4d5e1e72ce22a021a2e855c9 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_ia64.deb Size/MD5 checksum: 76590 31997304eef7aee61ff7cce784b64ee5 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_ia64.deb Size/MD5 checksum: 223218 27abf1d33790a29eeeed3ea4b4964a85 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_ia64.deb Size/MD5 checksum: 121604 ebce1c45860953d72149ea62df1c3614 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_ia64.deb Size/MD5 checksum: 811250 c05f1961aa895766395478b83ff2cc3c http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_ia64.deb Size/MD5 checksum: 11311038 012ce2b6d478aff1425ac67d7ab363f1 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_ia64.deb Size/MD5 checksum: 49702958 70229b141f044a4e9f9b59bd6bd76769 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_ia64.deb Size/MD5 checksum: 180270 33ec97ddc77999747ca8255fe6ca5b1e mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_mips.deb Size/MD5 checksum: 51875290 249aa2adc5bc08d12d15c5ff31bb9677 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_mips.deb Size/MD5 checksum: 223132 c8aaf2d7fae0c056e36e1400d89626a6 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_mips.deb Size/MD5 checksum: 70216 11ff7e521c0a01fe591ccea2f854c983 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_mips.deb Size/MD5 checksum: 3616440 6f9099c4e119ad9417e723d8686d5047 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_mips.deb Size/MD5 checksum: 380320 3b48ef0b7b6fb5099c8289a1d034d66c http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_mips.deb Size/MD5 checksum: 97184 f1ce0ac5d9a06b8df3316679e727f3df http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_mips.deb Size/MD5 checksum: 7676832 f956e5bbe2f0b39127305a61656aed6a http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_mips.deb Size/MD5 checksum: 918340 900ca7652a94f3c85a256bbd1b9e44c3 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_mips.deb Size/MD5 checksum: 144712 43ea8dbcea280d63a42846dde20811d9 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_mipsel.deb Size/MD5 checksum: 378688 823e2e84fb9f476a5362f7efe4e30777 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_mipsel.deb Size/MD5 checksum: 69948 31ec842502b7faf5dbecaa80ef2cbee1 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_mipsel.deb Size/MD5 checksum: 7379096 e48e59237114483e16f80d99dc76b2ba http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_mipsel.deb Size/MD5 checksum: 3310672 c1123f4d6e89997ddb4a09d428bbbf48 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_mipsel.deb Size/MD5 checksum: 900496 cda86c575da08ebd21bb6c6001f085cb http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_mipsel.deb Size/MD5 checksum: 145096 63bd9568ef5aaf9429c4e5b37b030c27 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_mipsel.deb Size/MD5 checksum: 49999804 682d85b71c822db082443d47bfa0dd50 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_mipsel.deb Size/MD5 checksum: 96850 23b2c1836a133774cc47868ebd2bf111 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_mipsel.deb Size/MD5 checksum: 223238 13d5d183ba4b9788153f285d67eded79 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_powerpc.deb Size/MD5 checksum: 7304358 74dd5ed0d04ececdc6e2918f2f9809ee http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_powerpc.deb Size/MD5 checksum: 152670 c96287c675dc73d15e15656996de1bb4 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_powerpc.deb Size/MD5 checksum: 3592560 a7e7dcd1332a7de0a851b108454c907d http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_powerpc.deb Size/MD5 checksum: 73424 46e45ae58cab7ced9fdea35598c65ec5 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_powerpc.deb Size/MD5 checksum: 223230 08d8ae57f6a060087dcdaf26e0680e32 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_powerpc.deb Size/MD5 checksum: 888386 db4e4b4915cdf22af9cb0f84ebf85d4d http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_powerpc.deb Size/MD5 checksum: 94424 55bf14bf0548eb0e378bd569dc19cb7d http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_powerpc.deb Size/MD5 checksum: 51424848 885ebada38e85a1ee012abb7d6eb73e5 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_powerpc.deb Size/MD5 checksum: 363422 320d25d4362871bd739d6612f6cecce2 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_s390.deb Size/MD5 checksum: 3307864 2933d8e82890dd74ede9b9c5146e7dbf http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_s390.deb Size/MD5 checksum: 406776 4ed85a0aff956abc622bc6886604fef9 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_s390.deb Size/MD5 checksum: 72972 57cd33e5a3eb33a193ed5e7b7f7d54eb http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_s390.deb Size/MD5 checksum: 156196 a130564911637e4f646bfc1a4b426210 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_s390.deb Size/MD5 checksum: 909430 287a6be6c2d44da44b5512b1865f05b6 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_s390.deb Size/MD5 checksum: 8396240 63a64bdb1c250679a39ac129e9f51740 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_s390.deb Size/MD5 checksum: 105630 8aae2a1d417e4a99c66fa96878881b62 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_s390.deb Size/MD5 checksum: 51200776 f7c31d337a4a5597637bc2e31e1ec0b7 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_s390.deb Size/MD5 checksum: 223216 cdf974bc762234a45aa5223d775de2c9 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_sparc.deb Size/MD5 checksum: 143860 091ec390f015be3eba4c522c66ee51e3 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_sparc.deb Size/MD5 checksum: 821270 330960373dbb626d51d4149a81e24429 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_sparc.deb Size/MD5 checksum: 49375502 f6bec1eefff555877964ca0d5051ec98 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_sparc.deb Size/MD5 checksum: 3574148 98a929f2aa4dab1faee64e38b731ee59 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_sparc.deb Size/MD5 checksum: 69840 96c306ae02ba5538beca32315bd92b35 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_sparc.deb Size/MD5 checksum: 221208 99b117922e86cd870ac0ecd53af0ef2d http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_sparc.deb Size/MD5 checksum: 83804 7b0485601946739a0da66761c777eb53 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_sparc.deb Size/MD5 checksum: 350608 d7bb678be22d7d4e341535bc68ec8d2a http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_sparc.deb Size/MD5 checksum: 7173326 9cc51c4ca3b567c93e30abd0bdd78dca 补丁安装方法: 1. 手工安装补丁包: 首先,使用下面的命令来下载补丁软件: # wget url (url是补丁下载链接地址) 然后,使用下面的命令来安装补丁: # dpkg -i file.deb (file是相应的补丁名) 2. 使用apt-get自动安装补丁包: 首先,使用下面的命令更新内部数据库: # apt-get update 然后,使用下面的命令安装更新软件包: # apt-get upgrade Mozilla ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.mozilla.org/ RedHat ------ RedHat已经为此发布了一个安全公告(RHSA-2010:0112-01)以及相应补丁: RHSA-2010:0112-01:Critical: firefox security update 链接:https://www.redhat.com/support/errata/RHSA-2010-0112.html Ubuntu ------ Ubuntu已经为此发布了一个安全公告(USN-895-1)以及相应补丁: USN-895-1:firefox-3.0, xulrunner-1.9 vulnerabilities 链接:http://www.ubuntu.com/usn/USN-895-1 |
| id | SSV:19191 |
| last seen | 2017-11-19 |
| modified | 2010-02-26 |
| published | 2010-02-26 |
| reporter | Root |
| title | Firefox浏览器引擎远程内存破坏漏洞 |
References
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035346.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035367.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035426.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036097.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036132.html
- http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00001.html
- http://secunia.com/advisories/37242
- http://secunia.com/advisories/38770
- http://secunia.com/advisories/38772
- http://secunia.com/advisories/38847
- http://www.debian.org/security/2010/dsa-1999
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:042
- http://www.mozilla.org/security/announce/2010/mfsa2010-01.html
- http://www.redhat.com/support/errata/RHSA-2010-0112.html
- http://www.redhat.com/support/errata/RHSA-2010-0113.html
- http://www.redhat.com/support/errata/RHSA-2010-0153.html
- http://www.redhat.com/support/errata/RHSA-2010-0154.html
- http://www.ubuntu.com/usn/USN-895-1
- http://www.ubuntu.com/usn/USN-896-1
- http://www.vupen.com/english/advisories/2010/0405
- http://www.vupen.com/english/advisories/2010/0650
- https://bugzilla.mozilla.org/show_bug.cgi?id=467005
- https://bugzilla.mozilla.org/show_bug.cgi?id=501934
- https://bugzilla.mozilla.org/show_bug.cgi?id=527567
- https://bugzilla.mozilla.org/show_bug.cgi?id=528134
- https://bugzilla.mozilla.org/show_bug.cgi?id=528300
- https://bugzilla.mozilla.org/show_bug.cgi?id=530880
- https://bugzilla.mozilla.org/show_bug.cgi?id=534082
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56359
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8485
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9590