Vulnerabilities > CVE-2010-1125 - Information Exposure vulnerability in Mozilla Firefox and Seamonkey

047910
CVSS 5.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
network
mozilla
CWE-200
nessus

Summary

The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.

Vulnerable Configurations

Part Description Count
Application
Mozilla
82

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Subverting Environment Variable Values
    The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
  • Footprinting
    An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
  • Exploiting Trust in Client (aka Make the Client Invisible)
    An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
  • Browser Fingerprinting
    An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Many web-based attacks need prior knowledge of the web browser including the version of browser to ensure successful exploitation of a vulnerability. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim. Automating this process via Java Script as a part of the same delivery system used to exploit the browser is considered more efficient as the attacker can supply a browser fingerprinting method and integrate it with exploit code, all contained in Java Script and in response to the same web page request by the browser.
  • Session Credential Falsification through Prediction
    This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.

Nessus

  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2010-0499.NASL
    descriptionFrom Red Hat Security Advisory 2010:0499 : Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1200) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1198) An integer overflow flaw was found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1199) A flaw was found in the way SeaMonkey processed mail attachments. A specially crafted mail message could cause SeaMonkey to crash. (CVE-2010-0163) A flaw was found in the way SeaMonkey handled the
    last seen2020-06-01
    modified2020-06-02
    plugin id68053
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68053
    titleOracle Linux 3 / 4 : seamonkey (ELSA-2010-0499)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-930-5.NASL
    descriptionUSN-930-4 fixed vulnerabilities in Firefox and Xulrunner on Ubuntu 9.04 and 9.10. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2. If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS. (CVE-2010-1121) Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203) A flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1198) An integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1196) Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1199) Michal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. (CVE-2010-1125) Ilja van Sprundel discovered that the
    last seen2020-06-01
    modified2020-06-02
    plugin id47825
    published2010-07-26
    reporterUbuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47825
    titleUbuntu 9.04 / 9.10 : ant, apturl, epiphany-browser, gluezilla, gnome-python-extras, liferea, mozvoikko, openjdk-6, packagekit, ubufox, webfav, yelp update (USN-930-5)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2010-0501.NASL
    descriptionUpdated firefox packages that address several security issues, fix bugs, add numerous enhancements, and upgrade Firefox to version 3.6.4, are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. [Updated 25 June 2010] The original packages distributed with this erratum had a bug which could cause unintended dependencies to be installed when upgrading. We have updated the packages to correct this bug. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the
    last seen2020-06-01
    modified2020-06-02
    plugin id47119
    published2010-06-23
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47119
    titleRHEL 5 : firefox (RHSA-2010:0501)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2010-0501.NASL
    descriptionUpdated firefox packages that address several security issues, fix bugs, add numerous enhancements, and upgrade Firefox to version 3.6.4, are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. [Updated 25 June 2010] The original packages distributed with this erratum had a bug which could cause unintended dependencies to be installed when upgrading. We have updated the packages to correct this bug. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the
    last seen2020-06-01
    modified2020-06-02
    plugin id47129
    published2010-06-25
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47129
    titleCentOS 5 : firefox (CESA-2010:0501)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2010-0500.NASL
    descriptionAn updated firefox package that addresses security issues, fixes bugs, adds numerous enhancements, and upgrades Firefox to version 3.6.4, is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the
    last seen2020-06-01
    modified2020-06-02
    plugin id48265
    published2010-08-09
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/48265
    titleCentOS 4 : firefox (CESA-2010:0500)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_2_MOZILLAFIREFOX-100625.NASL
    descriptionMozilla Firefox was updated to version 3.5.10, fixing various bugs and security issues. MFSA 2010-33 / CVE-2008-5913: Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random(). Since the pseudo-random number generator was only seeded once per browsing session, this seed value could be used as a unique token to identify and track users across different websites. MFSA 2010-32 / CVE-2010-1197: Security researcher Ilja van Sprundel of IOActive reported that the Content-Disposition: attachment HTTP header was ignored when Content-Type: multipart was also present. This issue could potentially lead to XSS problems in sites that allow users to upload arbitrary files and specify a Content-Type but rely on Content-Disposition: attachment to prevent the content from being displayed inline. MFSA 2010-31 / CVE-2010-1125: Google security researcher Michal Zalewski reported that focus() could be used to change a user
    last seen2020-06-01
    modified2020-06-02
    plugin id47693
    published2010-07-09
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47693
    titleopenSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0358-2)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2010-0499.NASL
    descriptionUpdated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1200) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1198) An integer overflow flaw was found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1199) A flaw was found in the way SeaMonkey processed mail attachments. A specially crafted mail message could cause SeaMonkey to crash. (CVE-2010-0163) A flaw was found in the way SeaMonkey handled the
    last seen2020-06-01
    modified2020-06-02
    plugin id47788
    published2010-07-22
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47788
    titleCentOS 3 / 4 : seamonkey (CESA-2010:0499)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-930-4.NASL
    descriptionUSN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update provides the corresponding updates for Ubuntu 9.04 and 9.10, along with additional updates affecting Firefox 3.6.6. Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211, CVE-2010-1212) An integer overflow was discovered in how Firefox processed plugin parameters. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1214) A flaw was discovered in the Firefox JavaScript engine. If a user were tricked into viewing a malicious site, a remote attacker code execute arbitrary JavaScript with chrome privileges. (CVE-2010-1215) An integer overflow was discovered in how Firefox processed CSS values. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2752) An integer overflow was discovered in how Firefox interpreted the XUL <tree> element. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2753) Aki Helin discovered that libpng did not properly handle certain malformed PNG images. If a user were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1205) Yosuke Hasegawa and Vladimir Vukicevic discovered that the same-origin check in Firefox could be bypassed by utilizing the importScripts Web Worker method. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-1213, CVE-2010-1207) O. Andersen that Firefox did not properly map undefined positions within certain 8 bit encodings. An attacker could utilize this to perform cross-site scripting attacks. (CVE-2010-1210) Michal Zalewski discovered flaws in how Firefox processed the HTTP 204 (no content) code. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-1206) Jordi Chancel discovered that Firefox did not properly handle when a server responds to an HTTPS request with plaintext and then processes JavaScript history events. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-2751) Chris Evans discovered that Firefox did not properly process improper CSS selectors. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-0654) Soroush Dalili discovered that Firefox did not properly handle script error output. An attacker could use this to access URL parameters from other domains. (CVE-2010-2754) If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1121) Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203) A flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1198) An integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1196) Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1199) Michal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. (CVE-2010-1125) Ilja van Sprundel discovered that the
    last seen2020-06-01
    modified2020-06-02
    plugin id47824
    published2010-07-26
    reporterUbuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47824
    titleUbuntu 9.04 / 9.10 : firefox-3.0, firefox-3.5, xulrunner-1.9.2 vulnerabilities (USN-930-4)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-930-1.NASL
    descriptionIf was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS. (CVE-2010-1121) Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203) A flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1198) An integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1196) Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1199) Michal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. (CVE-2010-1125) Ilja van Sprundel discovered that the
    last seen2020-06-01
    modified2020-06-02
    plugin id47161
    published2010-06-30
    reporterUbuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47161
    titleUbuntu 8.04 LTS / 10.04 LTS : firefox, firefox-3.0, xulrunner-1.9.2 vulnerabilities (USN-930-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_MOZILLAFIREFOX-7083.NASL
    descriptionMozilla Firefox has been updated to version 3.5.10, fixing various bugs and security issues. - Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random(). Since the pseudo-random number generator was only seeded once per browsing session, this seed value could be used as a unique token to identify and track users across different websites. (MFSA 2010-33/ CVE-2008-5913) - Security researcher Ilja van Sprundel of IOActive reported that the Content-Disposition: attachment HTTP header was ignored when `Content-Type: multipart` was also present. This issue could potentially lead to XSS problems in sites that allow users to upload arbitrary files and specify a content type but rely on Content-Disposition: attachment to prevent the content from being displayed inline. (MFSA 2010-32/ CVE-2010-1197) - Google security researcher Michal Zalewski reported that focus() could be used to change a user
    last seen2020-06-01
    modified2020-06-02
    plugin id49893
    published2010-10-11
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/49893
    titleSuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7083)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2010-0500.NASL
    descriptionFrom Red Hat Security Advisory 2010:0500 : An updated firefox package that addresses security issues, fixes bugs, adds numerous enhancements, and upgrades Firefox to version 3.6.4, is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the
    last seen2020-06-01
    modified2020-06-02
    plugin id68054
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68054
    titleOracle Linux 4 : firefox (ELSA-2010-0500)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_MOZILLAFIREFOX-100628.NASL
    descriptionMozilla Firefox was updated to version 3.5.10, fixing various bugs and security issues. MFSA 2010-33 / CVE-2008-5913: Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random(). Since the pseudo-random number generator was only seeded once per browsing session, this seed value could be used as a unique token to identify and track users across different websites. MFSA 2010-32 / CVE-2010-1197: Security researcher Ilja van Sprundel of IOActive reported that the Content-Disposition: attachment HTTP header was ignored when Content-Type: multipart was also present. This issue could potentially lead to XSS problems in sites that allow users to upload arbitrary files and specify a Content-Type but rely on Content-Disposition: attachment to prevent the content from being displayed inline. MFSA 2010-31 / CVE-2010-1125: Google security researcher Michal Zalewski reported that focus() could be used to change a user
    last seen2020-06-01
    modified2020-06-02
    plugin id47691
    published2010-07-09
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47691
    titleopenSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0358-2)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-930-2.NASL
    descriptionUSN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2 on Ubuntu 8.04 LTS. If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS. (CVE-2010-1121) Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203) A flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1198) An integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1196) Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1199) Michal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. (CVE-2010-1125) Ilja van Sprundel discovered that the
    last seen2020-06-01
    modified2020-06-02
    plugin id47162
    published2010-06-30
    reporterUbuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47162
    titleUbuntu 8.04 LTS : apturl, epiphany-browser, gecko-sharp, gnome-python-extras, liferea, rhythmbox, totem, ubufox, yelp update (USN-930-2)
  • NASL familyWindows
    NASL idMOZILLA_FIREFOX_364.NASL
    descriptionThe installed version of Firefox 3.6.x is earlier than 3.6.4. Such versions are potentially affected by the following security issues : - Multiple crashes can result in arbitrary code execution. (MFSA 2010-26) - A plugin is allowed to hold a reference to an object owned by a second plugin even after the second plugin is unloaded and the referenced object no longer exists. This could allow arbitrary code execution. (MFSA 2010-28) - An error in
    last seen2020-06-01
    modified2020-06-02
    plugin id47124
    published2010-06-23
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/47124
    titleFirefox 3.6 < 3.6.4 Multiple Vulnerabilities
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-930-3.NASL
    descriptionUSN-930-1 fixed vulnerabilities in Firefox. Due to a software packaging problem, the Firefox 3.6 update could not be installed when the firefox-2 package was also installed. This update fixes the problem and updates apturl for the change. If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS. (CVE-2010-1121) Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203) A flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1198) An integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1196) Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1199) Michal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. (CVE-2010-1125) Ilja van Sprundel discovered that the
    last seen2020-06-01
    modified2020-06-02
    plugin id47574
    published2010-07-01
    reporterUbuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47574
    titleUbuntu 8.04 LTS : firefox regression (USN-930-3)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2010-10363.NASL
    descriptionUpdate to new upstream SeaMonkey version 2.0.5, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/seamonkey20.html#seamonkey2.0.5 CVE-2010-1121 CVE-2010-1200 CVE-2010-1201 CVE-2010-1202 CVE-2010-1203 CVE-2010-0183 CVE-2010-1198 CVE-2010-1196 CVE-2010-1199 CVE-2010-1125 CVE-2010-1197 CVE-2008-5913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id47226
    published2010-07-01
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47226
    titleFedora 13 : seamonkey-2.0.5-1.fc13 (2010-10363)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20100622_FIREFOX_ON_SL4_X.NASL
    descriptionSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the
    last seen2020-06-01
    modified2020-06-02
    plugin id60807
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60807
    titleScientific Linux Security Update : firefox on SL4.x i386/x86_64
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2010-0500.NASL
    descriptionAn updated firefox package that addresses security issues, fixes bugs, adds numerous enhancements, and upgrades Firefox to version 3.6.4, is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the
    last seen2020-06-01
    modified2020-06-02
    plugin id47118
    published2010-06-23
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47118
    titleRHEL 4 : firefox (RHSA-2010:0500)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2010-10329.NASL
    descriptionUpdate to new upstream SeaMonkey version 2.0.5, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/seamonkey20.html#seamonkey2.0.5 CVE-2010-1121 CVE-2010-1200 CVE-2010-1201 CVE-2010-1202 CVE-2010-1203 CVE-2010-0183 CVE-2010-1198 CVE-2010-1196 CVE-2010-1199 CVE-2010-1125 CVE-2010-1197 CVE-2008-5913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id47222
    published2010-07-01
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47222
    titleFedora 12 : seamonkey-2.0.5-1.fc12 (2010-10329)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20100622_FIREFOX_ON_SL5_X.NASL
    descriptionSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the
    last seen2020-06-01
    modified2020-06-02
    plugin id60808
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60808
    titleScientific Linux Security Update : firefox on SL5.x i386/x86_64
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_MOZILLAFIREFOX-100628.NASL
    descriptionMozilla Firefox has been updated to version 3.5.10, fixing various bugs and security issues. - Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random(). Since the pseudo-random number generator was only seeded once per browsing session, this seed value could be used as a unique token to identify and track users across different web sites. (MFSA 2010-33/ CVE-2008-5913) - Security researcher Ilja van Sprundel of IOActive reported that the Content-Disposition: attachment HTTP header was ignored when `Content-Type: multipart` was also present. This issue could potentially lead to XSS problems in sites that allow users to upload arbitrary files and specify a content type but rely on Content-Disposition: attachment to prevent the content from being displayed inline. (MFSA 2010-32/ CVE-2010-1197) - Google security researcher Michal Zalewski reported that focus() could be used to change a user
    last seen2020-06-01
    modified2020-06-02
    plugin id50873
    published2010-12-02
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/50873
    titleSuSE 11 / 11.1 Security Update : Mozilla Firefox (SAT Patch Numbers 2608 / 2609)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2010-10361.NASL
    descriptionUpdate to new upstream Firefox version 3.6.4, fixing a security issue detailed in the upstream advisory: http://www.mozilla.org/security/known- vulnerabilities/firefox36.html#firefox3.6.4 Update also includes packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. CVE-2010-1200 CVE-2010-1202 CVE-2010-1203 CVE-2010-1198 CVE-2010-1196 CVE-2010-1199 CVE-2010-1125 CVE-2010-1197 CVE-2008-5913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id47225
    published2010-07-01
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47225
    titleFedora 13 : firefox-3.6.4-1.fc13 / galeon-2.0.7-29.fc13 / gnome-python2-extras-2.25.3-19.fc13 / etc (2010-10361)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_99858B7C7ECE11DFA007000F20797EDE.NASL
    descriptionMozilla Project reports : MFSA 2010-33 User tracking across sites using Math.random() MFSA 2010-32 Content-Disposition: attachment ignored if Content-Type: multipart also present MFSA 2010-31 focus() behavior can be used to inject or steal keystrokes MFSA 2010-30 Integer Overflow in XSLT Node Sorting MFSA 2010-29 Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal MFSA 2010-28 Freed object reuse across plugin instances MFSA 2010-27 Use-after-free error in nsCycleCollector::MarkRoots() MFSA 2010-26 Crashes with evidence of memory corruption (rv:1.9.2.4/ 1.9.1.10) MFSA 2010-25 Re-use of freed object due to scope confusion
    last seen2020-06-01
    modified2020-06-02
    plugin id47130
    published2010-06-25
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47130
    titleFreeBSD : mozilla -- multiple vulnerabilities (99858b7c-7ece-11df-a007-000f20797ede)
  • NASL familyWindows
    NASL idSEAMONKEY_205.NASL
    descriptionThe installed version of SeaMonkey is earlier than 2.0.5. Such versions are potentially affected by the following security issues : - A memory corruption vulnerability can lead to arbitrary code execution if garbage collection is carefully timed after DOM nodes are moved between documents. (MFSA 2010-25) - Multiple crashes can result in arbitrary code execution. (MFSA 2010-26) - An error in
    last seen2020-06-01
    modified2020-06-02
    plugin id47126
    published2010-06-23
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/47126
    titleSeaMonkey < 2.0.5 Multiple Vulnerabilities
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201301-01.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201301-01 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL&rsquo;s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser&rsquo;s font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id63402
    published2013-01-08
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63402
    titleGLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2010-125.NASL
    descriptionSecurity issues were identified and fixed in firefox : An unspecified function in the JavaScript implementation in Mozilla Firefox creates and exposes a temporary footprint when there is a current login to a website, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up message, aka an in-session phishing attack. (CVE-2008-5913). The JavaScript implementation in Mozilla Firefox 3.x allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method (CVE-2010-1125). Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow (CVE-2010-1196). Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both Content-Disposition: attachment and Content-Type: multipart are present in HTTP headers, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an uploaded HTML document (CVE-2010-1197). Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances (CVE-2010-1198). Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node (CVE-2010-1199). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2010-1200). Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2010-1202). Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2010-1203). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=4 90 Additionally, some packages which require so, have been rebuilt and are being provided as updates.
    last seen2020-06-01
    modified2020-06-02
    plugin id47132
    published2010-06-25
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/47132
    titleMandriva Linux Security Advisory : firefox (MDVSA-2010:125)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2010-0499.NASL
    descriptionUpdated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1200) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1198) An integer overflow flaw was found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1199) A flaw was found in the way SeaMonkey processed mail attachments. A specially crafted mail message could cause SeaMonkey to crash. (CVE-2010-0163) A flaw was found in the way SeaMonkey handled the
    last seen2020-06-01
    modified2020-06-02
    plugin id47117
    published2010-06-23
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47117
    titleRHEL 3 / 4 : seamonkey (RHSA-2010:0499)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2010-0501.NASL
    descriptionFrom Red Hat Security Advisory 2010:0501 : Updated firefox packages that address several security issues, fix bugs, add numerous enhancements, and upgrade Firefox to version 3.6.4, are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. [Updated 25 June 2010] The original packages distributed with this erratum had a bug which could cause unintended dependencies to be installed when upgrading. We have updated the packages to correct this bug. Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203) A flaw was found in the way browser plug-ins interact. It was possible for a plug-in to reference the freed memory from a different plug-in, resulting in the execution of arbitrary code with the privileges of the user running Firefox. (CVE-2010-1198) Several integer overflow flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-1196, CVE-2010-1199) A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as usernames and passwords. (CVE-2010-1125) A flaw was found in the way Firefox handled the
    last seen2020-06-01
    modified2020-06-02
    plugin id68055
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68055
    titleOracle Linux 5 : firefox (ELSA-2010-0501)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2010-10344.NASL
    descriptionUpdate to new upstream Firefox version 3.5.10, fixing a security issue detailed in the upstream advisory: http://www.mozilla.org/security/known- vulnerabilities/firefox36.html#firefox3.5.10 Update also includes packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. CVE-2010-1121 CVE-2010-1200 CVE-2010-1201 CVE-2010-1202 CVE-2010-0183 CVE-2010-1198 CVE-2010-1196 CVE-2010-1199 CVE-2010-1125 CVE-2010-1197 CVE-2008-5913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id47223
    published2010-07-01
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47223
    titleFedora 12 : firefox-3.5.10-1.fc12 / galeon-2.0.7-23.fc12 / gnome-python2-extras-2.25.3-18.fc12 / etc (2010-10344)
  • NASL familyWindows
    NASL idMOZILLA_FIREFOX_3510.NASL
    descriptionThe installed version of Firefox is earlier than 3.5.10. Such versions are potentially affected by the following security issues : - A memory corruption vulnerability can lead to arbitrary code execution if garbage collection is carefully timed after DOM nodes are moved between documents. (MFSA 2010-25) - Multiple crashes can result in arbitrary code execution. (MFSA 2010-26) - An error in
    last seen2020-06-01
    modified2020-06-02
    plugin id47123
    published2010-06-23
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/47123
    titleFirefox < 3.5.10 Multiple Vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_MOZILLAFIREFOX-100625.NASL
    descriptionMozilla Firefox was updated to version 3.5.10, fixing various bugs and security issues. MFSA 2010-33 / CVE-2008-5913: Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random(). Since the pseudo-random number generator was only seeded once per browsing session, this seed value could be used as a unique token to identify and track users across different websites. MFSA 2010-32 / CVE-2010-1197: Security researcher Ilja van Sprundel of IOActive reported that the Content-Disposition: attachment HTTP header was ignored when Content-Type: multipart was also present. This issue could potentially lead to XSS problems in sites that allow users to upload arbitrary files and specify a Content-Type but rely on Content-Disposition: attachment to prevent the content from being displayed inline. MFSA 2010-31 / CVE-2010-1125: Google security researcher Michal Zalewski reported that focus() could be used to change a user
    last seen2020-06-01
    modified2020-06-02
    plugin id47689
    published2010-07-09
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47689
    titleopenSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0358-2)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-930-6.NASL
    descriptionUSN-957-1 fixed vulnerabilities in Firefox and Xulrunner. Daniel Holbert discovered that the fix for CVE-2010-1214 introduced a regression which did not properly initialize a plugin pointer. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or run arbitrary code as the user invoking the program. (CVE-2010-2755) This update fixes the problem. If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS. (CVE-2010-1121) Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203) A flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1198) An integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1196) Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1199) Michal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. (CVE-2010-1125) Ilja van Sprundel discovered that the
    last seen2020-06-01
    modified2020-06-02
    plugin id47855
    published2010-07-27
    reporterUbuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47855
    titleUbuntu 9.04 / 9.10 : firefox, firefox-3.0, xulrunner-1.9.2 vulnerability (USN-930-6)

Oval

  • accepted2013-04-29T04:05:13.363-04:00
    classvulnerability
    contributors
    • nameAharon Chernin
      organizationSCAP.com, LLC
    • nameDragos Prisaca
      organizationG2, Inc.
    definition_extensions
    • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
      ovaloval:org.mitre.oval:def:11831
    • commentCentOS Linux 4.x
      ovaloval:org.mitre.oval:def:16636
    • commentOracle Linux 4.x
      ovaloval:org.mitre.oval:def:15990
    • commentThe operating system installed on the system is Red Hat Enterprise Linux 5
      ovaloval:org.mitre.oval:def:11414
    • commentThe operating system installed on the system is CentOS Linux 5.x
      ovaloval:org.mitre.oval:def:15802
    • commentOracle Linux 5.x
      ovaloval:org.mitre.oval:def:15459
    descriptionThe JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.
    familyunix
    idoval:org.mitre.oval:def:10386
    statusaccepted
    submitted2010-07-09T03:56:16-04:00
    titleThe JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.
    version28
  • accepted2014-10-06T04:00:56.922-04:00
    classvulnerability
    contributors
    • nameScott Quint
      organizationDTCC
    • nameSergey Artykhov
      organizationALTX-SOFT
    • nameSergey Artykhov
      organizationALTX-SOFT
    • nameMaria Kedovskaya
      organizationALTX-SOFT
    • nameShane Shaffer
      organizationG2, Inc.
    • nameMaria Kedovskaya
      organizationALTX-SOFT
    • nameEvgeniy Pavlov
      organizationALTX-SOFT
    • nameEvgeniy Pavlov
      organizationALTX-SOFT
    • nameEvgeniy Pavlov
      organizationALTX-SOFT
    definition_extensions
    • commentMozilla Firefox Mainline release is installed
      ovaloval:org.mitre.oval:def:22259
    • commentMozilla Seamonkey is installed
      ovaloval:org.mitre.oval:def:6372
    • commentMozilla Seamonkey is installed
      ovaloval:org.mitre.oval:def:6372
    descriptionThe JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.
    familywindows
    idoval:org.mitre.oval:def:13962
    statusaccepted
    submitted2011-11-25T18:05:56.000-05:00
    titleThe JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.
    version32

Redhat

advisories
  • rhsa
    idRHSA-2010:0500
  • rhsa
    idRHSA-2010:0501
rpms
  • firefox-0:3.6.4-8.el4
  • firefox-debuginfo-0:3.6.4-8.el4
  • devhelp-0:0.12-21.el5
  • devhelp-debuginfo-0:0.12-21.el5
  • devhelp-devel-0:0.12-21.el5
  • esc-0:1.1.0-12.el5
  • esc-debuginfo-0:1.1.0-12.el5
  • firefox-0:3.6.4-8.el5
  • firefox-debuginfo-0:3.6.4-8.el5
  • gnome-python2-extras-0:2.14.2-7.el5
  • gnome-python2-extras-debuginfo-0:2.14.2-7.el5
  • gnome-python2-gtkhtml2-0:2.14.2-7.el5
  • gnome-python2-gtkmozembed-0:2.14.2-7.el5
  • gnome-python2-gtkspell-0:2.14.2-7.el5
  • gnome-python2-libegg-0:2.14.2-7.el5
  • totem-0:2.16.7-7.el5
  • totem-debuginfo-0:2.16.7-7.el5
  • totem-devel-0:2.16.7-7.el5
  • totem-mozplugin-0:2.16.7-7.el5
  • xulrunner-0:1.9.2.4-10.el5
  • xulrunner-debuginfo-0:1.9.2.4-10.el5
  • xulrunner-devel-0:1.9.2.4-10.el5
  • yelp-0:2.16.0-26.el5
  • yelp-debuginfo-0:2.16.0-26.el5