Vulnerabilities > CVE-2011-2365 - Memory Corruption vulnerability in Mozilla Firefox and Thunderbird
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2364.
Vulnerable Configurations
Nessus
NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2011-111.NASL description Security issues were identified and fixed in mozilla firefox and thunderbird : Security researcher regenrecht reported via TippingPoint last seen 2020-06-01 modified 2020-06-02 plugin id 55406 published 2011-06-23 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/55406 title Mandriva Linux Security Advisory : mozilla (MDVSA-2011:111) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2011:111. # The text itself is copyright (C) Mandriva S.A. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(55406); script_version("1.12"); script_cvs_date("Date: 2019/08/02 13:32:54"); script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2364", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2375", "CVE-2011-2376", "CVE-2011-2377"); script_xref(name:"MDVSA", value:"2011:111"); script_name(english:"Mandriva Linux Security Advisory : mozilla (MDVSA-2011:111)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Security issues were identified and fixed in mozilla firefox and thunderbird : Security researcher regenrecht reported via TippingPoint's Zero Day Initiative two instances of code which modifies SVG element lists failed to account for changes made to the list by user-supplied callbacks before accessing list elements. If a user-supplied callback deleted such an object, the element-modifying code could wind up accessing deleted memory and potentially executing attacker-controlled memory. regenrecht also reported via TippingPoint's Zero Day Initiative that a XUL document could force the nsXULCommandDispatcher to remove all command updaters from the queue, including the one currently in use. This could result in the execution of deleted memory which an attacker could use to run arbitrary code on a victim's computer (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363). Mozilla security researcher David Chan reported that cookies set for example.com. (note the trailing dot) and example.com were treated as interchangeable. This is a violation of same-origin conventions and could potentially lead to leakage of cookie data to the wrong party (CVE-2011-2362). Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376). Security researchers Chris Rohlf and Yan Ivnitskiy of Matasano Security reported that when a JavaScript Array object had its length set to an extremely large value, the iteration of array elements that occurs when its reduceRight method was subsequently called could result in the execution of attacker controlled memory due to an invalid index value being used to access element properties (CVE-2011-2371). Security researcher Martin Barbella reported that under certain conditions, viewing a XUL document while JavaScript was disabled caused deleted memory to be accessed. This flaw could potentially be used by an attacker to crash a victim's browser and run arbitrary code on their computer (CVE-2011-2373). Security researcher Jordi Chancel reported a crash on multipart/x-mixed-replace images due to memory corruption (CVE-2011-2377). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149 products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates." ); # http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.18 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?5694f54a" ); script_set_attribute( attribute:"see_also", value:"http://www.mozillamessaging.com/en-US/thunderbird/3.1.11/releasenotes/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:beagle"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:beagle-crawl-system"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:beagle-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:beagle-epiphany"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:beagle-evolution"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:beagle-gui"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:beagle-gui-qt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:beagle-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:devhelp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:devhelp-plugins"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:epiphany"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:epiphany-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-af"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-be"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-bg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-bn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ca"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-cs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-cy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-da"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-de"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-el"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-en_GB"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-eo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-es_AR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-es_ES"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-et"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-eu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ext-beagle"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ext-blogrovr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ext-mozvoikko"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ext-r-kiosk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ext-scribefire"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ext-weave-sync"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ext-xmarks"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-fi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-fr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-fy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ga_IE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-gl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-gu_IN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-he"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-hi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-hu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-id"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-is"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-it"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ja"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ka"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-kn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ko"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ku"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-lt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-lv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-mk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-mr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-nb_NO"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-nl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-nn_NO"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-oc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-pa_IN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-pl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-pt_BR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-pt_PT"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ro"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ru"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-si"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-sk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-sl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-sq"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-sr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-sv_SE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-te"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-th"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-theme-kfirefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-tr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-uk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-zh_CN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-zh_TW"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gjs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-extras"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gda"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gda-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gdl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gtkhtml2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gtkmozembed"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gtkspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64devhelp-1-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64devhelp-1_0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64gjs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64gjs0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xulrunner-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xulrunner1.9.2.18"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libdevhelp-1-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libdevhelp-1_0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgjs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgjs0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxulrunner-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxulrunner1.9.2.18"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-af"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-be"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-beagle"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-bg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-bn_BD"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ca"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-cs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-da"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-de"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-el"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-en_GB"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ca"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-cs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-de"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-el"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-es"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-hu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-it"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ja"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ko"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt_BR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ru"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-tr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-vi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-zh_CN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-zh_TW"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-es_AR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-es_ES"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-et"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-et_EE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-eu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-fi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-fr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-fy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ga"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-gl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-he"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-hu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-id"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-is"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-it"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ja"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ka"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ko"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-lightning"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-lt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-nb_NO"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-nl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-nn_NO"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pa_IN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pt_BR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pt_PT"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ro"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ru"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-si"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sq"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sv_SE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-tr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-uk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-vi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-zh_CN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-zh_TW"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nsinstall"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:xulrunner"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:yelp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.1"); script_set_attribute(attribute:"patch_publication_date", value:"2011/06/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/23"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2009.0", reference:"beagle-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"beagle-crawl-system-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"beagle-doc-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"beagle-epiphany-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"beagle-evolution-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"beagle-gui-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"beagle-gui-qt-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"beagle-libs-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"devhelp-0.21-3.26mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"devhelp-plugins-0.21-3.26mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"epiphany-2.24.3-0.15mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"epiphany-devel-2.24.3-0.15mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-af-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-ar-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-be-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-bg-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-bn-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-ca-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-cs-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-cy-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-da-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-de-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-devel-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-el-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-en_GB-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-eo-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-es_AR-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-es_ES-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-et-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-eu-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-ext-beagle-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-ext-blogrovr-1.1.804-0.14mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-ext-mozvoikko-1.0-0.14mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-ext-scribefire-3.5.1-0.14mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-ext-xmarks-3.5.10-0.14mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-fi-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-fr-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-fy-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-ga_IE-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-gl-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-gu_IN-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-he-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-hi-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-hu-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-id-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-is-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-it-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-ja-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-ka-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-kn-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-ko-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-ku-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-lt-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-lv-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-mk-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-mr-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-nb_NO-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-nl-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-nn_NO-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-oc-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-pa_IN-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-pl-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-pt_BR-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-pt_PT-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-ro-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-ru-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-si-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-sk-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-sl-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-sq-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-sr-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-sv_SE-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-te-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-th-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-theme-kfirefox-0.16-0.14mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-tr-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-uk-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-zh_CN-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"firefox-zh_TW-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"gnome-python-extras-2.19.1-20.28mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"gnome-python-gda-2.19.1-20.28mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"gnome-python-gda-devel-2.19.1-20.28mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"gnome-python-gdl-2.19.1-20.28mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"gnome-python-gtkhtml2-2.19.1-20.28mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"gnome-python-gtkmozembed-2.19.1-20.28mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"gnome-python-gtkspell-2.19.1-20.28mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64devhelp-1-devel-0.21-3.26mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64devhelp-1_0-0.21-3.26mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64xulrunner-devel-1.9.2.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64xulrunner1.9.2.18-1.9.2.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libdevhelp-1-devel-0.21-3.26mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libdevhelp-1_0-0.21-3.26mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libxulrunner-devel-1.9.2.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libxulrunner1.9.2.18-1.9.2.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-af-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-ar-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-be-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-beagle-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-bg-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-bn_BD-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-ca-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-cs-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-da-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-de-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-el-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-en_GB-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-ar-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-ca-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-cs-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-de-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-el-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-es-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-fi-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-fr-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-hu-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-it-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-ja-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-ko-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-nb-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-nl-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-pl-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-pt-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-pt_BR-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-ru-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-sl-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-sv-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-tr-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-vi-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-zh_CN-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-zh_TW-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-es_AR-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-es_ES-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-et-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-et_EE-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-eu-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-fi-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-fr-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-fy-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-ga-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-gd-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-gl-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-he-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-hu-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-id-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-is-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-it-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-ja-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-ka-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-ko-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-lightning-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-lt-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-nb_NO-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-nl-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-nn_NO-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-pa_IN-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-pl-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-pt_BR-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-pt_PT-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-ro-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-ru-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-si-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-sk-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-sl-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-sq-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-sr-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-sv_SE-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-tr-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-uk-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-vi-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-zh_CN-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-zh_TW-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"nsinstall-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"xulrunner-1.9.2.18-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"yelp-2.24.0-3.29mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"beagle-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"beagle-crawl-system-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"beagle-doc-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"beagle-evolution-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"beagle-gui-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"beagle-gui-qt-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"beagle-libs-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-af-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-ar-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-be-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-bg-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-bn-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-ca-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-cs-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-cy-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-da-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-de-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-devel-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-el-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-en_GB-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-eo-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-es_AR-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-es_ES-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-et-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-eu-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-ext-beagle-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-ext-blogrovr-1.1.804-13.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-ext-mozvoikko-1.0.1-2.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-ext-r-kiosk-0.8.1-2.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-ext-scribefire-3.5.2-2.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-ext-weave-sync-1.1-5.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-ext-xmarks-3.6.14-2.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-fi-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-fr-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-fy-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-ga_IE-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-gl-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-gu_IN-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-he-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-hi-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-hu-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-id-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-is-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-it-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-ja-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-ka-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-kn-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-ko-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-ku-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-lt-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-lv-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-mk-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-mr-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-nb_NO-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-nl-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-nn_NO-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-oc-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-pa_IN-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-pl-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-pt_BR-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-pt_PT-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-ro-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-ru-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-si-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-sk-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-sl-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-sq-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-sr-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-sv_SE-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-te-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-th-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-tr-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-uk-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-zh_CN-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"firefox-zh_TW-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"gjs-0.6-4.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"gnome-python-extras-2.25.3-18.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"gnome-python-gda-2.25.3-18.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"gnome-python-gda-devel-2.25.3-18.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"gnome-python-gdl-2.25.3-18.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"gnome-python-gtkhtml2-2.25.3-18.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"gnome-python-gtkmozembed-2.25.3-18.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"gnome-python-gtkspell-2.25.3-18.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64gjs-devel-0.6-4.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64gjs0-0.6-4.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64xulrunner-devel-1.9.2.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64xulrunner1.9.2.18-1.9.2.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libgjs-devel-0.6-4.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libgjs0-0.6-4.12mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libxulrunner-devel-1.9.2.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libxulrunner1.9.2.18-1.9.2.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-af-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-ar-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-be-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-beagle-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-bg-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-bn_BD-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-ca-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-cs-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-da-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-de-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-el-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-en_GB-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-ar-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-ca-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-cs-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-de-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-el-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-es-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-fi-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-fr-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-hu-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-it-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-ja-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-ko-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-nb-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-nl-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-pl-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-pt-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-pt_BR-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-ru-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-sl-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-sv-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-tr-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-vi-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-zh_CN-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-zh_TW-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-es_AR-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-es_ES-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-et-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-et_EE-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-eu-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-fi-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-fr-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-fy-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-ga-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-gd-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-gl-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-he-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-hu-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-id-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-is-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-it-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-ja-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-ka-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-ko-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-lightning-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-lt-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-nb_NO-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-nl-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-nn_NO-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-pa_IN-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-pl-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-pt_BR-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-pt_PT-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-ro-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-ru-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-si-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-sk-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-sl-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-sq-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-sr-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-sv_SE-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-tr-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-uk-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-vi-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-zh_CN-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-zh_TW-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"nsinstall-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"xulrunner-1.9.2.18-0.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"yelp-2.30.1-4.12mdv2010.2", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2011-0886.NASL description An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing last seen 2020-06-01 modified 2020-06-02 plugin id 55399 published 2011-06-22 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55399 title RHEL 6 : thunderbird (RHSA-2011:0886) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2011:0886. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(55399); script_version ("1.15"); script_cvs_date("Date: 2019/10/25 13:36:16"); script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2364", "CVE-2011-2365", "CVE-2011-2374", "CVE-2011-2375", "CVE-2011-2376", "CVE-2011-2377", "CVE-2011-2605"); script_xref(name:"RHSA", value:"2011:0886"); script_name(english:"RHEL 6 : thunderbird (RHSA-2011:0886)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing '.' character. This violates the same-origin policy and could possibly lead to data being leaked to the wrong domain. (CVE-2011-2362) All Thunderbird users should upgrade to this updated package, which resolves these issues. All running instances of Thunderbird must be restarted for the update to take effect." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-0083" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-0085" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2362" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2363" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2364" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2365" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2374" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2375" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2376" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2377" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2605" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2011:0886" ); script_set_attribute( attribute:"solution", value: "Update the affected thunderbird and / or thunderbird-debuginfo packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:thunderbird"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.1"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/06/30"); script_set_attribute(attribute:"patch_publication_date", value:"2011/06/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/22"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2011:0886"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"thunderbird-3.1.11-2.el6_1")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"thunderbird-3.1.11-2.el6_1")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"thunderbird-3.1.11-2.el6_1")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"thunderbird-debuginfo-3.1.11-2.el6_1")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"thunderbird-debuginfo-3.1.11-2.el6_1")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"thunderbird-debuginfo-3.1.11-2.el6_1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "thunderbird / thunderbird-debuginfo"); } }
NASL family SuSE Local Security Checks NASL id SUSE_11_3_MOZILLAFIREFOX-110622.NASL description Mozilla Firefox was updated to the 3.6.18 security release. - MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards - MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled - MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images - MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight() - MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 Multiple dangling pointer vulnerabilities - MFSA 2011-24/CVE-2011-2362 (bmo#616264) Cookie isolation error last seen 2020-06-01 modified 2020-06-02 plugin id 75653 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/75653 title openSUSE Security Update : MozillaFirefox (MozillaFirefox-4761) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update MozillaFirefox-4761. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75653); script_version("1.3"); script_cvs_date("Date: 2019/10/25 13:36:41"); script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2364", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2376", "CVE-2011-2377"); script_name(english:"openSUSE Security Update : MozillaFirefox (MozillaFirefox-4761)"); script_summary(english:"Check for the MozillaFirefox-4761 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Mozilla Firefox was updated to the 3.6.18 security release. - MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards - MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled - MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images - MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight() - MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 Multiple dangling pointer vulnerabilities - MFSA 2011-24/CVE-2011-2362 (bmo#616264) Cookie isolation error" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=701296" ); script_set_attribute( attribute:"solution", value:"Update the affected MozillaFirefox packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-buildsymbols"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other-32bit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3"); script_set_attribute(attribute:"patch_publication_date", value:"2011/06/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.3", reference:"MozillaFirefox-3.6.18-0.2.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"MozillaFirefox-branding-upstream-3.6.18-0.2.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"MozillaFirefox-translations-common-3.6.18-0.2.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"MozillaFirefox-translations-other-3.6.18-0.2.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"mozilla-js192-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-buildsymbols-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-devel-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-gnome-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-translations-common-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-translations-other-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"mozilla-js192-32bit-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"mozilla-xulrunner192-32bit-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"mozilla-xulrunner192-gnome-32bit-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"mozilla-xulrunner192-translations-common-32bit-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"mozilla-xulrunner192-translations-other-32bit-1.9.2.18-1.2.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox / MozillaFirefox-branding-upstream / etc"); }
NASL family Scientific Linux Local Security Checks NASL id SL_20110621_FIREFOX_ON_SL4_X.NASL description Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the way Firefox handled malformed JPEG images. A website containing a malicious JPEG image could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2377) Multiple dangling pointer flaws were found in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Firefox handled JavaScript Array objects. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2371) A use-after-free flaw was found in the way Firefox handled malformed JavaScript. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2373) It was found that Firefox could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing last seen 2020-06-01 modified 2020-06-02 plugin id 61070 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/61070 title Scientific Linux Security Update : firefox on SL4.x, SL5.x, SL6.x i386/x86_64 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(61070); script_version("1.6"); script_cvs_date("Date: 2019/10/25 13:36:19"); script_cve_id("CVE-2011-0083", "CVE-2011-2362", "CVE-2011-2364", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2377"); script_name(english:"Scientific Linux Security Update : firefox on SL4.x, SL5.x, SL6.x i386/x86_64"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the way Firefox handled malformed JPEG images. A website containing a malicious JPEG image could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2377) Multiple dangling pointer flaws were found in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Firefox handled JavaScript Array objects. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2371) A use-after-free flaw was found in the way Firefox handled malformed JavaScript. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2373) It was found that Firefox could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing '.' character. This violates the same-origin policy and could possibly lead to data being leaked to the wrong domain. (CVE-2011-2362) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.6.18. You can find a link to the Mozilla advisories in the References section of this erratum. This update also fixes the following bug : - With previous versions of Firefox on Scientific Linux 5, the 'background-repeat' CSS (Cascading Style Sheets) property did not work (such images were not displayed and repeated as expected). All Firefox users should upgrade to these updated packages, which contain Firefox version 3.6.18, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect." ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1106&L=scientific-linux-errata&T=0&P=4628 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?23ea77e2" ); script_set_attribute( attribute:"solution", value: "Update the affected firefox, xulrunner and / or xulrunner-devel packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/06/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL4", reference:"firefox-3.6.18-2.el4")) flag++; if (rpm_check(release:"SL5", reference:"firefox-3.6.18-1.el5_6")) flag++; if (rpm_check(release:"SL5", reference:"xulrunner-1.9.2.18-2.el5_6")) flag++; if (rpm_check(release:"SL5", reference:"xulrunner-devel-1.9.2.18-2.el5_6")) flag++; if (rpm_check(release:"SL6", reference:"firefox-3.6.18-1.el6_1")) flag++; if (rpm_check(release:"SL6", reference:"xulrunner-1.9.2.18-2.el6_1")) flag++; if (rpm_check(release:"SL6", reference:"xulrunner-devel-1.9.2.18-2.el6_1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Scientific Linux Local Security Checks NASL id SL_20110621_THUNDERBIRD_ON_SL6_X.NASL description Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing last seen 2020-06-01 modified 2020-06-02 plugin id 61074 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/61074 title Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(61074); script_version("1.4"); script_cvs_date("Date: 2019/10/25 13:36:19"); script_cve_id("CVE-2011-0083", "CVE-2011-2362", "CVE-2011-2364", "CVE-2011-2377"); script_name(english:"Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Scientific Linux host is missing a security update." ); script_set_attribute( attribute:"description", value: "Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing '.' character. This violates the same-origin policy and could possibly lead to data being leaked to the wrong domain. (CVE-2011-2362) All Thunderbird users should upgrade to this updated package, which resolves these issues. All running instances of Thunderbird must be restarted for the update to take effect." ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1106&L=scientific-linux-errata&T=0&P=4365 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?3152f149" ); script_set_attribute( attribute:"solution", value:"Update the affected thunderbird package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/06/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL6", reference:"thunderbird-3.1.11-2.el6_1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2273.NASL description Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. - CVE-2011-0083 / CVE-2011-2363 last seen 2020-03-17 modified 2011-07-07 plugin id 55524 published 2011-07-07 reporter This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55524 title Debian DSA-2273-1 : icedove - several vulnerabilities code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-2273. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(55524); script_version("1.18"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2376"); script_bugtraq_id(48357, 48358, 48360, 48361, 48366, 48368, 48372, 48373, 48376); script_xref(name:"DSA", value:"2273"); script_name(english:"Debian DSA-2273-1 : icedove - several vulnerabilities"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. - CVE-2011-0083 / CVE-2011-2363 'regenrecht' discovered two use-after-frees in SVG processing, which could lead to the execution of arbitrary code. - CVE-2011-0085 'regenrecht' discovered a use-after-free in XUL processing, which could lead to the execution of arbitrary code. - CVE-2011-2362 David Chan discovered that cookies were insufficiently isolated. - CVE-2011-2371 Chris Rohlf and Yan Ivnitskiy discovered an integer overflow in the JavaScript engine, which could lead to the execution of arbitrary code. - CVE-2011-2373 Martin Barbella discovered a use-after-free in XUL processing, which could lead to the execution of arbitrary code. - CVE-2011-2374 Bob Clary, Kevin Brosnan, Nils, Gary Kwong, Jesse Ruderman and Christian Biesinger discovered memory corruption bugs, which may lead to the execution of arbitrary code. - CVE-2011-2376 Luke Wagner and Gary Kwong discovered memory corruption bugs, which may lead to the execution of arbitrary code. As indicated in the Lenny (oldstable) release notes, security support for the Icedove packages in the oldstable needed to be stopped before the end of the regular Lenny security maintenance life cycle. You are strongly encouraged to upgrade to stable or switch to a different mail client." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-0083" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2363" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-0085" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2362" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2371" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2373" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2374" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2376" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/squeeze/icedove" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2011/dsa-2273" ); script_set_attribute( attribute:"solution", value: "Upgrade the icedove packages. For the stable distribution (squeeze), this problem has been fixed in version 3.0.11-1+squeeze3." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:icedove"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0"); script_set_attribute(attribute:"patch_publication_date", value:"2011/07/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/07/07"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"6.0", prefix:"icedove", reference:"3.0.11-1+squeeze3")) flag++; if (deb_check(release:"6.0", prefix:"icedove-dbg", reference:"3.0.11-1+squeeze3")) flag++; if (deb_check(release:"6.0", prefix:"icedove-dev", reference:"3.0.11-1+squeeze3")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2011-0885.NASL description Updated firefox packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the way Firefox handled malformed JPEG images. A website containing a malicious JPEG image could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2377) Multiple dangling pointer flaws were found in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Firefox handled JavaScript Array objects. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2371) A use-after-free flaw was found in the way Firefox handled malformed JavaScript. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2373) It was found that Firefox could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing last seen 2020-06-01 modified 2020-06-02 plugin id 55398 published 2011-06-22 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55398 title RHEL 4 / 5 / 6 : firefox (RHSA-2011:0885) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2011:0885. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(55398); script_version ("1.22"); script_cvs_date("Date: 2019/10/25 13:36:16"); script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2364", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2375", "CVE-2011-2376", "CVE-2011-2377", "CVE-2011-2605"); script_xref(name:"RHSA", value:"2011:0885"); script_name(english:"RHEL 4 / 5 / 6 : firefox (RHSA-2011:0885)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated firefox packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the way Firefox handled malformed JPEG images. A website containing a malicious JPEG image could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2377) Multiple dangling pointer flaws were found in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Firefox handled JavaScript Array objects. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2371) A use-after-free flaw was found in the way Firefox handled malformed JavaScript. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2373) It was found that Firefox could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing '.' character. This violates the same-origin policy and could possibly lead to data being leaked to the wrong domain. (CVE-2011-2362) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.6.18. You can find a link to the Mozilla advisories in the References section of this erratum. This update also fixes the following bug : * With previous versions of Firefox on Red Hat Enterprise Linux 5, the 'background-repeat' CSS (Cascading Style Sheets) property did not work (such images were not displayed and repeated as expected). (BZ#698313) All Firefox users should upgrade to these updated packages, which contain Firefox version 3.6.18, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-0083" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-0085" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2362" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2363" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2364" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2365" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2371" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2373" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2374" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2375" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2376" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2377" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-2605" ); # http://www.mozilla.org/security/known-vulnerabilities/firefox36.html# script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?ab0bbddd" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2011:0885" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:firefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:firefox-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xulrunner"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xulrunner-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xulrunner-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.8"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.1"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/06/30"); script_set_attribute(attribute:"patch_publication_date", value:"2011/06/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/22"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^(4|5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x / 5.x / 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2011:0885"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL4", reference:"firefox-3.6.18-2.el4")) flag++; if (rpm_check(release:"RHEL5", reference:"firefox-3.6.18-1.el5_6")) flag++; if (rpm_check(release:"RHEL5", reference:"xulrunner-1.9.2.18-2.el5_6")) flag++; if (rpm_check(release:"RHEL5", reference:"xulrunner-devel-1.9.2.18-2.el5_6")) flag++; if (rpm_check(release:"RHEL6", reference:"firefox-3.6.18-1.el6_1")) flag++; if (rpm_check(release:"RHEL6", reference:"firefox-debuginfo-3.6.18-1.el6_1")) flag++; if (rpm_check(release:"RHEL6", reference:"xulrunner-1.9.2.18-2.el6_1")) flag++; if (rpm_check(release:"RHEL6", reference:"xulrunner-debuginfo-1.9.2.18-2.el6_1")) flag++; if (rpm_check(release:"RHEL6", reference:"xulrunner-devel-1.9.2.18-2.el6_1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "firefox / firefox-debuginfo / xulrunner / xulrunner-debuginfo / etc"); } }
NASL family SuSE Local Security Checks NASL id SUSE_11_4_MOZILLA-JS192-110622.NASL description mozilla-xulrunner192 was updated to the 1.9.2.18 security release. dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight() dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 Multiple dangling pointer vulnerabilities dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-24/CVE-2011-2362 (bmo#616264) Cookie isolation error last seen 2020-06-01 modified 2020-06-02 plugin id 75957 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/75957 title openSUSE Security Update : mozilla-js192 (mozilla-js192-4771) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update mozilla-js192-4771. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75957); script_version("1.3"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2364", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2376", "CVE-2011-2377"); script_name(english:"openSUSE Security Update : mozilla-js192 (mozilla-js192-4771)"); script_summary(english:"Check for the mozilla-js192-4771 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "mozilla-xulrunner192 was updated to the 1.9.2.18 security release. dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight() dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 Multiple dangling pointer vulnerabilities dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-24/CVE-2011-2362 (bmo#616264) Cookie isolation error" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=701296" ); script_set_attribute( attribute:"solution", value:"Update the affected mozilla-js192 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-buildsymbols"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other-32bit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4"); script_set_attribute(attribute:"patch_publication_date", value:"2011/06/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.4", reference:"mozilla-js192-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"mozilla-js192-debuginfo-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-buildsymbols-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-debuginfo-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-debugsource-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-devel-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-devel-debuginfo-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-gnome-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-gnome-debuginfo-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-translations-common-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-translations-other-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-js192-32bit-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-js192-debuginfo-32bit-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-32bit-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-debuginfo-32bit-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-gnome-32bit-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-gnome-debuginfo-32bit-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-translations-common-32bit-1.9.2.18-1.2.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-translations-other-32bit-1.9.2.18-1.2.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mozilla-js192 / mozilla-js192-32bit / mozilla-xulrunner192 / etc"); }
NASL family Scientific Linux Local Security Checks NASL id SL_20110621_THUNDERBIRD_ON_SL4_X.NASL description Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Thunderbird handled JavaScript Array objects. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2371) A use-after-free flaw was found in the way Thunderbird handled malformed JavaScript. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2373) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing last seen 2020-06-01 modified 2020-06-02 plugin id 61073 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/61073 title Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(61073); script_version("1.6"); script_cvs_date("Date: 2019/10/25 13:36:19"); script_cve_id("CVE-2011-0083", "CVE-2011-2362", "CVE-2011-2364", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2377"); script_name(english:"Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Scientific Linux host is missing a security update." ); script_set_attribute( attribute:"description", value: "Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Thunderbird handled JavaScript Array objects. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2371) A use-after-free flaw was found in the way Thunderbird handled malformed JavaScript. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2373) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing '.' character. This violates the same-origin policy and could possibly lead to data being leaked to the wrong domain. (CVE-2011-2362) All Thunderbird users should upgrade to this updated package, which resolves these issues. All running instances of Thunderbird must be restarted for the update to take effect." ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1106&L=scientific-linux-errata&T=0&P=4493 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?0391ac76" ); script_set_attribute( attribute:"solution", value:"Update the affected thunderbird package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/06/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL4", reference:"thunderbird-1.5.0.12-39.el4")) flag++; if (rpm_check(release:"SL5", reference:"thunderbird-2.0.0.24-18.el5_6")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id SUSE_11_MOZILLAFIREFOX-110628.NASL description Mozilla Firefox was updated to the 3.6.18 security release. - Miscellaneous memory safety hazards. (MFSA 2011-19 / CVE-2011-2374 / CVE-2011-2376 / CVE-2011-2364 / CVE-2011-2365) - (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled. (MFSA 2011-20 / CVE-2011-2373) - (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images. (MFSA 2011-21 / CVE-2011-2377) - (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight(). (MFSA 2011-22 / CVE-2011-2371) - Multiple dangling pointer vulnerabilities. (MFSA 2011-23 / CVE-2011-0083 / CVE-2011-0085 / CVE-2011-2363) - (bmo#616264) Cookie isolation error. (MFSA 2011-24 / CVE-2011-2362) last seen 2020-06-01 modified 2020-06-02 plugin id 55483 published 2011-07-01 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/55483 title SuSE 11.1 Security Update : Mozilla Firefox (SAT Patch Number 4804) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(55483); script_version("1.12"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2364", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2376", "CVE-2011-2377"); script_name(english:"SuSE 11.1 Security Update : Mozilla Firefox (SAT Patch Number 4804)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Mozilla Firefox was updated to the 3.6.18 security release. - Miscellaneous memory safety hazards. (MFSA 2011-19 / CVE-2011-2374 / CVE-2011-2376 / CVE-2011-2364 / CVE-2011-2365) - (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled. (MFSA 2011-20 / CVE-2011-2373) - (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images. (MFSA 2011-21 / CVE-2011-2377) - (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight(). (MFSA 2011-22 / CVE-2011-2371) - Multiple dangling pointer vulnerabilities. (MFSA 2011-23 / CVE-2011-0083 / CVE-2011-0085 / CVE-2011-2363) - (bmo#616264) Cookie isolation error. (MFSA 2011-24 / CVE-2011-2362)" ); script_set_attribute( attribute:"see_also", value:"http://www.mozilla.org/security/announce/2011/mfsa2011-19.html" ); script_set_attribute( attribute:"see_also", value:"http://www.mozilla.org/security/announce/2011/mfsa2011-20.html" ); script_set_attribute( attribute:"see_also", value:"http://www.mozilla.org/security/announce/2011/mfsa2011-21.html" ); script_set_attribute( attribute:"see_also", value:"http://www.mozilla.org/security/announce/2011/mfsa2011-22.html" ); script_set_attribute( attribute:"see_also", value:"http://www.mozilla.org/security/announce/2011/mfsa2011-23.html" ); script_set_attribute( attribute:"see_also", value:"http://www.mozilla.org/security/announce/2011/mfsa2011-24.html" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=701296" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-0083.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-0085.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2362.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2363.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2364.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2365.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2371.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2373.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2374.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2376.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2377.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 4804."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:MozillaFirefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:MozillaFirefox-translations"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner192"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner192-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner192-gnome"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner192-gnome-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner192-translations"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner192-translations-32bit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2011/06/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/07/01"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, "SuSE 11.1"); flag = 0; if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"MozillaFirefox-3.6.18-0.2.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"MozillaFirefox-translations-3.6.18-0.2.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"mozilla-xulrunner192-1.9.2.18-1.2.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"mozilla-xulrunner192-gnome-1.9.2.18-1.2.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"mozilla-xulrunner192-translations-1.9.2.18-1.2.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"MozillaFirefox-3.6.18-0.2.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"MozillaFirefox-translations-3.6.18-0.2.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"mozilla-xulrunner192-1.9.2.18-1.2.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"mozilla-xulrunner192-32bit-1.9.2.18-1.2.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"mozilla-xulrunner192-gnome-1.9.2.18-1.2.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"mozilla-xulrunner192-gnome-32bit-1.9.2.18-1.2.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"mozilla-xulrunner192-translations-1.9.2.18-1.2.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"mozilla-xulrunner192-translations-32bit-1.9.2.18-1.2.1")) flag++; if (rpm_check(release:"SLES11", sp:1, reference:"MozillaFirefox-3.6.18-0.2.1")) flag++; if (rpm_check(release:"SLES11", sp:1, reference:"MozillaFirefox-translations-3.6.18-0.2.1")) flag++; if (rpm_check(release:"SLES11", sp:1, reference:"mozilla-xulrunner192-1.9.2.18-1.2.1")) flag++; if (rpm_check(release:"SLES11", sp:1, reference:"mozilla-xulrunner192-gnome-1.9.2.18-1.2.1")) flag++; if (rpm_check(release:"SLES11", sp:1, reference:"mozilla-xulrunner192-translations-1.9.2.18-1.2.1")) flag++; if (rpm_check(release:"SLES11", sp:1, cpu:"s390x", reference:"mozilla-xulrunner192-32bit-1.9.2.18-1.2.1")) flag++; if (rpm_check(release:"SLES11", sp:1, cpu:"x86_64", reference:"mozilla-xulrunner192-32bit-1.9.2.18-1.2.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2268.NASL description Several vulnerabilities have been found in Iceweasel, a web browser based on Firefox : - CVE-2011-0083 / CVE-2011-2363 last seen 2020-03-17 modified 2011-07-05 plugin id 55488 published 2011-07-05 reporter This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55488 title Debian DSA-2268-1 : iceweasel - several vulnerabilities code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-2268. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(55488); script_version("1.18"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2376"); script_bugtraq_id(48357, 48358, 48360, 48361, 48366, 48368, 48372, 48373, 48376); script_xref(name:"DSA", value:"2268"); script_name(english:"Debian DSA-2268-1 : iceweasel - several vulnerabilities"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Several vulnerabilities have been found in Iceweasel, a web browser based on Firefox : - CVE-2011-0083 / CVE-2011-2363 'regenrecht' discovered two use-after-frees in SVG processing, which could lead to the execution of arbitrary code. - CVE-2011-0085 'regenrecht' discovered a use-after-free in XUL processing, which could lead to the execution of arbitrary code. - CVE-2011-2362 David Chan discovered that cookies were insufficiently isolated. - CVE-2011-2371 Chris Rohlf and Yan Ivnitskiy discovered an integer overflow in the JavaScript engine, which could lead to the execution of arbitrary code. - CVE-2011-2373 Martin Barbella discovered a use-after-free in XUL processing, which could lead to the execution of arbitrary code. - CVE-2011-2374 Bob Clary, Kevin Brosnan, Nils, Gary Kwong, Jesse Ruderman and Christian Biesinger discovered memory corruption bugs, which may lead to the execution of arbitrary code. - CVE-2011-2376 Luke Wagner and Gary Kwong discovered memory corruption bugs, which may lead to the execution of arbitrary code." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-0083" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2363" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-0085" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2362" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2371" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2373" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2374" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2376" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/squeeze/iceweasel" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2011/dsa-2268" ); script_set_attribute( attribute:"solution", value: "Upgrade the iceweasel packages. For the oldstable distribution (lenny), this problem has been fixed in version 1.9.0.19-12 of the xulrunner source package. For the stable distribution (squeeze), this problem has been fixed in version 3.5.16-8." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:iceweasel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0"); script_set_attribute(attribute:"patch_publication_date", value:"2011/07/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/07/05"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"5.0", prefix:"iceweasel", reference:"1.9.0.19-12")) flag++; if (deb_check(release:"6.0", prefix:"iceweasel", reference:"3.5.16-8")) flag++; if (deb_check(release:"6.0", prefix:"iceweasel-dbg", reference:"3.5.16-8")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id SUSE_MOZILLAFIREFOX-7596.NASL description Mozilla Firefox was updated to the 3.6.18 security release. - Miscellaneous memory safety hazards. (MFSA 2011-19 / CVE-2011-2374 / CVE-2011-2376 / CVE-2011-2364 / CVE-2011-2365) - (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled. (MFSA 2011-20 / CVE-2011-2373) - (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images. (MFSA 2011-21 / CVE-2011-2377) - (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight(). (MFSA 2011-22 / CVE-2011-2371) - Multiple dangling pointer vulnerabilities. (MFSA 2011-23 / CVE-2011-0083 / CVE-2011-0085 / CVE-2011-2363) - (bmo#616264) Cookie isolation error. (MFSA 2011-24 / CVE-2011-2362) last seen 2020-06-01 modified 2020-06-02 plugin id 57149 published 2011-12-13 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57149 title SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7596) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(57149); script_version ("1.9"); script_cvs_date("Date: 2019/10/25 13:36:43"); script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2364", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2376", "CVE-2011-2377"); script_name(english:"SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7596)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "Mozilla Firefox was updated to the 3.6.18 security release. - Miscellaneous memory safety hazards. (MFSA 2011-19 / CVE-2011-2374 / CVE-2011-2376 / CVE-2011-2364 / CVE-2011-2365) - (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled. (MFSA 2011-20 / CVE-2011-2373) - (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images. (MFSA 2011-21 / CVE-2011-2377) - (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight(). (MFSA 2011-22 / CVE-2011-2371) - Multiple dangling pointer vulnerabilities. (MFSA 2011-23 / CVE-2011-0083 / CVE-2011-0085 / CVE-2011-2363) - (bmo#616264) Cookie isolation error. (MFSA 2011-24 / CVE-2011-2362)" ); # http://www.mozilla.org/security/announce/2011/mfsa2011-19.html script_set_attribute( attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-19/" ); # http://www.mozilla.org/security/announce/2011/mfsa2011-20.html script_set_attribute( attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-20/" ); # http://www.mozilla.org/security/announce/2011/mfsa2011-21.html script_set_attribute( attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-21/" ); # http://www.mozilla.org/security/announce/2011/mfsa2011-22.html script_set_attribute( attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-22/" ); # http://www.mozilla.org/security/announce/2011/mfsa2011-23.html script_set_attribute( attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-23/" ); # http://www.mozilla.org/security/announce/2011/mfsa2011-24.html script_set_attribute( attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-24/" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-0083.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-0085.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2362.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2363.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2364.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2365.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2371.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2373.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2374.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2376.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2377.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7596."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/06/30"); script_set_attribute(attribute:"patch_publication_date", value:"2011/06/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/12/13"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:4, reference:"MozillaFirefox-3.6.18-0.5.1")) flag++; if (rpm_check(release:"SLED10", sp:4, reference:"MozillaFirefox-translations-3.6.18-0.5.1")) flag++; if (rpm_check(release:"SLED10", sp:4, reference:"mozilla-xulrunner192-1.9.2.18-1.6.1")) flag++; if (rpm_check(release:"SLED10", sp:4, reference:"mozilla-xulrunner192-gnome-1.9.2.18-1.6.1")) flag++; if (rpm_check(release:"SLED10", sp:4, reference:"mozilla-xulrunner192-translations-1.9.2.18-1.6.1")) flag++; if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"mozilla-xulrunner192-32bit-1.9.2.18-1.6.1")) flag++; if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"mozilla-xulrunner192-gnome-32bit-1.9.2.18-1.6.1")) flag++; if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"mozilla-xulrunner192-translations-32bit-1.9.2.18-1.6.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"MozillaFirefox-3.6.18-0.5.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"MozillaFirefox-translations-3.6.18-0.5.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"mozilla-xulrunner192-1.9.2.18-1.6.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"mozilla-xulrunner192-gnome-1.9.2.18-1.6.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"mozilla-xulrunner192-translations-1.9.2.18-1.6.1")) flag++; if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"mozilla-xulrunner192-32bit-1.9.2.18-1.6.1")) flag++; if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"mozilla-xulrunner192-gnome-32bit-1.9.2.18-1.6.1")) flag++; if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"mozilla-xulrunner192-translations-32bit-1.9.2.18-1.6.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");
NASL family SuSE Local Security Checks NASL id SUSE_11_3_MOZILLATHUNDERBIRD-110627.NASL description Mozilla Thunderbird was updated to the 3.1.11 release. It has new features, fixes lots of bugs, and also fixes the following security issues : - MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards - MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled - MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images - MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight() - MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 Multiple dangling pointer vulnerabilities - MFSA 2011-24/CVE-2011-2362 (bmo#616264) Cookie isolation error last seen 2020-06-01 modified 2020-06-02 plugin id 75665 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/75665 title openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4800) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update MozillaThunderbird-4800. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75665); script_version("1.3"); script_cvs_date("Date: 2019/10/25 13:36:41"); script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2364", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2376", "CVE-2011-2377"); script_name(english:"openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4800)"); script_summary(english:"Check for the MozillaThunderbird-4800 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Mozilla Thunderbird was updated to the 3.1.11 release. It has new features, fixes lots of bugs, and also fixes the following security issues : - MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards - MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled - MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images - MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight() - MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 Multiple dangling pointer vulnerabilities - MFSA 2011-24/CVE-2011-2362 (bmo#616264) Cookie isolation error" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=701296" ); script_set_attribute( attribute:"solution", value:"Update the affected MozillaThunderbird packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:enigmail"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3"); script_set_attribute(attribute:"patch_publication_date", value:"2011/06/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.3", reference:"MozillaThunderbird-3.1.11-0.11.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"MozillaThunderbird-devel-3.1.11-0.11.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"MozillaThunderbird-translations-common-3.1.11-0.11.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"MozillaThunderbird-translations-other-3.1.11-0.11.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"enigmail-1.1.2-9.11.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaThunderbird"); }
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2269.NASL description Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of SeaMonkey : - CVE-2011-0083 / CVE-2011-2363 last seen 2020-03-17 modified 2011-07-05 plugin id 55489 published 2011-07-05 reporter This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55489 title Debian DSA-2269-1 : iceape - several vulnerabilities code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-2269. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(55489); script_version("1.16"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2376"); script_xref(name:"DSA", value:"2269"); script_name(english:"Debian DSA-2269-1 : iceape - several vulnerabilities"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of SeaMonkey : - CVE-2011-0083 / CVE-2011-2363 'regenrecht' discovered two use-after-frees in SVG processing, which could lead to the execution of arbitrary code. - CVE-2011-0085 'regenrecht' discovered a use-after-free in XUL processing, which could lead to the execution of arbitrary code. - CVE-2011-2362 David Chan discovered that cookies were insufficiently isolated. - CVE-2011-2371 Chris Rohlf and Yan Ivnitskiy discovered an integer overflow in the JavaScript engine, which could lead to the execution of arbitrary code. - CVE-2011-2373 Martin Barbella discovered a use-after-free in XUL processing, which could lead to the execution of arbitrary code. - CVE-2011-2374 Bob Clary, Kevin Brosnan, Nils, Gary Kwong, Jesse Ruderman and Christian Biesinger discovered memory corruption bugs, which may lead to the execution of arbitrary code. - CVE-2011-2376 Luke Wagner and Gary Kwong discovered memory corruption bugs, which may lead to the execution of arbitrary code. The oldstable distribution (lenny) is not affected. The iceape package only provides the XPCOM code." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-0083" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2363" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-0085" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2362" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2371" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2373" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2374" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2011-2376" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/squeeze/iceape" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2011/dsa-2269" ); script_set_attribute( attribute:"solution", value: "Upgrade the iceape packages. For the stable distribution (squeeze), this problem has been fixed in version 2.0.11-6." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:iceape"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0"); script_set_attribute(attribute:"patch_publication_date", value:"2011/07/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/07/05"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"6.0", prefix:"iceape", reference:"2.0.11-6")) flag++; if (deb_check(release:"6.0", prefix:"iceape-browser", reference:"2.0.11-6")) flag++; if (deb_check(release:"6.0", prefix:"iceape-chatzilla", reference:"2.0.11-6")) flag++; if (deb_check(release:"6.0", prefix:"iceape-dbg", reference:"2.0.11-6")) flag++; if (deb_check(release:"6.0", prefix:"iceape-dev", reference:"2.0.11-6")) flag++; if (deb_check(release:"6.0", prefix:"iceape-mailnews", reference:"2.0.11-6")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1150-1.NASL description Multiple memory vulnerabilities were discovered in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2376) Martin Barbella discovered that under certain conditions, viewing a XUL document while JavaScript was disabled caused deleted memory to be accessed. An attacker could potentially use this to crash Thunderbird or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2011-2373) Jordi Chancel discovered a vulnerability on multipart/x-mixed-replace images due to memory corruption. An attacker could potentially use this to crash Thunderbird or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2011-2377) Chris Rohlf and Yan Ivnitskiy discovered an integer overflow vulnerability in JavaScript Arrays. An attacker could potentially use this to execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2011-2371) Multiple use-after-free vulnerabilities were discovered. An attacker could potentially use these to execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) David Chan discovered that cookies did not honor same-origin conventions. This could potentially lead to cookie data being leaked to a third-party. (CVE-2011-2362). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 55605 published 2011-07-18 reporter Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55605 title Ubuntu 10.04 LTS / 10.10 / 11.04 : thunderbird vulnerabilities (USN-1150-1) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1149-1.NASL description Multiple memory vulnerabilities were discovered in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2376) Martin Barbella discovered that under certain conditions, viewing a XUL document while JavaScript was disabled caused deleted memory to be accessed. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-2373) Jordi Chancel discovered a vulnerability on multipart/x-mixed-replace images due to memory corruption. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-2377) Chris Rohlf and Yan Ivnitskiy discovered an integer overflow vulnerability in JavaScript Arrays. An attacker could potentially use this to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-2371) Multiple use-after-free vulnerabilities were discovered. An attacker could potentially use these to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) David Chan discovered that cookies did not honor same-origin conventions. This could potentially lead to cookie data being leaked to a third-party. (CVE-2011-2362). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 55407 published 2011-06-23 reporter Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55407 title Ubuntu 10.04 LTS / 10.10 : firefox, xulrunner-1.9.2 vulnerabilities (USN-1149-1) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2011-0888.NASL description Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey handled malformed JPEG images. A website containing a malicious JPEG image could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-2377) Multiple dangling pointer flaws were found in SeaMonkey. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way SeaMonkey handled JavaScript Array objects. A website containing malicious JavaScript could cause SeaMonkey to execute that JavaScript with the privileges of the user running SeaMonkey. (CVE-2011-2371) A use-after-free flaw was found in the way SeaMonkey handled malformed JavaScript. A website containing malicious JavaScript could cause SeaMonkey to execute that JavaScript with the privileges of the user running SeaMonkey. (CVE-2011-2373) It was found that SeaMonkey could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing last seen 2020-06-01 modified 2020-06-02 plugin id 55836 published 2011-08-15 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55836 title CentOS 4 : seamonkey (CESA-2011:0888) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2011-0886.NASL description From Red Hat Security Advisory 2011:0886 : An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing last seen 2020-06-01 modified 2020-06-02 plugin id 68294 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68294 title Oracle Linux 6 : thunderbird (ELSA-2011-0886) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2011-0888.NASL description Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey handled malformed JPEG images. A website containing a malicious JPEG image could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-2377) Multiple dangling pointer flaws were found in SeaMonkey. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way SeaMonkey handled JavaScript Array objects. A website containing malicious JavaScript could cause SeaMonkey to execute that JavaScript with the privileges of the user running SeaMonkey. (CVE-2011-2371) A use-after-free flaw was found in the way SeaMonkey handled malformed JavaScript. A website containing malicious JavaScript could cause SeaMonkey to execute that JavaScript with the privileges of the user running SeaMonkey. (CVE-2011-2373) It was found that SeaMonkey could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing last seen 2020-06-01 modified 2020-06-02 plugin id 55401 published 2011-06-22 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55401 title RHEL 4 : seamonkey (RHSA-2011:0888) NASL family SuSE Local Security Checks NASL id SUSE_MOZILLAFIREFOX-7597.NASL description Mozilla Firefox was updated to the 3.6.18 security release. - Miscellaneous memory safety hazards. (MFSA 2011-19 / CVE-2011-2374 / CVE-2011-2376 / CVE-2011-2364 / CVE-2011-2365) - (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled. (MFSA 2011-20 / CVE-2011-2373) - (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images. (MFSA 2011-21 / CVE-2011-2377) - (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight(). (MFSA 2011-22 / CVE-2011-2371) - Multiple dangling pointer vulnerabilities. (MFSA 2011-23 / CVE-2011-0083 / CVE-2011-0085 / CVE-2011-2363) - (bmo#616264) Cookie isolation error. (MFSA 2011-24 / CVE-2011-2362) last seen 2020-06-01 modified 2020-06-02 plugin id 55485 published 2011-07-01 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55485 title SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7597) NASL family MacOS X Local Security Checks NASL id MACOSX_FIREFOX_3_6_18.NASL description The installed version of Firefox is 3.6.x earlier than 3.6.18. Such versions are potentially affected by the following security issues : - Multiple memory safety issues can lead to application crashes and possibly remote code execution. (CVE-2011-2374, CVE-2011-2376, CVE-2011-2364, CVE-2011-2365) - A use-after-free issue when viewing XUL documents with scripts disabled could lead to code execution. (CVE-2011-2373) - A memory corruption issue due to multipart / x-mixed-replace images could lead to memory corruption. (CVE-2011-2377) - When a JavaScript Array object has its length set to an extremely large value, the iteration of array elements that occurs when its reduceRight method is called could result in code execution due to an invalid index value being used. (CVE-2011-2371) - Multiple dangling pointer vulnerabilities could lead to code execution. (CVE-2011-0083, CVE-2011-2363, CVE-2011-0085) - An error in the way cookies are handled could lead to information disclosure. (CVE-2011-2362) last seen 2020-06-01 modified 2020-06-02 plugin id 55418 published 2011-06-24 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/55418 title Firefox 3.6 < 3.6.18 Multiple Vulnerabilities (Mac OS X) NASL family Windows NASL id MOZILLA_FIREFOX_3618.NASL description The installed version of Firefox 3.6 is earlier than 3.6.18. Such versions are potentially affected by the following security issues : - Multiple memory safety issues can lead to application crashes and possibly remote code execution. (CVE-2011-2374, CVE-2011-2376, CVE-2011-2364, CVE-2011-2365) - A use-after-free issue when viewing XUL documents with scripts disabled could lead to code execution. (CVE-2011-2373) - A memory corruption issue due to multipart / x-mixed-replace images could lead to memory corruption. (CVE-2011-2377) - When a JavaScript Array object has its length set to an extremely large value, the iteration of array elements that occurs when its reduceRight method is called could result in code execution due to an invalid index value being used. (CVE-2011-2371) - Multiple dangling pointer vulnerabilities could lead to code execution. (CVE-2011-0083, CVE-2011-2363, CVE-2011-0085) - An error in the way cookies are handled could lead to information disclosure. (CVE-2011-2362) last seen 2020-06-01 modified 2020-06-02 plugin id 55287 published 2011-06-21 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/55287 title Firefox 3.6 < 3.6.18 Multiple Vulnerabilities NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2011-0885.NASL description From Red Hat Security Advisory 2011:0885 : Updated firefox packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the way Firefox handled malformed JPEG images. A website containing a malicious JPEG image could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2377) Multiple dangling pointer flaws were found in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Firefox handled JavaScript Array objects. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2371) A use-after-free flaw was found in the way Firefox handled malformed JavaScript. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2373) It was found that Firefox could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing last seen 2020-06-01 modified 2020-06-02 plugin id 68293 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68293 title Oracle Linux 4 / 5 / 6 : firefox (ELSA-2011-0885) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2011-0887.NASL description An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Thunderbird handled JavaScript Array objects. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2371) A use-after-free flaw was found in the way Thunderbird handled malformed JavaScript. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2373) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing last seen 2020-06-01 modified 2020-06-02 plugin id 55400 published 2011-06-22 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55400 title RHEL 4 / 5 : thunderbird (RHSA-2011:0887) NASL family Windows NASL id MOZILLA_THUNDERBIRD_3111.NASL description The installed version of Thunderbird 3.1 is earlier than 3.1.11. Such versions are potentially affected by the following security issues : - Multiple memory safety issues can lead to application crashes and possibly remote code execution. (CVE-2011-2374, CVE-2011-2376, CVE-2011-2364, CVE-2011-2365) - A use-after-free issue when viewing XUL documents with scripts disabled could lead to code execution. (CVE-2011-2373) - A memory corruption issue due to multipart / x-mixed-replace images could lead to memory corruption. (CVE-2011-2377) - When a JavaScript Array object has its length set to an extremely large value, the iteration of array elements that occurs when its reduceRight method is called could result in code execution due to an invalid index value being used. (CVE-2011-2371) - Multiple dangling pointer vulnerabilities could lead to code execution. (CVE-2011-0083, CVE-2011-2363, CVE-2011-0085) - An error in the way cookies are handled could lead to information disclosure. (CVE-2011-2362) last seen 2020-06-01 modified 2020-06-02 plugin id 55289 published 2011-06-21 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/55289 title Mozilla Thunderbird 3.1 < 3.1.11 Multiple Vulnerabilities NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2011-0887.NASL description From Red Hat Security Advisory 2011:0887 : An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Thunderbird handled JavaScript Array objects. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2371) A use-after-free flaw was found in the way Thunderbird handled malformed JavaScript. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2373) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing last seen 2020-06-01 modified 2020-06-02 plugin id 68295 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68295 title Oracle Linux 4 : thunderbird (ELSA-2011-0887) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2011-0885.NASL description Updated firefox packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the way Firefox handled malformed JPEG images. A website containing a malicious JPEG image could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2377) Multiple dangling pointer flaws were found in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Firefox handled JavaScript Array objects. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2371) A use-after-free flaw was found in the way Firefox handled malformed JavaScript. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2373) It was found that Firefox could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing last seen 2020-06-01 modified 2020-06-02 plugin id 55404 published 2011-06-23 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55404 title CentOS 4 / 5 : firefox (CESA-2011:0885) NASL family Scientific Linux Local Security Checks NASL id SL_20110621_SEAMONKEY_ON_SL4_X.NASL description SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey handled malformed JPEG images. A website containing a malicious JPEG image could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-2377) Multiple dangling pointer flaws were found in SeaMonkey. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way SeaMonkey handled JavaScript Array objects. A website containing malicious JavaScript could cause SeaMonkey to execute that JavaScript with the privileges of the user running SeaMonkey. (CVE-2011-2371) A use-after-free flaw was found in the way SeaMonkey handled malformed JavaScript. A website containing malicious JavaScript could cause SeaMonkey to execute that JavaScript with the privileges of the user running SeaMonkey. (CVE-2011-2373) It was found that SeaMonkey could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing last seen 2020-06-01 modified 2020-06-02 plugin id 61072 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/61072 title Scientific Linux Security Update : seamonkey on SL4.x i386/x86_64 NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201301-01.NASL description The remote host is affected by the vulnerability described in GLSA-201301-01 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL’s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser’s font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 63402 published 2013-01-08 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63402 title GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2011-0888.NASL description From Red Hat Security Advisory 2011:0888 : Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey handled malformed JPEG images. A website containing a malicious JPEG image could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-2377) Multiple dangling pointer flaws were found in SeaMonkey. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way SeaMonkey handled JavaScript Array objects. A website containing malicious JavaScript could cause SeaMonkey to execute that JavaScript with the privileges of the user running SeaMonkey. (CVE-2011-2371) A use-after-free flaw was found in the way SeaMonkey handled malformed JavaScript. A website containing malicious JavaScript could cause SeaMonkey to execute that JavaScript with the privileges of the user running SeaMonkey. (CVE-2011-2373) It was found that SeaMonkey could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing last seen 2020-06-01 modified 2020-06-02 plugin id 68296 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68296 title Oracle Linux 4 : seamonkey (ELSA-2011-0888) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2011-0887.NASL description An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Thunderbird handled JavaScript Array objects. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2371) A use-after-free flaw was found in the way Thunderbird handled malformed JavaScript. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2373) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing last seen 2020-06-01 modified 2020-06-02 plugin id 55405 published 2011-06-23 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55405 title CentOS 4 / 5 : thunderbird (CESA-2011:0887) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1149-2.NASL description USN-1149-1 fixed vulnerabilities in Firefox. Unfortunately, a regression was introduced that prevented cookies from being stored properly when the hostname was a single character. This update fixes the problem. We apologize for the inconvenience. Multiple memory vulnerabilities were discovered in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2376) Martin Barbella discovered that under certain conditions, viewing a XUL document while JavaScript was disabled caused deleted memory to be accessed. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-2373) Jordi Chancel discovered a vulnerability on multipart/x-mixed-replace images due to memory corruption. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-2377) Chris Rohlf and Yan Ivnitskiy discovered an integer overflow vulnerability in JavaScript Arrays. An attacker could potentially use this to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-2371) Multiple use-after-free vulnerabilities were discovered. An attacker could potentially use these to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) David Chan discovered that cookies did not honor same-origin conventions. This could potentially lead to cookie data being leaked to a third-party. (CVE-2011-2362). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 55469 published 2011-06-30 reporter Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55469 title Ubuntu 10.04 LTS / 10.10 : firefox regression (USN-1149-2) NASL family SuSE Local Security Checks NASL id SUSE_11_4_MOZILLATHUNDERBIRD-110628.NASL description Mozilla Thunderbird was updated to the 3.1.11 release. It has new features, fixes lots of bugs, and also fixes the following security issues: dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight() dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 Multiple dangling pointer vulnerabilities dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-24/CVE-2011-2362 (bmo#616264) Cookie isolation error last seen 2020-06-01 modified 2020-06-02 plugin id 75965 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/75965 title openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4800)
Oval
accepted | 2014-10-06T04:01:16.815-04:00 | ||||||||||||||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||||||||||||||
description | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2364. | ||||||||||||||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:14184 | ||||||||||||||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||||||||||||||
submitted | 2011-11-25T18:18:10.000-05:00 | ||||||||||||||||||||||||||||||||||||||||
title | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2364. | ||||||||||||||||||||||||||||||||||||||||
version | 32 |
Redhat
advisories |
| ||||||||||||||||
rpms |
|
References
- http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00001.html
- http://secunia.com/advisories/45002
- http://support.avaya.com/css/P8/documents/100144854
- http://support.avaya.com/css/P8/documents/100145333
- http://www.debian.org/security/2011/dsa-2268
- http://www.debian.org/security/2011/dsa-2269
- http://www.debian.org/security/2011/dsa-2273
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:111
- http://www.mozilla.org/security/announce/2011/mfsa2011-19.html
- http://www.redhat.com/support/errata/RHSA-2011-0885.html
- http://www.redhat.com/support/errata/RHSA-2011-0886.html
- http://www.redhat.com/support/errata/RHSA-2011-0887.html
- http://www.redhat.com/support/errata/RHSA-2011-0888.html
- http://www.securityfocus.com/bid/48368
- http://www.ubuntu.com/usn/USN-1149-1
- https://bugzilla.mozilla.org/show_bug.cgi?id=655742
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14184