Vulnerabilities > CVE-2010-3170 - Cryptographic Issues vulnerability in Mozilla Firefox, Seamonkey and Thunderbird
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Signature Spoofing by Key Recreation An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_11_3_MOZILLAFIREFOX-101029.NASL description This update brings Mozilla Firefox to version 3.6.12, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-64: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov and Josh Soref reported memory safety problems that affected Firefox 3.6 and Firefox 3.5. - Memory safety bugs - Firefox 3.6, Firefox 3.5 - CVE-2010-3176 Gary Kwong, Martijn Wargers and Siddharth Agarwal reported memory safety problems that affected Firefox 3.6 only. - Memory safety bugs - Firefox 3.6 - CVE-2010-3175 MFSA 2010-65 / CVE-2010-3179: Security researcher Alexander Miller reported that passing an excessively long string to document.write could cause text rendering routines to end up in an inconsistent state with sections of stack memory being overwritten with the string data. An attacker could use this flaw to crash a victim last seen 2020-06-01 modified 2020-06-02 plugin id 75648 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/75648 title openSUSE Security Update : MozillaFirefox (MozillaFirefox-3422) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update MozillaFirefox-3422. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75648); script_version("1.3"); script_cvs_date("Date: 2019/10/25 13:36:39"); script_cve_id("CVE-2010-3170", "CVE-2010-3174", "CVE-2010-3175", "CVE-2010-3176", "CVE-2010-3177", "CVE-2010-3178", "CVE-2010-3179", "CVE-2010-3180", "CVE-2010-3182", "CVE-2010-3183", "CVE-2010-3765"); script_name(english:"openSUSE Security Update : MozillaFirefox (MozillaFirefox-3422)"); script_summary(english:"Check for the MozillaFirefox-3422 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update brings Mozilla Firefox to version 3.6.12, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-64: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov and Josh Soref reported memory safety problems that affected Firefox 3.6 and Firefox 3.5. - Memory safety bugs - Firefox 3.6, Firefox 3.5 - CVE-2010-3176 Gary Kwong, Martijn Wargers and Siddharth Agarwal reported memory safety problems that affected Firefox 3.6 only. - Memory safety bugs - Firefox 3.6 - CVE-2010-3175 MFSA 2010-65 / CVE-2010-3179: Security researcher Alexander Miller reported that passing an excessively long string to document.write could cause text rendering routines to end up in an inconsistent state with sections of stack memory being overwritten with the string data. An attacker could use this flaw to crash a victim's browser and potentially run arbitrary code on their computer. MFSA 2010-66 / CVE-2010-3180: Security researcher Sergey Glazunov reported that it was possible to access the locationbar property of a window object after it had been closed. Since the closed window's memory could have been subsequently reused by the system it was possible that an attempt to access the locationbar property could result in the execution of attacker-controlled memory. MFSA 2010-67 / CVE-2010-3183: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that when window.__lookupGetter__ is called with no arguments the code assumes the top JavaScript stack value is a property name. Since there were no arguments passed into the function, the top value could represent uninitialized memory or a pointer to a previously freed JavaScript object. Under such circumstances the value is passed to another subroutine which calls through the dangling pointer, potentially executing attacker-controlled memory. MFSA 2010-68 / CVE-2010-3177: Google security researcher Robert Swiecki reported that functions used by the Gopher parser to convert text to HTML tags could be exploited to turn text into executable JavaScript. If an attacker could create a file or directory on a Gopher server with the encoded script as part of its name the script would then run in a victim's browser within the context of the site. MFSA 2010-69 / CVE-2010-3178: Security researcher Eduardo Vela Nava reported that if a web page opened a new window and used a javascript: URL to make a modal call, such as alert(), then subsequently navigated the page to a different domain, once the modal call returned the opener of the window could get access to objects in the navigated window. This is a violation of the same-origin policy and could be used by an attacker to steal information from another website. MFSA 2010-70 / CVE-2010-3170: Security researcher Richard Moore reported that when an SSL certificate was created with a common name containing a wildcard followed by a partial IP address a valid SSL connection could be established with a server whose IP address matched the wildcard range by browsing directly to the IP address. It is extremely unlikely that such a certificate would be issued by a Certificate Authority. MFSA 2010-71 / CVE-2010-3182: Dmitri Gribenko reported that the script used to launch Mozilla applications on Linux was effectively including the current working directory in the LD_LIBRARY_PATH environment variable. If an attacker was able to place into the current working directory a malicious shared library with the same name as a library that the bootstrapping script depends on the attacker could have their library loaded instead of the legitimate library. MFSA 2010-73 / CVE-2010-3765: Morten Kråkvik of Telenor SOC reported an exploit targeting particular versions of Firefox 3.6 on Windows XP that Telenor found while investigating an intrusion attempt on a customer network. The underlying vulnerability, however, was present on both the Firefox 3.5 and Firefox 3.6 development branches and affected all supported platforms." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=645315" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=649492" ); script_set_attribute( attribute:"solution", value:"Update the affected MozillaFirefox packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Interleaved document.write/appendChild Memory Corruption'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-buildsymbols"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other-32bit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3"); script_set_attribute(attribute:"patch_publication_date", value:"2010/10/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.3", reference:"MozillaFirefox-3.6.12-0.7.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"MozillaFirefox-branding-upstream-3.6.12-0.7.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"MozillaFirefox-translations-common-3.6.12-0.7.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"MozillaFirefox-translations-other-3.6.12-0.7.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"mozilla-js192-1.9.2.12-0.8.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-1.9.2.12-0.8.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-buildsymbols-1.9.2.12-0.8.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-devel-1.9.2.12-0.8.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-gnome-1.9.2.12-0.8.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-translations-common-1.9.2.12-0.8.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-translations-other-1.9.2.12-0.8.1") ) flag++; if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"mozilla-js192-32bit-1.9.2.12-0.8.1") ) flag++; if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"mozilla-xulrunner192-32bit-1.9.2.12-0.8.1") ) flag++; if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"mozilla-xulrunner192-gnome-32bit-1.9.2.12-0.8.1") ) flag++; if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"mozilla-xulrunner192-translations-common-32bit-1.9.2.12-0.8.1") ) flag++; if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"mozilla-xulrunner192-translations-other-32bit-1.9.2.12-0.8.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox"); }NASL family VMware ESX Local Security Checks NASL id VMWARE_VMSA-2011-0013.NASL description a. ESX third-party update for Service Console openssl RPM The Service Console openssl RPM is updated to openssl-0.9.8e.12.el5_5.7 resolving two security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-7270 and CVE-2010-4180 to these issues. b. ESX third-party update for Service Console libuser RPM The Service Console libuser RPM is updated to version 0.54.7-2.1.el5_5.2 to resolve a security issue. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2011-0002 to this issue. c. ESX third-party update for Service Console nss and nspr RPMs The Service Console Network Security Services (NSS) and Netscape Portable Runtime (NSPR) libraries are updated to nspr-4.8.6-1 and nss-3.12.8-4 resolving multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3170 and CVE-2010-3173 to these issues. d. vCenter Server and ESX, Oracle (Sun) JRE update 1.6.0_24 Oracle (Sun) JRE is updated to version 1.6.0_24, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.6.0_24: CVE-2010-4422, CVE-2010-4447, CVE-2010-4448, CVE-2010-4450, CVE-2010-4451, CVE-2010-4452, CVE-2010-4454, CVE-2010-4462, CVE-2010-4463, CVE-2010-4465, CVE-2010-4466, CVE-2010-4467, CVE-2010-4468, CVE-2010-4469, CVE-2010-4470, CVE-2010-4471, CVE-2010-4472, CVE-2010-4473, CVE-2010-4474, CVE-2010-4475 and CVE-2010-4476. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.6.0_22: CVE-2010-1321, CVE-2010-3541, CVE-2010-3548, CVE-2010-3549, CVE-2010-3550, CVE-2010-3551, CVE-2010-3552, CVE-2010-3553, CVE-2010-3554, CVE-2010-3555, CVE-2010-3556, CVE-2010-3557, CVE-2010-3558, CVE-2010-3559, CVE-2010-3560, CVE-2010-3561, CVE-2010-3562, CVE-2010-3563, CVE-2010-3565, CVE-2010-3566, CVE-2010-3567, CVE-2010-3568, CVE-2010-3569, CVE-2010-3570, CVE-2010-3571, CVE-2010-3572, CVE-2010-3573 and CVE-2010-3574. e. vCenter Update Manager Oracle (Sun) JRE update 1.5.0_30 Oracle (Sun) JRE is updated to version 1.5.0_30, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.5.0_30: CVE-2011-0862, CVE-2011-0873, CVE-2011-0815, CVE-2011-0864, CVE-2011-0802, CVE-2011-0814, CVE-2011-0871, CVE-2011-0867 and CVE-2011-0865. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.5.0_28: CVE-2010-4447, CVE-2010-4448, CVE-2010-4450, CVE-2010-4454, CVE-2010-4462, CVE-2010-4465, CVE-2010-4466, CVE-2010-4468, CVE-2010-4469, CVE-2010-4473, CVE-2010-4475, CVE-2010-4476. f. Integer overflow in VMware third-party component sfcb This release resolves an integer overflow issue present in the third-party library SFCB when the httpMaxContentLength has been changed from its default value to 0 in in /etc/sfcb/sfcb.cfg. The integer overflow could allow remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via a large integer in the Content-Length HTTP header. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-2054 to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 56665 published 2011-10-28 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/56665 title VMSA-2011-0013 : VMware third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX NASL family SuSE Local Security Checks NASL id SUSE_11_2_LIBFREEBL3-100930.NASL description The Mozilla NSS Library was updated to version 3.12.8 and the Mozilla NSPR Library was updated to 4.8.6 to fix various bugs and one security issue. CVE-2010-3170: Disallow wildcard matching in X509 certificate Common Names. This update also has preparations for Firefox 4 support, and a updated Root Certificate Authority list. last seen 2020-06-01 modified 2020-06-02 plugin id 50374 published 2010-10-28 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50374 title openSUSE Security Update : libfreebl3 (openSUSE-SU-2010:0904-1) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0782.NASL description Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Network Security Services (NSS) is a set of libraries designed to support the development of security-enabled client and server applications. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3175, CVE-2010-3176, CVE-2010-3179, CVE-2010-3183, CVE-2010-3180) A flaw was found in the way the Gopher parser in Firefox converted text into HTML. A malformed file name on a Gopher server could, when accessed by a victim running Firefox, allow arbitrary JavaScript to be executed in the context of the Gopher domain. (CVE-2010-3177) A same-origin policy bypass flaw was found in Firefox. An attacker could create a malicious web page that, when viewed by a victim, could steal private data from a different website the victim has loaded with Firefox. (CVE-2010-3178) A flaw was found in the script that launches Firefox. The LD_LIBRARY_PATH variable was appending a last seen 2020-06-01 modified 2020-06-02 plugin id 50793 published 2010-11-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50793 title CentOS 4 / 5 : firefox (CESA-2010:0782) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_C4F067B9DC4A11DF8E32000F20797EDE.NASL description The Mozilla Project reports : MFSA 2010-64 Miscellaneous memory safety hazards (rv:1.9.2.11/ 1.9.1.14) MFSA 2010-65 Buffer overflow and memory corruption using document.write MFSA 2010-66 Use-after-free error in nsBarProp MFSA 2010-67 Dangling pointer vulnerability in LookupGetterOrSetter MFSA 2010-68 XSS in gopher parser when parsing hrefs MFSA 2010-69 Cross-site information disclosure via modal calls MFSA 2010-70 SSL wildcard certificate matching IP addresses MFSA 2010-71 Unsafe library loading vulnerabilities MFSA 2010-72 Insecure Diffie-Hellman key exchange last seen 2020-06-01 modified 2020-06-02 plugin id 50074 published 2010-10-21 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50074 title FreeBSD : mozilla -- multiple vulnerabilities (c4f067b9-dc4a-11df-8e32-000f20797ede) NASL family SuSE Local Security Checks NASL id SUSE_11_3_LIBFREEBL3-100930.NASL description The Mozilla NSS Library was updated to version 3.12.8 and the Mozilla NSPR Library was updated to 4.8.6 to fix various bugs and one security issue. CVE-2010-3170: Disallow wildcard matching in X509 certificate Common Names. This update also has preparations for Firefox 4 support, and a updated Root Certificate Authority list. last seen 2020-06-01 modified 2020-06-02 plugin id 75574 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75574 title openSUSE Security Update : libfreebl3 (openSUSE-SU-2010:0904-1) NASL family SuSE Local Security Checks NASL id SUSE_11_1_MOZILLA-XULRUNNER191-101028.NASL description This update brings Mozilla XULRunner to version 1.9.1.15, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. MFSA 2010-50 / CVE-2010-2765: Security researcher Chris Rohlf of Matasano Security reported that the implementation of the HTML frameset element contained an integer overflow vulnerability. The code responsible for parsing the frameset columns used an 8-byte counter for the column numbers, so when a very large number of columns was passed in the counter would overflow. When this counter was subsequently used to allocate memory for the frameset, the memory buffer would be too small, potentially resulting in a heap buffer overflow and execution of attacker-controlled memory. MFSA 2010-51 / CVE-2010-2767: Security researcher Sergey Glazunov reported a dangling pointer vulnerability in the implementation of navigator.plugins in which the navigator object could retain a pointer to the plugins array even after it had been destroyed. An attacker could potentially use this issue to crash the browser and run arbitrary code on a victim last seen 2020-06-01 modified 2020-06-02 plugin id 50462 published 2010-11-03 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50462 title openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-3421) NASL family Windows NASL id MOZILLA_THUNDERBIRD_309.NASL description The installed version of Thunderbird is earlier than 3.0.9. Such versions are potentially affected by the following security issues : - Multiple memory safety bugs could lead to memory corruption, potentially resulting in arbitrary code execution. (MFSA 2010-64) - By passing an excessively long string to last seen 2020-06-01 modified 2020-06-02 plugin id 50086 published 2010-10-21 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50086 title Mozilla Thunderbird < 3.0.9 Multiple Vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_11_3_MOZILLA-XULRUNNER191-101028.NASL description This update brings Mozilla XULRunner to version 1.9.1.15, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. MFSA 2010-50 / CVE-2010-2765: Security researcher Chris Rohlf of Matasano Security reported that the implementation of the HTML frameset element contained an integer overflow vulnerability. The code responsible for parsing the frameset columns used an 8-byte counter for the column numbers, so when a very large number of columns was passed in the counter would overflow. When this counter was subsequently used to allocate memory for the frameset, the memory buffer would be too small, potentially resulting in a heap buffer overflow and execution of attacker-controlled memory. MFSA 2010-51 / CVE-2010-2767: Security researcher Sergey Glazunov reported a dangling pointer vulnerability in the implementation of navigator.plugins in which the navigator object could retain a pointer to the plugins array even after it had been destroyed. An attacker could potentially use this issue to crash the browser and run arbitrary code on a victim last seen 2020-06-01 modified 2020-06-02 plugin id 75671 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/75671 title openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-3421) NASL family SuSE Local Security Checks NASL id SUSE_11_2_MOZILLA-XULRUNNER191-101028.NASL description This update brings Mozilla XULRunner to version 1.9.1.15, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. MFSA 2010-50 / CVE-2010-2765: Security researcher Chris Rohlf of Matasano Security reported that the implementation of the HTML frameset element contained an integer overflow vulnerability. The code responsible for parsing the frameset columns used an 8-byte counter for the column numbers, so when a very large number of columns was passed in the counter would overflow. When this counter was subsequently used to allocate memory for the frameset, the memory buffer would be too small, potentially resulting in a heap buffer overflow and execution of attacker-controlled memory. MFSA 2010-51 / CVE-2010-2767: Security researcher Sergey Glazunov reported a dangling pointer vulnerability in the implementation of navigator.plugins in which the navigator object could retain a pointer to the plugins array even after it had been destroyed. An attacker could potentially use this issue to crash the browser and run arbitrary code on a victim last seen 2020-06-01 modified 2020-06-02 plugin id 50466 published 2010-11-03 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50466 title openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-3421) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2010-210.NASL description Security issues were identified and fixed in firefox : Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject last seen 2020-06-01 modified 2020-06-02 plugin id 50314 published 2010-10-24 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50314 title Mandriva Linux Security Advisory : firefox (MDVSA-2010:210) NASL family Scientific Linux Local Security Checks NASL id SL_20101110_NSS_ON_SL6_X.NASL description A flaw was found in the way NSS matched SSL certificates when the certificates had a Common Name containing a wildcard and a partial IP address. NSS incorrectly accepted connections to IP addresses that fell within the SSL certificate last seen 2020-06-01 modified 2020-06-02 plugin id 60895 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60895 title Scientific Linux Security Update : nss on SL6.x i386/x86_64 NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0782.NASL description From Red Hat Security Advisory 2010:0782 : Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Network Security Services (NSS) is a set of libraries designed to support the development of security-enabled client and server applications. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3175, CVE-2010-3176, CVE-2010-3179, CVE-2010-3183, CVE-2010-3180) A flaw was found in the way the Gopher parser in Firefox converted text into HTML. A malformed file name on a Gopher server could, when accessed by a victim running Firefox, allow arbitrary JavaScript to be executed in the context of the Gopher domain. (CVE-2010-3177) A same-origin policy bypass flaw was found in Firefox. An attacker could create a malicious web page that, when viewed by a victim, could steal private data from a different website the victim has loaded with Firefox. (CVE-2010-3178) A flaw was found in the script that launches Firefox. The LD_LIBRARY_PATH variable was appending a last seen 2020-06-01 modified 2020-06-02 plugin id 68121 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68121 title Oracle Linux 4 / 5 : firefox (ELSA-2010-0782) NASL family Windows NASL id MOZILLA_FIREFOX_3611.NASL description The installed version of Firefox 3.6 is earlier than 3.6.11. Such versions are potentially affected by the following security issues : - Multiple memory safety bugs could lead to memory corruption, potentially resulting in arbitrary code execution. (MFSA 2010-64) - By passing an excessively long string to last seen 2020-06-01 modified 2020-06-02 plugin id 50085 published 2010-10-21 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50085 title Firefox 3.6 < 3.6.11 Multiple Vulnerabilities NASL family Windows NASL id MOZILLA_FIREFOX_3514.NASL description The installed version of Firefox is earlier than 3.5.14. Such versions are potentially affected by the following security issues : - Multiple memory safety bugs could lead to memory corruption, potentially resulting in arbitrary code execution. (MFSA 2010-64) - By passing an excessively long string to last seen 2020-06-01 modified 2020-06-02 plugin id 50084 published 2010-10-21 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50084 title Firefox < 3.5.14 Multiple Vulnerabilities NASL family Misc. NASL id VMWARE_VMSA-2011-0013_REMOTE.NASL description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several third-party components and libraries : - Java Runtime Environment (JRE) - libuser - Netscape Portable Runtime (NSPR) - Network Security Services (NSS) - OpenSSL last seen 2020-06-01 modified 2020-06-02 plugin id 89681 published 2016-03-04 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89681 title VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0013) (remote check) NASL family SuSE Local Security Checks NASL id SUSE_11_LIBFREEBL3-101018.NASL description The Mozilla NSS Library was updated to version 3.12.8 and the Mozilla NSPR Library was updated to 4.8.6 to fix various bugs and one security issue : - Disallow wildcard matching in X509 certificate Common Names. This update also has preparations for Firefox 4 support, and a updated Root Certificate Authority list. (CVE-2010-3170) last seen 2020-06-01 modified 2020-06-02 plugin id 50931 published 2010-12-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50931 title SuSE 11 / 11.1 Security Update : Mozilla (SAT Patch Numbers 3339 / 3340) NASL family SuSE Local Security Checks NASL id SUSE_11_MOZILLAFIREFOX-101103.NASL description This update brings Mozilla Firefox to version 3.6.12, fixing various bugs and security issues. The following security issues were fixed : - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References. (MFSA 2010-64) Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov and Josh Soref reported memory safety problems that affected Firefox 3.6 and Firefox 3.5. - Memory safety bugs - Firefox 3.6, Firefox 3.5 - Gary Kwong, Martijn Wargers and Siddharth Agarwal reported memory safety problems that affected Firefox 3.6 only. (CVE-2010-3176) - Memory safety bugs - Firefox 3.6 - CVE-2010-3175 - Security researcher Alexander Miller reported that passing an excessively long string to document.write could cause text rendering routines to end up in an inconsistent state with sections of stack memory being overwritten with the string data. An attacker could use this flaw to crash a victim last seen 2020-06-01 modified 2020-06-02 plugin id 50876 published 2010-12-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50876 title SuSE 11 / 11.1 Security Update : Mozilla Firefox (SAT Patch Numbers 3455 / 3456) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0781.NASL description Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-3176, CVE-2010-3180) A flaw was found in the way the Gopher parser in SeaMonkey converted text into HTML. A malformed file name on a Gopher server could, when accessed by a victim running SeaMonkey, allow arbitrary JavaScript to be executed in the context of the Gopher domain. (CVE-2010-3177) A flaw was found in the script that launches SeaMonkey. The LD_LIBRARY_PATH variable was appending a last seen 2020-06-01 modified 2020-06-02 plugin id 50792 published 2010-11-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50792 title CentOS 3 / 4 : seamonkey (CESA-2010:0781) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0862.NASL description From Red Hat Security Advisory 2010:0862 : Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Network Security Services (NSS) is a set of libraries designed to support the development of security-enabled client and server applications. A flaw was found in the way NSS matched SSL certificates when the certificates had a Common Name containing a wildcard and a partial IP address. NSS incorrectly accepted connections to IP addresses that fell within the SSL certificate last seen 2020-06-01 modified 2020-06-02 plugin id 68139 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68139 title Oracle Linux 6 : nss (ELSA-2010-0862) NASL family Windows NASL id SEAMONKEY_209.NASL description The installed version of SeaMonkey is earlier than 2.0.9. Such versions are potentially affected by the following security issues : - Multiple memory safety bugs could lead to memory corruption, potentially resulting in arbitrary code execution. (MFSA 2010-64) - By passing an excessively long string to last seen 2020-06-01 modified 2020-06-02 plugin id 50088 published 2010-10-21 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50088 title SeaMonkey < 2.0.9 Multiple Vulnerabilities NASL family Scientific Linux Local Security Checks NASL id SL_20101019_SEAMONKEY_ON_SL4_X.NASL description Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-3176, CVE-2010-3180) A flaw was found in the way the Gopher parser in SeaMonkey converted text into HTML. A malformed file name on a Gopher server could, when accessed by a victim running SeaMonkey, allow arbitrary JavaScript to be executed in the context of the Gopher domain. (CVE-2010-3177) A flaw was found in the script that launches SeaMonkey. The LD_LIBRARY_PATH variable was appending a last seen 2020-06-01 modified 2020-06-02 plugin id 60872 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60872 title Scientific Linux Security Update : seamonkey on SL4.x i386/x86_64 NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1007-1.NASL description Richard Moore discovered that NSS would sometimes incorrectly match an SSL certificate which had a Common Name that used a wildcard followed by a partial IP address. While it is very unlikely that a Certificate Authority would issue such a certificate, if an attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. (CVE-2010-3170) Nelson Bolyard discovered a weakness in the Diffie-Hellman Ephemeral mode (DHE) key exchange implementation which allowed servers to use a too small key length. (CVE-2010-3173). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 50081 published 2010-10-21 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50081 title Ubuntu 8.04 LTS / 9.04 / 9.10 / 10.04 LTS / 10.10 : nss vulnerabilities (USN-1007-1) NASL family SuSE Local Security Checks NASL id SUSE_MOZILLAFIREFOX-7208.NASL description This update brings Mozilla Firefox to version 3.5.15, fixing various bugs and security issues. The following security issues were fixed : - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2010-49 / CVE-2010-3169) - Security researcher Chris Rohlf of Matasano Security reported that the implementation of the HTML frameset element contained an integer overflow vulnerability. The code responsible for parsing the frameset columns used an 8-byte counter for the column numbers, so when a very large number of columns was passed in the counter would overflow. When this counter was subsequently used to allocate memory for the frameset, the memory buffer would be too small, potentially resulting in a heap buffer overflow and execution of attacker-controlled memory. (MFSA 2010-50 / CVE-2010-2765) - Security researcher Sergey Glazunov reported a dangling pointer vulnerability in the implementation of navigator.plugins in which the navigator object could retain a pointer to the plugins array even after it had been destroyed. An attacker could potentially use this issue to crash the browser and run arbitrary code on a victim last seen 2020-06-01 modified 2020-06-02 plugin id 50488 published 2010-11-05 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50488 title SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7208) NASL family Fedora Local Security Checks NASL id FEDORA_2010-15989.NASL description Update to 3.12.8 Improves handling of certificates with IP wildcards: http://www.mozilla.org/security/announce/2010/mfsa2010-70.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 50477 published 2010-11-05 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50477 title Fedora 12 : nss-3.12.8-2.fc12 / nss-softokn-3.12.8-1.fc12 / nss-util-3.12.8-1.fc12 (2010-15989) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0862.NASL description Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Network Security Services (NSS) is a set of libraries designed to support the development of security-enabled client and server applications. A flaw was found in the way NSS matched SSL certificates when the certificates had a Common Name containing a wildcard and a partial IP address. NSS incorrectly accepted connections to IP addresses that fell within the SSL certificate last seen 2020-06-01 modified 2020-06-02 plugin id 50634 published 2010-11-18 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50634 title RHEL 6 : nss (RHSA-2010:0862) NASL family SuSE Local Security Checks NASL id SUSE_11_1_MOZILLAFIREFOX-101028.NASL description This update brings Mozilla Firefox to version 3.6.12, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-64: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov and Josh Soref reported memory safety problems that affected Firefox 3.6 and Firefox 3.5. - Memory safety bugs - Firefox 3.6, Firefox 3.5 - CVE-2010-3176 Gary Kwong, Martijn Wargers and Siddharth Agarwal reported memory safety problems that affected Firefox 3.6 only. - Memory safety bugs - Firefox 3.6 - CVE-2010-3175 MFSA 2010-65 / CVE-2010-3179: Security researcher Alexander Miller reported that passing an excessively long string to document.write could cause text rendering routines to end up in an inconsistent state with sections of stack memory being overwritten with the string data. An attacker could use this flaw to crash a victim last seen 2020-06-01 modified 2020-06-02 plugin id 50460 published 2010-11-03 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50460 title openSUSE Security Update : MozillaFirefox (MozillaFirefox-3422) NASL family SuSE Local Security Checks NASL id SUSE_MOZILLA-NSPR-7196.NASL description The Mozilla NSS Library was updated to version 3.12.8 and the Mozilla NSPR Library was updated to 4.8.6 to fix various bugs and one security issue : - Disallow wildcard matching in X509 certificate Common Names. (CVE-2010-3170) This update also has preparations for Firefox 4 support, and a updated Root Certificate Authority list. last seen 2020-06-01 modified 2020-06-02 plugin id 50489 published 2010-11-05 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50489 title SuSE 10 Security Update : Mozilla (ZYPP Patch Number 7196) NASL family SuSE Local Security Checks NASL id SUSE_11_MOZILLA-XULRUNNER191-101028.NASL description This update brings Mozilla XULRunner to version 1.9.1.14, fixing various bugs and security issues. The following security issues were fixed : - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2010-49 / CVE-2010-3169) - Security researcher Chris Rohlf of Matasano Security reported that the implementation of the HTML frameset element contained an integer overflow vulnerability. The code responsible for parsing the frameset columns used an 8-byte counter for the column numbers, so when a very large number of columns was passed in the counter would overflow. When this counter was subsequently used to allocate memory for the frameset, the memory buffer would be too small, potentially resulting in a heap buffer overflow and execution of attacker-controlled memory. (MFSA 2010-50 / CVE-2010-2765) - Security researcher Sergey Glazunov reported a dangling pointer vulnerability in the implementation of navigator.plugins in which the navigator object could retain a pointer to the plugins array even after it had been destroyed. An attacker could potentially use this issue to crash the browser and run arbitrary code on a victim last seen 2020-06-01 modified 2020-06-02 plugin id 50951 published 2010-12-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50951 title SuSE 11 / 11.1 Security Update : Mozilla (SAT Patch Numbers 3417 / 3419) NASL family SuSE Local Security Checks NASL id SUSE_11_1_MOZILLATHUNDERBIRD-101021.NASL description This update brings Mozilla Thunderbird to version 3.0.9, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. MFSA 2010-50 / CVE-2010-2765: Security researcher Chris Rohlf of Matasano Security reported that the implementation of the HTML frameset element contained an integer overflow vulnerability. The code responsible for parsing the frameset columns used an 8-byte counter for the column numbers, so when a very large number of columns was passed in the counter would overflow. When this counter was subsequently used to allocate memory for the frameset, the memory buffer would be too small, potentially resulting in a heap buffer overflow and execution of attacker-controlled memory. MFSA 2010-51 / CVE-2010-2767: Security researcher Sergey Glazunov reported a dangling pointer vulnerability in the implementation of navigator.plugins in which the navigator object could retain a pointer to the plugins array even after it had been destroyed. An attacker could potentially use this issue to crash the browser and run arbitrary code on a victim last seen 2020-06-01 modified 2020-06-02 plugin id 50366 published 2010-10-28 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50366 title openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3378) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0782.NASL description Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Network Security Services (NSS) is a set of libraries designed to support the development of security-enabled client and server applications. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3175, CVE-2010-3176, CVE-2010-3179, CVE-2010-3183, CVE-2010-3180) A flaw was found in the way the Gopher parser in Firefox converted text into HTML. A malformed file name on a Gopher server could, when accessed by a victim running Firefox, allow arbitrary JavaScript to be executed in the context of the Gopher domain. (CVE-2010-3177) A same-origin policy bypass flaw was found in Firefox. An attacker could create a malicious web page that, when viewed by a victim, could steal private data from a different website the victim has loaded with Firefox. (CVE-2010-3178) A flaw was found in the script that launches Firefox. The LD_LIBRARY_PATH variable was appending a last seen 2020-06-01 modified 2020-06-02 plugin id 50040 published 2010-10-20 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50040 title RHEL 4 / 5 : firefox (RHSA-2010:0782) NASL family Fedora Local Security Checks NASL id FEDORA_2010-15520.NASL description Update to 3.12.8 Improves handling of certificates with IP wildcards: http://www.mozilla.org/security/announce/2010/mfsa2010-70.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 50354 published 2010-10-28 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50354 title Fedora 13 : nss-3.12.8-2.fc13 / nss-softokn-3.12.8-1.fc13 / nss-util-3.12.8-1.fc13 (2010-15520) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0781.NASL description From Red Hat Security Advisory 2010:0781 : Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-3176, CVE-2010-3180) A flaw was found in the way the Gopher parser in SeaMonkey converted text into HTML. A malformed file name on a Gopher server could, when accessed by a victim running SeaMonkey, allow arbitrary JavaScript to be executed in the context of the Gopher domain. (CVE-2010-3177) A flaw was found in the script that launches SeaMonkey. The LD_LIBRARY_PATH variable was appending a last seen 2020-06-01 modified 2020-06-02 plugin id 68120 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68120 title Oracle Linux 3 / 4 : seamonkey (ELSA-2010-0781) NASL family SuSE Local Security Checks NASL id SUSE_11_2_MOZILLATHUNDERBIRD-101022.NASL description This update brings Mozilla Thunderbird to version 3.0.9, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. MFSA 2010-50 / CVE-2010-2765: Security researcher Chris Rohlf of Matasano Security reported that the implementation of the HTML frameset element contained an integer overflow vulnerability. The code responsible for parsing the frameset columns used an 8-byte counter for the column numbers, so when a very large number of columns was passed in the counter would overflow. When this counter was subsequently used to allocate memory for the frameset, the memory buffer would be too small, potentially resulting in a heap buffer overflow and execution of attacker-controlled memory. MFSA 2010-51 / CVE-2010-2767: Security researcher Sergey Glazunov reported a dangling pointer vulnerability in the implementation of navigator.plugins in which the navigator object could retain a pointer to the plugins array even after it had been destroyed. An attacker could potentially use this issue to crash the browser and run arbitrary code on a victim last seen 2020-06-01 modified 2020-06-02 plugin id 50372 published 2010-10-28 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50372 title openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3378) NASL family SuSE Local Security Checks NASL id SUSE_11_1_SEAMONKEY-101021.NASL description This update brings Mozilla SeaMonkey to version 2.0.9, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. MFSA 2010-50 / CVE-2010-2765: Security researcher Chris Rohlf of Matasano Security reported that the implementation of the HTML frameset element contained an integer overflow vulnerability. The code responsible for parsing the frameset columns used an 8-byte counter for the column numbers, so when a very large number of columns was passed in the counter would overflow. When this counter was subsequently used to allocate memory for the frameset, the memory buffer would be too small, potentially resulting in a heap buffer overflow and execution of attacker-controlled memory. MFSA 2010-51 / CVE-2010-2767: Security researcher Sergey Glazunov reported a dangling pointer vulnerability in the implementation of navigator.plugins in which the navigator object could retain a pointer to the plugins array even after it had been destroyed. An attacker could potentially use this issue to crash the browser and run arbitrary code on a victim last seen 2020-06-01 modified 2020-06-02 plugin id 50371 published 2010-10-28 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50371 title openSUSE Security Update : seamonkey (seamonkey-3372) NASL family Scientific Linux Local Security Checks NASL id SL_20101019_FIREFOX_ON_SL4_X.NASL description Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3175, CVE-2010-3176, CVE-2010-3179, CVE-2010-3183, CVE-2010-3180) A flaw was found in the way the Gopher parser in Firefox converted text into HTML. A malformed file name on a Gopher server could, when accessed by a victim running Firefox, allow arbitrary JavaScript to be executed in the context of the Gopher domain. (CVE-2010-3177) A same-origin policy bypass flaw was found in Firefox. An attacker could create a malicious web page that, when viewed by a victim, could steal private data from a different website the victim has loaded with Firefox. (CVE-2010-3178) A flaw was found in the script that launches Firefox. The LD_LIBRARY_PATH variable was appending a last seen 2020-06-01 modified 2020-06-02 plugin id 60870 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60870 title Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64 NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201301-01.NASL description The remote host is affected by the vulnerability described in GLSA-201301-01 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL’s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser’s font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 63402 published 2013-01-08 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63402 title GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST) NASL family SuSE Local Security Checks NASL id SUSE_11_3_SEAMONKEY-101021.NASL description This update brings Mozilla SeaMonkey to version 2.0.9, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. MFSA 2010-50 / CVE-2010-2765: Security researcher Chris Rohlf of Matasano Security reported that the implementation of the HTML frameset element contained an integer overflow vulnerability. The code responsible for parsing the frameset columns used an 8-byte counter for the column numbers, so when a very large number of columns was passed in the counter would overflow. When this counter was subsequently used to allocate memory for the frameset, the memory buffer would be too small, potentially resulting in a heap buffer overflow and execution of attacker-controlled memory. MFSA 2010-51 / CVE-2010-2767: Security researcher Sergey Glazunov reported a dangling pointer vulnerability in the implementation of navigator.plugins in which the navigator object could retain a pointer to the plugins array even after it had been destroyed. An attacker could potentially use this issue to crash the browser and run arbitrary code on a victim last seen 2020-06-01 modified 2020-06-02 plugin id 75733 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/75733 title openSUSE Security Update : seamonkey (seamonkey-3372) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0781.NASL description Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-3176, CVE-2010-3180) A flaw was found in the way the Gopher parser in SeaMonkey converted text into HTML. A malformed file name on a Gopher server could, when accessed by a victim running SeaMonkey, allow arbitrary JavaScript to be executed in the context of the Gopher domain. (CVE-2010-3177) A flaw was found in the script that launches SeaMonkey. The LD_LIBRARY_PATH variable was appending a last seen 2020-06-01 modified 2020-06-02 plugin id 50039 published 2010-10-20 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50039 title RHEL 3 / 4 : seamonkey (RHSA-2010:0781) NASL family SuSE Local Security Checks NASL id SUSE_11_1_LIBFREEBL3-100930.NASL description The Mozilla NSS Library was updated to version 3.12.8 and the Mozilla NSPR Library was updated to 4.8.6 to fix various bugs and one security issue. CVE-2010-3170: Disallow wildcard matching in X509 certificate Common Names. This update also has preparations for Firefox 4 support, and a updated Root Certificate Authority list. last seen 2020-06-01 modified 2020-06-02 plugin id 50368 published 2010-10-28 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50368 title openSUSE Security Update : libfreebl3 (openSUSE-SU-2010:0904-1) NASL family Fedora Local Security Checks NASL id FEDORA_2010-15897.NASL description Update to 3.12.8 Improves handling of certificates with IP wildcards: http://www.mozilla.org/security/announce/2010/mfsa2010-70.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 50391 published 2010-10-29 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50391 title Fedora 14 : nss-3.12.8-2.fc14 / nss-softokn-3.12.8-1.fc14 / nss-util-3.12.8-1.fc14 (2010-15897) NASL family Windows NASL id MOZILLA_THUNDERBIRD_315.NASL description The installed version of Thunderbird 3.1 is earlier than 3.1.5. Such versions are potentially affected by the following security issues : - Multiple memory safety bugs could lead to memory corruption, potentially resulting in arbitrary code execution. (MFSA 2010-64) - By passing an excessively long string to last seen 2020-06-01 modified 2020-06-02 plugin id 50087 published 2010-10-21 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50087 title Mozilla Thunderbird 3.1 < 3.1.5 Multiple Vulnerabilities NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2123.NASL description Several vulnerabilities have been discovered in Mozilla last seen 2020-06-01 modified 2020-06-02 plugin id 50452 published 2010-11-03 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50452 title Debian DSA-2123-1 : nss - several vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_11_3_MOZILLATHUNDERBIRD-101021.NASL description This update brings Mozilla Thunderbird to version 3.0.9, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. MFSA 2010-50 / CVE-2010-2765: Security researcher Chris Rohlf of Matasano Security reported that the implementation of the HTML frameset element contained an integer overflow vulnerability. The code responsible for parsing the frameset columns used an 8-byte counter for the column numbers, so when a very large number of columns was passed in the counter would overflow. When this counter was subsequently used to allocate memory for the frameset, the memory buffer would be too small, potentially resulting in a heap buffer overflow and execution of attacker-controlled memory. MFSA 2010-51 / CVE-2010-2767: Security researcher Sergey Glazunov reported a dangling pointer vulnerability in the implementation of navigator.plugins in which the navigator object could retain a pointer to the plugins array even after it had been destroyed. An attacker could potentially use this issue to crash the browser and run arbitrary code on a victim last seen 2020-06-01 modified 2020-06-02 plugin id 75660 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/75660 title openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3378) NASL family SuSE Local Security Checks NASL id SUSE_11_2_SEAMONKEY-101021.NASL description This update brings Mozilla SeaMonkey to version 2.0.9, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. MFSA 2010-50 / CVE-2010-2765: Security researcher Chris Rohlf of Matasano Security reported that the implementation of the HTML frameset element contained an integer overflow vulnerability. The code responsible for parsing the frameset columns used an 8-byte counter for the column numbers, so when a very large number of columns was passed in the counter would overflow. When this counter was subsequently used to allocate memory for the frameset, the memory buffer would be too small, potentially resulting in a heap buffer overflow and execution of attacker-controlled memory. MFSA 2010-51 / CVE-2010-2767: Security researcher Sergey Glazunov reported a dangling pointer vulnerability in the implementation of navigator.plugins in which the navigator object could retain a pointer to the plugins array even after it had been destroyed. An attacker could potentially use this issue to crash the browser and run arbitrary code on a victim last seen 2020-06-01 modified 2020-06-02 plugin id 50376 published 2010-10-28 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50376 title openSUSE Security Update : seamonkey (seamonkey-3372) NASL family SuSE Local Security Checks NASL id SUSE_11_MOZILLA-XULRUNNER191-101118.NASL description This update brings the Mozilla XULRunner engine to version 1.9.1.15, fixing various bugs and security issues. The following security issues were fixed : - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References. (MFSA 2010-64) Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov and Josh Soref reported memory safety problems that affected Firefox 3.6 and Firefox 3.5. - Memory safety bugs - Firefox 3.6, Firefox 3.5 - Gary Kwong, Martijn Wargers and Siddharth Agarwal reported memory safety problems that affected Firefox 3.6 only. (CVE-2010-3176) - Memory safety bugs - Firefox 3.6 - CVE-2010-3175 - Security researcher Alexander Miller reported that passing an excessively long string to document.write could cause text rendering routines to end up in an inconsistent state with sections of stack memory being overwritten with the string data. An attacker could use this flaw to crash a victim last seen 2020-06-01 modified 2020-06-02 plugin id 50952 published 2010-12-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50952 title SuSE 11 / 11.1 Security Update : Mozilla XULrunner (SAT Patch Numbers 3557 / 3558) NASL family SuSE Local Security Checks NASL id SUSE_11_2_MOZILLAFIREFOX-101028.NASL description This update brings Mozilla Firefox to version 3.6.12, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-64: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov and Josh Soref reported memory safety problems that affected Firefox 3.6 and Firefox 3.5. - Memory safety bugs - Firefox 3.6, Firefox 3.5 - CVE-2010-3176 Gary Kwong, Martijn Wargers and Siddharth Agarwal reported memory safety problems that affected Firefox 3.6 only. - Memory safety bugs - Firefox 3.6 - CVE-2010-3175 MFSA 2010-65 / CVE-2010-3179: Security researcher Alexander Miller reported that passing an excessively long string to document.write could cause text rendering routines to end up in an inconsistent state with sections of stack memory being overwritten with the string data. An attacker could use this flaw to crash a victim last seen 2020-06-01 modified 2020-06-02 plugin id 50464 published 2010-11-03 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50464 title openSUSE Security Update : MozillaFirefox (MozillaFirefox-3422)
Oval
| accepted | 2014-10-06T04:00:37.729-04:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
| description | Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| family | windows | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:12254 | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| submitted | 2010-10-26T10:19:56 | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| title | SSL Server X.509 Certificate Spoofing Vulnerability in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| version | 37 |
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
- http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html
- http://secunia.com/advisories/41839
- http://secunia.com/advisories/42867
- http://support.avaya.com/css/P8/documents/100114250
- http://support.avaya.com/css/P8/documents/100120156
- http://www.debian.org/security/2010/dsa-2123
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:210
- http://www.mozilla.org/security/announce/2010/mfsa2010-70.html
- http://www.redhat.com/support/errata/RHSA-2010-0781.html
- http://www.redhat.com/support/errata/RHSA-2010-0782.html
- http://www.ubuntu.com/usn/USN-1007-1
- http://www.vupen.com/english/advisories/2011/0061
- https://bugzilla.mozilla.org/show_bug.cgi?id=578697
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12254