Vulnerabilities > CVE-2011-2365 - Memory Corruption vulnerability in Mozilla Firefox and Thunderbird

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
mozilla
critical
nessus

Summary

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2364.

Vulnerable Configurations

Part Description Count
Application
Mozilla
133

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2011-111.NASL
    descriptionSecurity issues were identified and fixed in mozilla firefox and thunderbird : Security researcher regenrecht reported via TippingPoint
    last seen2020-06-01
    modified2020-06-02
    plugin id55406
    published2011-06-23
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/55406
    titleMandriva Linux Security Advisory : mozilla (MDVSA-2011:111)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2011:111. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(55406);
      script_version("1.12");
      script_cvs_date("Date: 2019/08/02 13:32:54");
    
      script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2364", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2375", "CVE-2011-2376", "CVE-2011-2377");
      script_xref(name:"MDVSA", value:"2011:111");
    
      script_name(english:"Mandriva Linux Security Advisory : mozilla (MDVSA-2011:111)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandriva Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Security issues were identified and fixed in mozilla firefox and
    thunderbird :
    
    Security researcher regenrecht reported via TippingPoint's Zero Day
    Initiative two instances of code which modifies SVG element lists
    failed to account for changes made to the list by user-supplied
    callbacks before accessing list elements. If a user-supplied callback
    deleted such an object, the element-modifying code could wind up
    accessing deleted memory and potentially executing attacker-controlled
    memory. regenrecht also reported via TippingPoint's Zero Day
    Initiative that a XUL document could force the nsXULCommandDispatcher
    to remove all command updaters from the queue, including the one
    currently in use. This could result in the execution of deleted memory
    which an attacker could use to run arbitrary code on a victim's
    computer (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363).
    
    Mozilla security researcher David Chan reported that cookies set for
    example.com. (note the trailing dot) and example.com were treated as
    interchangeable. This is a violation of same-origin conventions and
    could potentially lead to leakage of cookie data to the wrong party
    (CVE-2011-2362).
    
    Mozilla developers identified and fixed several memory safety bugs in
    the browser engine used in Firefox and other Mozilla-based products.
    Some of these bugs showed evidence of memory corruption under certain
    circumstances, and we presume that with enough effort at least some of
    these could be exploited to run arbitrary code (CVE-2011-2364,
    CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376).
    
    Security researchers Chris Rohlf and Yan Ivnitskiy of Matasano
    Security reported that when a JavaScript Array object had its length
    set to an extremely large value, the iteration of array elements that
    occurs when its reduceRight method was subsequently called could
    result in the execution of attacker controlled memory due to an
    invalid index value being used to access element properties
    (CVE-2011-2371).
    
    Security researcher Martin Barbella reported that under certain
    conditions, viewing a XUL document while JavaScript was disabled
    caused deleted memory to be accessed. This flaw could potentially be
    used by an attacker to crash a victim's browser and run arbitrary code
    on their computer (CVE-2011-2373).
    
    Security researcher Jordi Chancel reported a crash on
    multipart/x-mixed-replace images due to memory corruption
    (CVE-2011-2377).
    
    Packages for 2009.0 are provided as of the Extended Maintenance
    Program. Please visit this link to learn more:
    http://store.mandriva.com/product_info.php?cPath=149 products_id=490
    
    Additionally, some packages which require so, have been rebuilt and
    are being provided as updates."
      );
      # http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.18
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?5694f54a"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozillamessaging.com/en-US/thunderbird/3.1.11/releasenotes/"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:beagle");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:beagle-crawl-system");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:beagle-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:beagle-epiphany");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:beagle-evolution");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:beagle-gui");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:beagle-gui-qt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:beagle-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:devhelp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:devhelp-plugins");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:epiphany");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:epiphany-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-af");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-be");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-bg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-bn");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ca");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-cs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-cy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-da");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-de");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-el");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-en_GB");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-eo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-es_AR");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-es_ES");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-et");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-eu");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ext-beagle");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ext-blogrovr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ext-mozvoikko");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ext-r-kiosk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ext-scribefire");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ext-weave-sync");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ext-xmarks");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-fi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-fr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-fy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ga_IE");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-gl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-gu_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-he");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-hi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-hu");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-id");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-is");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-it");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ja");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ka");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-kn");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ko");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ku");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-lt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-lv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-mk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-mr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-nb_NO");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-nl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-nn_NO");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-oc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-pa_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-pl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-pt_BR");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-pt_PT");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ro");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-ru");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-si");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-sk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-sl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-sq");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-sr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-sv_SE");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-te");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-th");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-theme-kfirefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-tr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-uk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-zh_CN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:firefox-zh_TW");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gjs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-extras");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gda");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gda-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gdl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gtkhtml2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gtkmozembed");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnome-python-gtkspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64devhelp-1-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64devhelp-1_0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64gjs-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64gjs0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xulrunner-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xulrunner1.9.2.18");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libdevhelp-1-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libdevhelp-1_0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgjs-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgjs0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxulrunner-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxulrunner1.9.2.18");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-af");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-be");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-beagle");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-bg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-bn_BD");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ca");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-cs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-da");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-de");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-el");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-en_GB");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ca");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-cs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-de");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-el");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-es");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-hu");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-it");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ja");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ko");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt_BR");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ru");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-tr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-vi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-zh_CN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-zh_TW");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-es_AR");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-es_ES");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-et");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-et_EE");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-eu");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-fi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-fr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-fy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ga");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-gl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-he");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-hu");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-id");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-is");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-it");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ja");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ka");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ko");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-lightning");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-lt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-nb_NO");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-nl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-nn_NO");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pa_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pt_BR");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pt_PT");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ro");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ru");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-si");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sq");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sv_SE");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-tr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-uk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-vi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-zh_CN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-thunderbird-zh_TW");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nsinstall");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:xulrunner");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:yelp");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/06/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/23");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK2009.0", reference:"beagle-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"beagle-crawl-system-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"beagle-doc-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"beagle-epiphany-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"beagle-evolution-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"beagle-gui-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"beagle-gui-qt-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"beagle-libs-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"devhelp-0.21-3.26mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"devhelp-plugins-0.21-3.26mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"epiphany-2.24.3-0.15mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"epiphany-devel-2.24.3-0.15mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-af-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-ar-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-be-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-bg-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-bn-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-ca-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-cs-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-cy-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-da-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-de-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-devel-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-el-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-en_GB-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-eo-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-es_AR-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-es_ES-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-et-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-eu-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-ext-beagle-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-ext-blogrovr-1.1.804-0.14mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-ext-mozvoikko-1.0-0.14mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-ext-scribefire-3.5.1-0.14mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-ext-xmarks-3.5.10-0.14mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-fi-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-fr-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-fy-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-ga_IE-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-gl-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-gu_IN-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-he-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-hi-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-hu-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-id-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-is-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-it-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-ja-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-ka-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-kn-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-ko-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-ku-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-lt-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-lv-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-mk-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-mr-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-nb_NO-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-nl-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-nn_NO-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-oc-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-pa_IN-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-pl-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-pt_BR-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-pt_PT-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-ro-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-ru-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-si-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-sk-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-sl-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-sq-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-sr-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-sv_SE-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-te-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-th-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-theme-kfirefox-0.16-0.14mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-tr-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-uk-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-zh_CN-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"firefox-zh_TW-3.6.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"gnome-python-extras-2.19.1-20.28mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"gnome-python-gda-2.19.1-20.28mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"gnome-python-gda-devel-2.19.1-20.28mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"gnome-python-gdl-2.19.1-20.28mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"gnome-python-gtkhtml2-2.19.1-20.28mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"gnome-python-gtkmozembed-2.19.1-20.28mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"gnome-python-gtkspell-2.19.1-20.28mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64devhelp-1-devel-0.21-3.26mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64devhelp-1_0-0.21-3.26mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64xulrunner-devel-1.9.2.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64xulrunner1.9.2.18-1.9.2.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libdevhelp-1-devel-0.21-3.26mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libdevhelp-1_0-0.21-3.26mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libxulrunner-devel-1.9.2.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libxulrunner1.9.2.18-1.9.2.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-af-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-ar-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-be-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-beagle-0.3.8-13.38mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-bg-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-bn_BD-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-ca-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-cs-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-da-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-de-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-el-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-en_GB-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-ar-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-ca-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-cs-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-de-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-el-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-es-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-fi-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-fr-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-hu-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-it-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-ja-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-ko-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-nb-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-nl-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-pl-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-pt-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-pt_BR-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-ru-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-sl-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-sv-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-tr-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-vi-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-zh_CN-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-enigmail-zh_TW-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-es_AR-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-es_ES-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-et-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-et_EE-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-eu-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-fi-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-fr-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-fy-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-ga-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-gd-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-gl-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-he-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-hu-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-id-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-is-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-it-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-ja-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-ka-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-ko-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-lightning-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-lt-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-nb_NO-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-nl-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-nn_NO-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-pa_IN-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-pl-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-pt_BR-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-pt_PT-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-ro-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-ru-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-si-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-sk-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-sl-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-sq-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-sr-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-sv_SE-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-tr-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-uk-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-vi-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-zh_CN-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"mozilla-thunderbird-zh_TW-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"nsinstall-3.1.11-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"xulrunner-1.9.2.18-0.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"yelp-2.24.0-3.29mdv2009.0", yank:"mdv")) flag++;
    
    if (rpm_check(release:"MDK2010.1", reference:"beagle-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"beagle-crawl-system-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"beagle-doc-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"beagle-evolution-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"beagle-gui-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"beagle-gui-qt-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"beagle-libs-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-af-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-ar-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-be-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-bg-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-bn-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-ca-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-cs-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-cy-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-da-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-de-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-devel-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-el-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-en_GB-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-eo-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-es_AR-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-es_ES-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-et-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-eu-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-ext-beagle-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-ext-blogrovr-1.1.804-13.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-ext-mozvoikko-1.0.1-2.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-ext-r-kiosk-0.8.1-2.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-ext-scribefire-3.5.2-2.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-ext-weave-sync-1.1-5.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-ext-xmarks-3.6.14-2.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-fi-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-fr-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-fy-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-ga_IE-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-gl-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-gu_IN-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-he-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-hi-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-hu-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-id-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-is-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-it-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-ja-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-ka-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-kn-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-ko-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-ku-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-lt-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-lv-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-mk-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-mr-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-nb_NO-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-nl-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-nn_NO-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-oc-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-pa_IN-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-pl-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-pt_BR-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-pt_PT-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-ro-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-ru-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-si-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-sk-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-sl-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-sq-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-sr-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-sv_SE-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-te-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-th-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-tr-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-uk-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-zh_CN-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"firefox-zh_TW-3.6.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"gjs-0.6-4.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"gnome-python-extras-2.25.3-18.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"gnome-python-gda-2.25.3-18.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"gnome-python-gda-devel-2.25.3-18.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"gnome-python-gdl-2.25.3-18.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"gnome-python-gtkhtml2-2.25.3-18.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"gnome-python-gtkmozembed-2.25.3-18.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"gnome-python-gtkspell-2.25.3-18.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64gjs-devel-0.6-4.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64gjs0-0.6-4.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64xulrunner-devel-1.9.2.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64xulrunner1.9.2.18-1.9.2.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libgjs-devel-0.6-4.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libgjs0-0.6-4.12mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libxulrunner-devel-1.9.2.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libxulrunner1.9.2.18-1.9.2.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-af-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-ar-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-be-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-beagle-0.3.9-40.16mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-bg-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-bn_BD-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-ca-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-cs-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-da-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-de-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-el-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-en_GB-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-ar-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-ca-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-cs-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-de-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-el-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-es-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-fi-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-fr-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-hu-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-it-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-ja-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-ko-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-nb-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-nl-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-pl-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-pt-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-pt_BR-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-ru-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-sl-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-sv-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-tr-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-vi-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-zh_CN-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-enigmail-zh_TW-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-es_AR-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-es_ES-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-et-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-et_EE-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-eu-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-fi-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-fr-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-fy-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-ga-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-gd-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-gl-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-he-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-hu-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-id-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-is-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-it-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-ja-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-ka-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-ko-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-lightning-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-lt-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-nb_NO-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-nl-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-nn_NO-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-pa_IN-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-pl-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-pt_BR-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-pt_PT-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-ro-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-ru-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-si-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-sk-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-sl-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-sq-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-sr-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-sv_SE-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-tr-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-uk-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-vi-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-zh_CN-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"mozilla-thunderbird-zh_TW-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"nsinstall-3.1.11-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"xulrunner-1.9.2.18-0.1mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"yelp-2.30.1-4.12mdv2010.2", yank:"mdv")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2011-0886.NASL
    descriptionAn updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing
    last seen2020-06-01
    modified2020-06-02
    plugin id55399
    published2011-06-22
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/55399
    titleRHEL 6 : thunderbird (RHSA-2011:0886)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2011:0886. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(55399);
      script_version ("1.15");
      script_cvs_date("Date: 2019/10/25 13:36:16");
    
      script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2364", "CVE-2011-2365", "CVE-2011-2374", "CVE-2011-2375", "CVE-2011-2376", "CVE-2011-2377", "CVE-2011-2605");
      script_xref(name:"RHSA", value:"2011:0886");
    
      script_name(english:"RHEL 6 : thunderbird (RHSA-2011:0886)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An updated thunderbird package that fixes several security issues is
    now available for Red Hat Enterprise Linux 6.
    
    The Red Hat Security Response Team has rated this update as having
    critical security impact. Common Vulnerability Scoring System (CVSS)
    base scores, which give detailed severity ratings, are available for
    each vulnerability from the CVE links in the References section.
    
    Mozilla Thunderbird is a standalone mail and newsgroup client.
    
    A flaw was found in the way Thunderbird handled malformed JPEG images.
    An HTML mail message containing a malicious JPEG image could cause
    Thunderbird to crash or, potentially, execute arbitrary code with the
    privileges of the user running Thunderbird. (CVE-2011-2377)
    
    Multiple dangling pointer flaws were found in Thunderbird. Malicious
    HTML content could cause Thunderbird to crash or, potentially, execute
    arbitrary code with the privileges of the user running Thunderbird.
    (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363)
    
    Several flaws were found in the processing of malformed HTML content.
    Malicious HTML content could cause Thunderbird to crash or,
    potentially, execute arbitrary code with the privileges of the user
    running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374,
    CVE-2011-2375, CVE-2011-2376)
    
    It was found that Thunderbird could treat two separate cookies (for
    web content) as interchangeable if both were for the same domain name
    but one of those domain names had a trailing '.' character. This
    violates the same-origin policy and could possibly lead to data being
    leaked to the wrong domain. (CVE-2011-2362)
    
    All Thunderbird users should upgrade to this updated package, which
    resolves these issues. All running instances of Thunderbird must be
    restarted for the update to take effect."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-0083"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-0085"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2362"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2363"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2364"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2365"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2374"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2375"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2376"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2377"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2605"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2011:0886"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Update the affected thunderbird and / or thunderbird-debuginfo
    packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:thunderbird");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.1");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2011/06/30");
      script_set_attribute(attribute:"patch_publication_date", value:"2011/06/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/22");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2011:0886";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"thunderbird-3.1.11-2.el6_1")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"thunderbird-3.1.11-2.el6_1")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"thunderbird-3.1.11-2.el6_1")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"thunderbird-debuginfo-3.1.11-2.el6_1")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"thunderbird-debuginfo-3.1.11-2.el6_1")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"thunderbird-debuginfo-3.1.11-2.el6_1")) flag++;
    
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "thunderbird / thunderbird-debuginfo");
      }
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_3_MOZILLAFIREFOX-110622.NASL
    descriptionMozilla Firefox was updated to the 3.6.18 security release. - MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards - MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled - MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images - MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight() - MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 Multiple dangling pointer vulnerabilities - MFSA 2011-24/CVE-2011-2362 (bmo#616264) Cookie isolation error
    last seen2020-06-01
    modified2020-06-02
    plugin id75653
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/75653
    titleopenSUSE Security Update : MozillaFirefox (MozillaFirefox-4761)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update MozillaFirefox-4761.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(75653);
      script_version("1.3");
      script_cvs_date("Date: 2019/10/25 13:36:41");
    
      script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2364", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2376", "CVE-2011-2377");
    
      script_name(english:"openSUSE Security Update : MozillaFirefox (MozillaFirefox-4761)");
      script_summary(english:"Check for the MozillaFirefox-4761 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Mozilla Firefox was updated to the 3.6.18 security release.
    
      - MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364
        CVE-2011-2365 Miscellaneous memory safety hazards
    
      - MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free
        vulnerability when viewing XUL document with script
        disabled
    
      - MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303)
        Memory corruption due to multipart/x-mixed-replace
        images
    
      - MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow
        and arbitrary code execution in Array.reduceRight()
    
      - MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363
        Multiple dangling pointer vulnerabilities
    
      - MFSA 2011-24/CVE-2011-2362 (bmo#616264) Cookie isolation
        error"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=701296"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected MozillaFirefox packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-buildsymbols");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other-32bit");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/06/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.3", reference:"MozillaFirefox-3.6.18-0.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"MozillaFirefox-branding-upstream-3.6.18-0.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"MozillaFirefox-translations-common-3.6.18-0.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"MozillaFirefox-translations-other-3.6.18-0.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"mozilla-js192-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-buildsymbols-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-devel-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-gnome-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-translations-common-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"mozilla-xulrunner192-translations-other-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"mozilla-js192-32bit-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"mozilla-xulrunner192-32bit-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"mozilla-xulrunner192-gnome-32bit-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"mozilla-xulrunner192-translations-common-32bit-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", cpu:"x86_64", reference:"mozilla-xulrunner192-translations-other-32bit-1.9.2.18-1.2.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox / MozillaFirefox-branding-upstream / etc");
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20110621_FIREFOX_ON_SL4_X.NASL
    descriptionMozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the way Firefox handled malformed JPEG images. A website containing a malicious JPEG image could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2377) Multiple dangling pointer flaws were found in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Firefox handled JavaScript Array objects. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2371) A use-after-free flaw was found in the way Firefox handled malformed JavaScript. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2373) It was found that Firefox could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing
    last seen2020-06-01
    modified2020-06-02
    plugin id61070
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61070
    titleScientific Linux Security Update : firefox on SL4.x, SL5.x, SL6.x i386/x86_64
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(61070);
      script_version("1.6");
      script_cvs_date("Date: 2019/10/25 13:36:19");
    
      script_cve_id("CVE-2011-0083", "CVE-2011-2362", "CVE-2011-2364", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2377");
    
      script_name(english:"Scientific Linux Security Update : firefox on SL4.x, SL5.x, SL6.x i386/x86_64");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Mozilla Firefox is an open source web browser. XULRunner provides the
    XUL Runtime environment for Mozilla Firefox.
    
    A flaw was found in the way Firefox handled malformed JPEG images. A
    website containing a malicious JPEG image could cause Firefox to crash
    or, potentially, execute arbitrary code with the privileges of the
    user running Firefox. (CVE-2011-2377)
    
    Multiple dangling pointer flaws were found in Firefox. A web page
    containing malicious content could cause Firefox to crash or,
    potentially, execute arbitrary code with the privileges of the user
    running Firefox. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363)
    
    Several flaws were found in the processing of malformed web content. A
    web page containing malicious content could cause Firefox to crash or,
    potentially, execute arbitrary code with the privileges of the user
    running Firefox. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374,
    CVE-2011-2375, CVE-2011-2376)
    
    An integer overflow flaw was found in the way Firefox handled
    JavaScript Array objects. A website containing malicious JavaScript
    could cause Firefox to execute that JavaScript with the privileges of
    the user running Firefox. (CVE-2011-2371)
    
    A use-after-free flaw was found in the way Firefox handled malformed
    JavaScript. A website containing malicious JavaScript could cause
    Firefox to execute that JavaScript with the privileges of the user
    running Firefox. (CVE-2011-2373)
    
    It was found that Firefox could treat two separate cookies as
    interchangeable if both were for the same domain name but one of those
    domain names had a trailing '.' character. This violates the
    same-origin policy and could possibly lead to data being leaked to the
    wrong domain. (CVE-2011-2362)
    
    For technical details regarding these flaws, refer to the Mozilla
    security advisories for Firefox 3.6.18. You can find a link to the
    Mozilla advisories in the References section of this erratum.
    
    This update also fixes the following bug :
    
      - With previous versions of Firefox on Scientific Linux 5,
        the 'background-repeat' CSS (Cascading Style Sheets)
        property did not work (such images were not displayed
        and repeated as expected).
    
    All Firefox users should upgrade to these updated packages, which
    contain Firefox version 3.6.18, which corrects these issues. After
    installing the update, Firefox must be restarted for the changes to
    take effect."
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1106&L=scientific-linux-errata&T=0&P=4628
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?23ea77e2"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Update the affected firefox, xulrunner and / or xulrunner-devel
    packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/06/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL4", reference:"firefox-3.6.18-2.el4")) flag++;
    
    if (rpm_check(release:"SL5", reference:"firefox-3.6.18-1.el5_6")) flag++;
    if (rpm_check(release:"SL5", reference:"xulrunner-1.9.2.18-2.el5_6")) flag++;
    if (rpm_check(release:"SL5", reference:"xulrunner-devel-1.9.2.18-2.el5_6")) flag++;
    
    if (rpm_check(release:"SL6", reference:"firefox-3.6.18-1.el6_1")) flag++;
    if (rpm_check(release:"SL6", reference:"xulrunner-1.9.2.18-2.el6_1")) flag++;
    if (rpm_check(release:"SL6", reference:"xulrunner-devel-1.9.2.18-2.el6_1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20110621_THUNDERBIRD_ON_SL6_X.NASL
    descriptionMozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing
    last seen2020-06-01
    modified2020-06-02
    plugin id61074
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61074
    titleScientific Linux Security Update : thunderbird on SL6.x i386/x86_64
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(61074);
      script_version("1.4");
      script_cvs_date("Date: 2019/10/25 13:36:19");
    
      script_cve_id("CVE-2011-0083", "CVE-2011-2362", "CVE-2011-2364", "CVE-2011-2377");
    
      script_name(english:"Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Scientific Linux host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Mozilla Thunderbird is a standalone mail and newsgroup client.
    
    A flaw was found in the way Thunderbird handled malformed JPEG images.
    An HTML mail message containing a malicious JPEG image could cause
    Thunderbird to crash or, potentially, execute arbitrary code with the
    privileges of the user running Thunderbird. (CVE-2011-2377)
    
    Multiple dangling pointer flaws were found in Thunderbird. Malicious
    HTML content could cause Thunderbird to crash or, potentially, execute
    arbitrary code with the privileges of the user running Thunderbird.
    (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363)
    
    Several flaws were found in the processing of malformed HTML content.
    Malicious HTML content could cause Thunderbird to crash or,
    potentially, execute arbitrary code with the privileges of the user
    running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374,
    CVE-2011-2375, CVE-2011-2376)
    
    It was found that Thunderbird could treat two separate cookies (for
    web content) as interchangeable if both were for the same domain name
    but one of those domain names had a trailing '.' character. This
    violates the same-origin policy and could possibly lead to data being
    leaked to the wrong domain. (CVE-2011-2362)
    
    All Thunderbird users should upgrade to this updated package, which
    resolves these issues. All running instances of Thunderbird must be
    restarted for the update to take effect."
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1106&L=scientific-linux-errata&T=0&P=4365
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?3152f149"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected thunderbird package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/06/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL6", reference:"thunderbird-3.1.11-2.el6_1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-2273.NASL
    descriptionSeveral vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. - CVE-2011-0083 / CVE-2011-2363
    last seen2020-03-17
    modified2011-07-07
    plugin id55524
    published2011-07-07
    reporterThis script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/55524
    titleDebian DSA-2273-1 : icedove - several vulnerabilities
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-2273. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(55524);
      script_version("1.18");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2376");
      script_bugtraq_id(48357, 48358, 48360, 48361, 48366, 48368, 48372, 48373, 48376);
      script_xref(name:"DSA", value:"2273");
    
      script_name(english:"Debian DSA-2273-1 : icedove - several vulnerabilities");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Several vulnerabilities have been discovered in Icedove, an unbranded
    version of the Thunderbird mail/news client.
    
      - CVE-2011-0083 / CVE-2011-2363
        'regenrecht' discovered two use-after-frees in SVG
        processing, which could lead to the execution of
        arbitrary code.
    
      - CVE-2011-0085
        'regenrecht' discovered a use-after-free in XUL
        processing, which could lead to the execution of
        arbitrary code.
    
      - CVE-2011-2362
        David Chan discovered that cookies were insufficiently
        isolated.
    
      - CVE-2011-2371
        Chris Rohlf and Yan Ivnitskiy discovered an integer
        overflow in the JavaScript engine, which could lead to
        the execution of arbitrary code.
    
      - CVE-2011-2373
        Martin Barbella discovered a use-after-free in XUL
        processing, which could lead to the execution of
        arbitrary code.
    
      - CVE-2011-2374
        Bob Clary, Kevin Brosnan, Nils, Gary Kwong, Jesse
        Ruderman and Christian Biesinger discovered memory
        corruption bugs, which may lead to the execution of
        arbitrary code.
    
      - CVE-2011-2376
        Luke Wagner and Gary Kwong discovered memory corruption
        bugs, which may lead to the execution of arbitrary code.
    
    As indicated in the Lenny (oldstable) release notes, security support
    for the Icedove packages in the oldstable needed to be stopped before
    the end of the regular Lenny security maintenance life cycle. You are
    strongly encouraged to upgrade to stable or switch to a different mail
    client."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-0083"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2363"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-0085"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2362"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2371"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2373"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2374"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2376"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/squeeze/icedove"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2011/dsa-2273"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the icedove packages.
    
    For the stable distribution (squeeze), this problem has been fixed in
    version 3.0.11-1+squeeze3."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:icedove");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/07/06");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/07/07");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"6.0", prefix:"icedove", reference:"3.0.11-1+squeeze3")) flag++;
    if (deb_check(release:"6.0", prefix:"icedove-dbg", reference:"3.0.11-1+squeeze3")) flag++;
    if (deb_check(release:"6.0", prefix:"icedove-dev", reference:"3.0.11-1+squeeze3")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2011-0885.NASL
    descriptionUpdated firefox packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the way Firefox handled malformed JPEG images. A website containing a malicious JPEG image could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2377) Multiple dangling pointer flaws were found in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Firefox handled JavaScript Array objects. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2371) A use-after-free flaw was found in the way Firefox handled malformed JavaScript. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2373) It was found that Firefox could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing
    last seen2020-06-01
    modified2020-06-02
    plugin id55398
    published2011-06-22
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/55398
    titleRHEL 4 / 5 / 6 : firefox (RHSA-2011:0885)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2011:0885. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(55398);
      script_version ("1.22");
      script_cvs_date("Date: 2019/10/25 13:36:16");
    
      script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2364", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2375", "CVE-2011-2376", "CVE-2011-2377", "CVE-2011-2605");
      script_xref(name:"RHSA", value:"2011:0885");
    
      script_name(english:"RHEL 4 / 5 / 6 : firefox (RHSA-2011:0885)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated firefox packages that fix several security issues and one bug
    are now available for Red Hat Enterprise Linux 4, 5, and 6.
    
    The Red Hat Security Response Team has rated this update as having
    critical security impact. Common Vulnerability Scoring System (CVSS)
    base scores, which give detailed severity ratings, are available for
    each vulnerability from the CVE links in the References section.
    
    Mozilla Firefox is an open source web browser. XULRunner provides the
    XUL Runtime environment for Mozilla Firefox.
    
    A flaw was found in the way Firefox handled malformed JPEG images. A
    website containing a malicious JPEG image could cause Firefox to crash
    or, potentially, execute arbitrary code with the privileges of the
    user running Firefox. (CVE-2011-2377)
    
    Multiple dangling pointer flaws were found in Firefox. A web page
    containing malicious content could cause Firefox to crash or,
    potentially, execute arbitrary code with the privileges of the user
    running Firefox. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363)
    
    Several flaws were found in the processing of malformed web content. A
    web page containing malicious content could cause Firefox to crash or,
    potentially, execute arbitrary code with the privileges of the user
    running Firefox. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374,
    CVE-2011-2375, CVE-2011-2376)
    
    An integer overflow flaw was found in the way Firefox handled
    JavaScript Array objects. A website containing malicious JavaScript
    could cause Firefox to execute that JavaScript with the privileges of
    the user running Firefox. (CVE-2011-2371)
    
    A use-after-free flaw was found in the way Firefox handled malformed
    JavaScript. A website containing malicious JavaScript could cause
    Firefox to execute that JavaScript with the privileges of the user
    running Firefox. (CVE-2011-2373)
    
    It was found that Firefox could treat two separate cookies as
    interchangeable if both were for the same domain name but one of those
    domain names had a trailing '.' character. This violates the
    same-origin policy and could possibly lead to data being leaked to the
    wrong domain. (CVE-2011-2362)
    
    For technical details regarding these flaws, refer to the Mozilla
    security advisories for Firefox 3.6.18. You can find a link to the
    Mozilla advisories in the References section of this erratum.
    
    This update also fixes the following bug :
    
    * With previous versions of Firefox on Red Hat Enterprise Linux 5, the
    'background-repeat' CSS (Cascading Style Sheets) property did not work
    (such images were not displayed and repeated as expected). (BZ#698313)
    
    All Firefox users should upgrade to these updated packages, which
    contain Firefox version 3.6.18, which corrects these issues. After
    installing the update, Firefox must be restarted for the changes to
    take effect."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-0083"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-0085"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2362"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2363"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2364"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2365"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2371"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2373"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2374"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2375"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2376"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2377"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-2605"
      );
      # http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?ab0bbddd"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2011:0885"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:firefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:firefox-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xulrunner");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xulrunner-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xulrunner-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.8");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.1");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2011/06/30");
      script_set_attribute(attribute:"patch_publication_date", value:"2011/06/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/22");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(4|5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x / 5.x / 6.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2011:0885";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL4", reference:"firefox-3.6.18-2.el4")) flag++;
    
    
      if (rpm_check(release:"RHEL5", reference:"firefox-3.6.18-1.el5_6")) flag++;
    
      if (rpm_check(release:"RHEL5", reference:"xulrunner-1.9.2.18-2.el5_6")) flag++;
    
      if (rpm_check(release:"RHEL5", reference:"xulrunner-devel-1.9.2.18-2.el5_6")) flag++;
    
    
      if (rpm_check(release:"RHEL6", reference:"firefox-3.6.18-1.el6_1")) flag++;
    
      if (rpm_check(release:"RHEL6", reference:"firefox-debuginfo-3.6.18-1.el6_1")) flag++;
    
      if (rpm_check(release:"RHEL6", reference:"xulrunner-1.9.2.18-2.el6_1")) flag++;
    
      if (rpm_check(release:"RHEL6", reference:"xulrunner-debuginfo-1.9.2.18-2.el6_1")) flag++;
    
      if (rpm_check(release:"RHEL6", reference:"xulrunner-devel-1.9.2.18-2.el6_1")) flag++;
    
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "firefox / firefox-debuginfo / xulrunner / xulrunner-debuginfo / etc");
      }
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_4_MOZILLA-JS192-110622.NASL
    descriptionmozilla-xulrunner192 was updated to the 1.9.2.18 security release. dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight() dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 Multiple dangling pointer vulnerabilities dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA 2011-24/CVE-2011-2362 (bmo#616264) Cookie isolation error
    last seen2020-06-01
    modified2020-06-02
    plugin id75957
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/75957
    titleopenSUSE Security Update : mozilla-js192 (mozilla-js192-4771)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update mozilla-js192-4771.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(75957);
      script_version("1.3");
      script_cvs_date("Date: 2019/10/25 13:36:42");
    
      script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2364", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2376", "CVE-2011-2377");
    
      script_name(english:"openSUSE Security Update : mozilla-js192 (mozilla-js192-4771)");
      script_summary(english:"Check for the mozilla-js192-4771 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "mozilla-xulrunner192 was updated to the 1.9.2.18 security release.
    
    dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA
    2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365
    Miscellaneous memory safety hazards
    
    dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA
    2011-20/CVE-2011-2373 (bmo#617247) Use-after-free vulnerability when
    viewing XUL document with script disabled
    
    dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA
    2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) Memory corruption due
    to multipart/x-mixed-replace images
    
    dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA
    2011-22/CVE-2011-2371 (bmo#664009) Integer overflow and arbitrary code
    execution in Array.reduceRight()
    
    dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA
    2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 Multiple dangling
    pointer vulnerabilities
    
    dbg114-mozilla-js192-4771 mozilla-js192-4771 new_updateinfo MFSA
    2011-24/CVE-2011-2362 (bmo#616264) Cookie isolation error"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=701296"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected mozilla-js192 packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-buildsymbols");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other-32bit");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/06/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.4", reference:"mozilla-js192-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", reference:"mozilla-js192-debuginfo-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-buildsymbols-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-debuginfo-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-debugsource-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-devel-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-devel-debuginfo-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-gnome-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-gnome-debuginfo-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-translations-common-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-translations-other-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-js192-32bit-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-js192-debuginfo-32bit-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-32bit-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-debuginfo-32bit-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-gnome-32bit-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-gnome-debuginfo-32bit-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-translations-common-32bit-1.9.2.18-1.2.1") ) flag++;
    if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-translations-other-32bit-1.9.2.18-1.2.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mozilla-js192 / mozilla-js192-32bit / mozilla-xulrunner192 / etc");
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20110621_THUNDERBIRD_ON_SL4_X.NASL
    descriptionMozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Thunderbird handled JavaScript Array objects. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2371) A use-after-free flaw was found in the way Thunderbird handled malformed JavaScript. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2373) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing
    last seen2020-06-01
    modified2020-06-02
    plugin id61073
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61073
    titleScientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(61073);
      script_version("1.6");
      script_cvs_date("Date: 2019/10/25 13:36:19");
    
      script_cve_id("CVE-2011-0083", "CVE-2011-2362", "CVE-2011-2364", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2377");
    
      script_name(english:"Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Scientific Linux host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Mozilla Thunderbird is a standalone mail and newsgroup client.
    
    A flaw was found in the way Thunderbird handled malformed JPEG images.
    An HTML mail message containing a malicious JPEG image could cause
    Thunderbird to crash or, potentially, execute arbitrary code with the
    privileges of the user running Thunderbird. (CVE-2011-2377)
    
    Multiple dangling pointer flaws were found in Thunderbird. Malicious
    HTML content could cause Thunderbird to crash or, potentially, execute
    arbitrary code with the privileges of the user running Thunderbird.
    (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363)
    
    Several flaws were found in the processing of malformed HTML content.
    Malicious HTML content could cause Thunderbird to crash or,
    potentially, execute arbitrary code with the privileges of the user
    running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374,
    CVE-2011-2375, CVE-2011-2376)
    
    An integer overflow flaw was found in the way Thunderbird handled
    JavaScript Array objects. Malicious content could cause Thunderbird to
    execute JavaScript with the privileges of the user running
    Thunderbird. (CVE-2011-2371)
    
    A use-after-free flaw was found in the way Thunderbird handled
    malformed JavaScript. Malicious content could cause Thunderbird to
    execute JavaScript with the privileges of the user running
    Thunderbird. (CVE-2011-2373)
    
    It was found that Thunderbird could treat two separate cookies (for
    web content) as interchangeable if both were for the same domain name
    but one of those domain names had a trailing '.' character. This
    violates the same-origin policy and could possibly lead to data being
    leaked to the wrong domain. (CVE-2011-2362)
    
    All Thunderbird users should upgrade to this updated package, which
    resolves these issues. All running instances of Thunderbird must be
    restarted for the update to take effect."
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1106&L=scientific-linux-errata&T=0&P=4493
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?0391ac76"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected thunderbird package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/06/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL4", reference:"thunderbird-1.5.0.12-39.el4")) flag++;
    
    if (rpm_check(release:"SL5", reference:"thunderbird-2.0.0.24-18.el5_6")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_MOZILLAFIREFOX-110628.NASL
    descriptionMozilla Firefox was updated to the 3.6.18 security release. - Miscellaneous memory safety hazards. (MFSA 2011-19 / CVE-2011-2374 / CVE-2011-2376 / CVE-2011-2364 / CVE-2011-2365) - (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled. (MFSA 2011-20 / CVE-2011-2373) - (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images. (MFSA 2011-21 / CVE-2011-2377) - (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight(). (MFSA 2011-22 / CVE-2011-2371) - Multiple dangling pointer vulnerabilities. (MFSA 2011-23 / CVE-2011-0083 / CVE-2011-0085 / CVE-2011-2363) - (bmo#616264) Cookie isolation error. (MFSA 2011-24 / CVE-2011-2362)
    last seen2020-06-01
    modified2020-06-02
    plugin id55483
    published2011-07-01
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/55483
    titleSuSE 11.1 Security Update : Mozilla Firefox (SAT Patch Number 4804)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(55483);
      script_version("1.12");
      script_cvs_date("Date: 2019/10/25 13:36:42");
    
      script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2364", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2376", "CVE-2011-2377");
    
      script_name(english:"SuSE 11.1 Security Update : Mozilla Firefox (SAT Patch Number 4804)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Mozilla Firefox was updated to the 3.6.18 security release.
    
      - Miscellaneous memory safety hazards. (MFSA 2011-19 /
        CVE-2011-2374 / CVE-2011-2376 / CVE-2011-2364 /
        CVE-2011-2365)
    
      - (bmo#617247) Use-after-free vulnerability when viewing
        XUL document with script disabled. (MFSA 2011-20 /
        CVE-2011-2373)
    
      - (bmo#638018, bmo#639303) Memory corruption due to
        multipart/x-mixed-replace images. (MFSA 2011-21 /
        CVE-2011-2377)
    
      - (bmo#664009) Integer overflow and arbitrary code
        execution in Array.reduceRight(). (MFSA 2011-22 /
        CVE-2011-2371)
    
      - Multiple dangling pointer vulnerabilities. (MFSA 2011-23
        / CVE-2011-0083 / CVE-2011-0085 / CVE-2011-2363)
    
      - (bmo#616264) Cookie isolation error. (MFSA 2011-24 /
        CVE-2011-2362)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozilla.org/security/announce/2011/mfsa2011-19.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozilla.org/security/announce/2011/mfsa2011-20.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozilla.org/security/announce/2011/mfsa2011-21.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozilla.org/security/announce/2011/mfsa2011-22.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozilla.org/security/announce/2011/mfsa2011-23.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mozilla.org/security/announce/2011/mfsa2011-24.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=701296"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-0083.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-0085.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2362.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2363.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2364.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2365.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2371.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2373.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2374.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2376.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2377.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply SAT patch number 4804.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:MozillaFirefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:MozillaFirefox-translations");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner192");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner192-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner192-gnome");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner192-gnome-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner192-translations");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner192-translations-32bit");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/06/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/07/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, "SuSE 11.1");
    
    
    flag = 0;
    if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"MozillaFirefox-3.6.18-0.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"MozillaFirefox-translations-3.6.18-0.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"mozilla-xulrunner192-1.9.2.18-1.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"mozilla-xulrunner192-gnome-1.9.2.18-1.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"mozilla-xulrunner192-translations-1.9.2.18-1.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"MozillaFirefox-3.6.18-0.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"MozillaFirefox-translations-3.6.18-0.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"mozilla-xulrunner192-1.9.2.18-1.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"mozilla-xulrunner192-32bit-1.9.2.18-1.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"mozilla-xulrunner192-gnome-1.9.2.18-1.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"mozilla-xulrunner192-gnome-32bit-1.9.2.18-1.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"mozilla-xulrunner192-translations-1.9.2.18-1.2.1")) flag++;
    if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"mozilla-xulrunner192-translations-32bit-1.9.2.18-1.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:1, reference:"MozillaFirefox-3.6.18-0.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:1, reference:"MozillaFirefox-translations-3.6.18-0.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:1, reference:"mozilla-xulrunner192-1.9.2.18-1.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:1, reference:"mozilla-xulrunner192-gnome-1.9.2.18-1.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:1, reference:"mozilla-xulrunner192-translations-1.9.2.18-1.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:1, cpu:"s390x", reference:"mozilla-xulrunner192-32bit-1.9.2.18-1.2.1")) flag++;
    if (rpm_check(release:"SLES11", sp:1, cpu:"x86_64", reference:"mozilla-xulrunner192-32bit-1.9.2.18-1.2.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-2268.NASL
    descriptionSeveral vulnerabilities have been found in Iceweasel, a web browser based on Firefox : - CVE-2011-0083 / CVE-2011-2363
    last seen2020-03-17
    modified2011-07-05
    plugin id55488
    published2011-07-05
    reporterThis script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/55488
    titleDebian DSA-2268-1 : iceweasel - several vulnerabilities
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-2268. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(55488);
      script_version("1.18");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2376");
      script_bugtraq_id(48357, 48358, 48360, 48361, 48366, 48368, 48372, 48373, 48376);
      script_xref(name:"DSA", value:"2268");
    
      script_name(english:"Debian DSA-2268-1 : iceweasel - several vulnerabilities");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Several vulnerabilities have been found in Iceweasel, a web browser
    based on Firefox :
    
      - CVE-2011-0083 / CVE-2011-2363
        'regenrecht' discovered two use-after-frees in SVG
        processing, which could lead to the execution of
        arbitrary code.
    
      - CVE-2011-0085
        'regenrecht' discovered a use-after-free in XUL
        processing, which could lead to the execution of
        arbitrary code.
    
      - CVE-2011-2362
        David Chan discovered that cookies were insufficiently
        isolated.
    
      - CVE-2011-2371
        Chris Rohlf and Yan Ivnitskiy discovered an integer
        overflow in the JavaScript engine, which could lead to
        the execution of arbitrary code.
    
      - CVE-2011-2373
        Martin Barbella discovered a use-after-free in XUL
        processing, which could lead to the execution of
        arbitrary code.
    
      - CVE-2011-2374
        Bob Clary, Kevin Brosnan, Nils, Gary Kwong, Jesse
        Ruderman and Christian Biesinger discovered memory
        corruption bugs, which may lead to the execution of
        arbitrary code.
    
      - CVE-2011-2376
        Luke Wagner and Gary Kwong discovered memory corruption
        bugs, which may lead to the execution of arbitrary code."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-0083"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2363"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-0085"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2362"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2371"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2373"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2374"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2376"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/squeeze/iceweasel"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2011/dsa-2268"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the iceweasel packages.
    
    For the oldstable distribution (lenny), this problem has been fixed in
    version 1.9.0.19-12 of the xulrunner source package.
    
    For the stable distribution (squeeze), this problem has been fixed in
    version 3.5.16-8."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:iceweasel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/07/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/07/05");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"5.0", prefix:"iceweasel", reference:"1.9.0.19-12")) flag++;
    if (deb_check(release:"6.0", prefix:"iceweasel", reference:"3.5.16-8")) flag++;
    if (deb_check(release:"6.0", prefix:"iceweasel-dbg", reference:"3.5.16-8")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_MOZILLAFIREFOX-7596.NASL
    descriptionMozilla Firefox was updated to the 3.6.18 security release. - Miscellaneous memory safety hazards. (MFSA 2011-19 / CVE-2011-2374 / CVE-2011-2376 / CVE-2011-2364 / CVE-2011-2365) - (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled. (MFSA 2011-20 / CVE-2011-2373) - (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images. (MFSA 2011-21 / CVE-2011-2377) - (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight(). (MFSA 2011-22 / CVE-2011-2371) - Multiple dangling pointer vulnerabilities. (MFSA 2011-23 / CVE-2011-0083 / CVE-2011-0085 / CVE-2011-2363) - (bmo#616264) Cookie isolation error. (MFSA 2011-24 / CVE-2011-2362)
    last seen2020-06-01
    modified2020-06-02
    plugin id57149
    published2011-12-13
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/57149
    titleSuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7596)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(57149);
      script_version ("1.9");
      script_cvs_date("Date: 2019/10/25 13:36:43");
    
      script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2364", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2376", "CVE-2011-2377");
    
      script_name(english:"SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7596)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Mozilla Firefox was updated to the 3.6.18 security release.
    
      - Miscellaneous memory safety hazards. (MFSA 2011-19 /
        CVE-2011-2374 / CVE-2011-2376 / CVE-2011-2364 /
        CVE-2011-2365)
    
      - (bmo#617247) Use-after-free vulnerability when viewing
        XUL document with script disabled. (MFSA 2011-20 /
        CVE-2011-2373)
    
      - (bmo#638018, bmo#639303) Memory corruption due to
        multipart/x-mixed-replace images. (MFSA 2011-21 /
        CVE-2011-2377)
    
      - (bmo#664009) Integer overflow and arbitrary code
        execution in Array.reduceRight(). (MFSA 2011-22 /
        CVE-2011-2371)
    
      - Multiple dangling pointer vulnerabilities. (MFSA 2011-23
        / CVE-2011-0083 / CVE-2011-0085 / CVE-2011-2363)
    
      - (bmo#616264) Cookie isolation error. (MFSA 2011-24 /
        CVE-2011-2362)"
      );
      # http://www.mozilla.org/security/announce/2011/mfsa2011-19.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-19/"
      );
      # http://www.mozilla.org/security/announce/2011/mfsa2011-20.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-20/"
      );
      # http://www.mozilla.org/security/announce/2011/mfsa2011-21.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-21/"
      );
      # http://www.mozilla.org/security/announce/2011/mfsa2011-22.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-22/"
      );
      # http://www.mozilla.org/security/announce/2011/mfsa2011-23.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-23/"
      );
      # http://www.mozilla.org/security/announce/2011/mfsa2011-24.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-24/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-0083.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-0085.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2362.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2363.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2364.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2365.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2371.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2373.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2374.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2376.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-2377.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7596.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2011/06/30");
      script_set_attribute(attribute:"patch_publication_date", value:"2011/06/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/12/13");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:4, reference:"MozillaFirefox-3.6.18-0.5.1")) flag++;
    if (rpm_check(release:"SLED10", sp:4, reference:"MozillaFirefox-translations-3.6.18-0.5.1")) flag++;
    if (rpm_check(release:"SLED10", sp:4, reference:"mozilla-xulrunner192-1.9.2.18-1.6.1")) flag++;
    if (rpm_check(release:"SLED10", sp:4, reference:"mozilla-xulrunner192-gnome-1.9.2.18-1.6.1")) flag++;
    if (rpm_check(release:"SLED10", sp:4, reference:"mozilla-xulrunner192-translations-1.9.2.18-1.6.1")) flag++;
    if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"mozilla-xulrunner192-32bit-1.9.2.18-1.6.1")) flag++;
    if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"mozilla-xulrunner192-gnome-32bit-1.9.2.18-1.6.1")) flag++;
    if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"mozilla-xulrunner192-translations-32bit-1.9.2.18-1.6.1")) flag++;
    if (rpm_check(release:"SLES10", sp:4, reference:"MozillaFirefox-3.6.18-0.5.1")) flag++;
    if (rpm_check(release:"SLES10", sp:4, reference:"MozillaFirefox-translations-3.6.18-0.5.1")) flag++;
    if (rpm_check(release:"SLES10", sp:4, reference:"mozilla-xulrunner192-1.9.2.18-1.6.1")) flag++;
    if (rpm_check(release:"SLES10", sp:4, reference:"mozilla-xulrunner192-gnome-1.9.2.18-1.6.1")) flag++;
    if (rpm_check(release:"SLES10", sp:4, reference:"mozilla-xulrunner192-translations-1.9.2.18-1.6.1")) flag++;
    if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"mozilla-xulrunner192-32bit-1.9.2.18-1.6.1")) flag++;
    if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"mozilla-xulrunner192-gnome-32bit-1.9.2.18-1.6.1")) flag++;
    if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"mozilla-xulrunner192-translations-32bit-1.9.2.18-1.6.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_3_MOZILLATHUNDERBIRD-110627.NASL
    descriptionMozilla Thunderbird was updated to the 3.1.11 release. It has new features, fixes lots of bugs, and also fixes the following security issues : - MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards - MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled - MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images - MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight() - MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 Multiple dangling pointer vulnerabilities - MFSA 2011-24/CVE-2011-2362 (bmo#616264) Cookie isolation error
    last seen2020-06-01
    modified2020-06-02
    plugin id75665
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/75665
    titleopenSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4800)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update MozillaThunderbird-4800.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(75665);
      script_version("1.3");
      script_cvs_date("Date: 2019/10/25 13:36:41");
    
      script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2364", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2376", "CVE-2011-2377");
    
      script_name(english:"openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4800)");
      script_summary(english:"Check for the MozillaThunderbird-4800 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Mozilla Thunderbird was updated to the 3.1.11 release.
    
    It has new features, fixes lots of bugs, and also fixes the following
    security issues :
    
      - MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364
        CVE-2011-2365 Miscellaneous memory safety hazards
    
      - MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free
        vulnerability when viewing XUL document with script
        disabled
    
      - MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303)
        Memory corruption due to multipart/x-mixed-replace
        images
    
      - MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow
        and arbitrary code execution in Array.reduceRight()
    
      - MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363
        Multiple dangling pointer vulnerabilities
    
      - MFSA 2011-24/CVE-2011-2362 (bmo#616264) Cookie isolation
        error"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=701296"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected MozillaThunderbird packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:enigmail");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/06/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.3", reference:"MozillaThunderbird-3.1.11-0.11.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"MozillaThunderbird-devel-3.1.11-0.11.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"MozillaThunderbird-translations-common-3.1.11-0.11.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"MozillaThunderbird-translations-other-3.1.11-0.11.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"enigmail-1.1.2-9.11.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaThunderbird");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-2269.NASL
    descriptionSeveral vulnerabilities have been found in the Iceape internet suite, an unbranded version of SeaMonkey : - CVE-2011-0083 / CVE-2011-2363
    last seen2020-03-17
    modified2011-07-05
    plugin id55489
    published2011-07-05
    reporterThis script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/55489
    titleDebian DSA-2269-1 : iceape - several vulnerabilities
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-2269. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(55489);
      script_version("1.16");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2011-0083", "CVE-2011-0085", "CVE-2011-2362", "CVE-2011-2363", "CVE-2011-2365", "CVE-2011-2371", "CVE-2011-2373", "CVE-2011-2374", "CVE-2011-2376");
      script_xref(name:"DSA", value:"2269");
    
      script_name(english:"Debian DSA-2269-1 : iceape - several vulnerabilities");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Several vulnerabilities have been found in the Iceape internet suite,
    an unbranded version of SeaMonkey :
    
      - CVE-2011-0083 / CVE-2011-2363
        'regenrecht' discovered two use-after-frees in SVG
        processing, which could lead to the execution of
        arbitrary code.
    
      - CVE-2011-0085
        'regenrecht' discovered a use-after-free in XUL
        processing, which could lead to the execution of
        arbitrary code.
    
      - CVE-2011-2362
        David Chan discovered that cookies were insufficiently
        isolated.
    
      - CVE-2011-2371
        Chris Rohlf and Yan Ivnitskiy discovered an integer
        overflow in the JavaScript engine, which could lead to
        the execution of arbitrary code.
    
      - CVE-2011-2373
        Martin Barbella discovered a use-after-free in XUL
        processing, which could lead to the execution of
        arbitrary code.
    
      - CVE-2011-2374
        Bob Clary, Kevin Brosnan, Nils, Gary Kwong, Jesse
        Ruderman and Christian Biesinger discovered memory
        corruption bugs, which may lead to the execution of
        arbitrary code.
    
      - CVE-2011-2376
        Luke Wagner and Gary Kwong discovered memory corruption
        bugs, which may lead to the execution of arbitrary code.
    
    The oldstable distribution (lenny) is not affected. The iceape package
    only provides the XPCOM code."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-0083"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2363"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-0085"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2362"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2371"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2373"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2374"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2011-2376"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/squeeze/iceape"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2011/dsa-2269"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the iceape packages.
    
    For the stable distribution (squeeze), this problem has been fixed in
    version 2.0.11-6."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:iceape");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/07/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/07/05");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"6.0", prefix:"iceape", reference:"2.0.11-6")) flag++;
    if (deb_check(release:"6.0", prefix:"iceape-browser", reference:"2.0.11-6")) flag++;
    if (deb_check(release:"6.0", prefix:"iceape-chatzilla", reference:"2.0.11-6")) flag++;
    if (deb_check(release:"6.0", prefix:"iceape-dbg", reference:"2.0.11-6")) flag++;
    if (deb_check(release:"6.0", prefix:"iceape-dev", reference:"2.0.11-6")) flag++;
    if (deb_check(release:"6.0", prefix:"iceape-mailnews", reference:"2.0.11-6")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1150-1.NASL
    descriptionMultiple memory vulnerabilities were discovered in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2376) Martin Barbella discovered that under certain conditions, viewing a XUL document while JavaScript was disabled caused deleted memory to be accessed. An attacker could potentially use this to crash Thunderbird or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2011-2373) Jordi Chancel discovered a vulnerability on multipart/x-mixed-replace images due to memory corruption. An attacker could potentially use this to crash Thunderbird or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2011-2377) Chris Rohlf and Yan Ivnitskiy discovered an integer overflow vulnerability in JavaScript Arrays. An attacker could potentially use this to execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2011-2371) Multiple use-after-free vulnerabilities were discovered. An attacker could potentially use these to execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) David Chan discovered that cookies did not honor same-origin conventions. This could potentially lead to cookie data being leaked to a third-party. (CVE-2011-2362). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id55605
    published2011-07-18
    reporterUbuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/55605
    titleUbuntu 10.04 LTS / 10.10 / 11.04 : thunderbird vulnerabilities (USN-1150-1)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1149-1.NASL
    descriptionMultiple memory vulnerabilities were discovered in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2376) Martin Barbella discovered that under certain conditions, viewing a XUL document while JavaScript was disabled caused deleted memory to be accessed. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-2373) Jordi Chancel discovered a vulnerability on multipart/x-mixed-replace images due to memory corruption. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-2377) Chris Rohlf and Yan Ivnitskiy discovered an integer overflow vulnerability in JavaScript Arrays. An attacker could potentially use this to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-2371) Multiple use-after-free vulnerabilities were discovered. An attacker could potentially use these to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) David Chan discovered that cookies did not honor same-origin conventions. This could potentially lead to cookie data being leaked to a third-party. (CVE-2011-2362). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id55407
    published2011-06-23
    reporterUbuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/55407
    titleUbuntu 10.04 LTS / 10.10 : firefox, xulrunner-1.9.2 vulnerabilities (USN-1149-1)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2011-0888.NASL
    descriptionUpdated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey handled malformed JPEG images. A website containing a malicious JPEG image could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-2377) Multiple dangling pointer flaws were found in SeaMonkey. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way SeaMonkey handled JavaScript Array objects. A website containing malicious JavaScript could cause SeaMonkey to execute that JavaScript with the privileges of the user running SeaMonkey. (CVE-2011-2371) A use-after-free flaw was found in the way SeaMonkey handled malformed JavaScript. A website containing malicious JavaScript could cause SeaMonkey to execute that JavaScript with the privileges of the user running SeaMonkey. (CVE-2011-2373) It was found that SeaMonkey could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing
    last seen2020-06-01
    modified2020-06-02
    plugin id55836
    published2011-08-15
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/55836
    titleCentOS 4 : seamonkey (CESA-2011:0888)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2011-0886.NASL
    descriptionFrom Red Hat Security Advisory 2011:0886 : An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing
    last seen2020-06-01
    modified2020-06-02
    plugin id68294
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68294
    titleOracle Linux 6 : thunderbird (ELSA-2011-0886)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2011-0888.NASL
    descriptionUpdated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey handled malformed JPEG images. A website containing a malicious JPEG image could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-2377) Multiple dangling pointer flaws were found in SeaMonkey. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way SeaMonkey handled JavaScript Array objects. A website containing malicious JavaScript could cause SeaMonkey to execute that JavaScript with the privileges of the user running SeaMonkey. (CVE-2011-2371) A use-after-free flaw was found in the way SeaMonkey handled malformed JavaScript. A website containing malicious JavaScript could cause SeaMonkey to execute that JavaScript with the privileges of the user running SeaMonkey. (CVE-2011-2373) It was found that SeaMonkey could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing
    last seen2020-06-01
    modified2020-06-02
    plugin id55401
    published2011-06-22
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/55401
    titleRHEL 4 : seamonkey (RHSA-2011:0888)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_MOZILLAFIREFOX-7597.NASL
    descriptionMozilla Firefox was updated to the 3.6.18 security release. - Miscellaneous memory safety hazards. (MFSA 2011-19 / CVE-2011-2374 / CVE-2011-2376 / CVE-2011-2364 / CVE-2011-2365) - (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled. (MFSA 2011-20 / CVE-2011-2373) - (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images. (MFSA 2011-21 / CVE-2011-2377) - (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight(). (MFSA 2011-22 / CVE-2011-2371) - Multiple dangling pointer vulnerabilities. (MFSA 2011-23 / CVE-2011-0083 / CVE-2011-0085 / CVE-2011-2363) - (bmo#616264) Cookie isolation error. (MFSA 2011-24 / CVE-2011-2362)
    last seen2020-06-01
    modified2020-06-02
    plugin id55485
    published2011-07-01
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/55485
    titleSuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7597)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_FIREFOX_3_6_18.NASL
    descriptionThe installed version of Firefox is 3.6.x earlier than 3.6.18. Such versions are potentially affected by the following security issues : - Multiple memory safety issues can lead to application crashes and possibly remote code execution. (CVE-2011-2374, CVE-2011-2376, CVE-2011-2364, CVE-2011-2365) - A use-after-free issue when viewing XUL documents with scripts disabled could lead to code execution. (CVE-2011-2373) - A memory corruption issue due to multipart / x-mixed-replace images could lead to memory corruption. (CVE-2011-2377) - When a JavaScript Array object has its length set to an extremely large value, the iteration of array elements that occurs when its reduceRight method is called could result in code execution due to an invalid index value being used. (CVE-2011-2371) - Multiple dangling pointer vulnerabilities could lead to code execution. (CVE-2011-0083, CVE-2011-2363, CVE-2011-0085) - An error in the way cookies are handled could lead to information disclosure. (CVE-2011-2362)
    last seen2020-06-01
    modified2020-06-02
    plugin id55418
    published2011-06-24
    reporterThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/55418
    titleFirefox 3.6 < 3.6.18 Multiple Vulnerabilities (Mac OS X)
  • NASL familyWindows
    NASL idMOZILLA_FIREFOX_3618.NASL
    descriptionThe installed version of Firefox 3.6 is earlier than 3.6.18. Such versions are potentially affected by the following security issues : - Multiple memory safety issues can lead to application crashes and possibly remote code execution. (CVE-2011-2374, CVE-2011-2376, CVE-2011-2364, CVE-2011-2365) - A use-after-free issue when viewing XUL documents with scripts disabled could lead to code execution. (CVE-2011-2373) - A memory corruption issue due to multipart / x-mixed-replace images could lead to memory corruption. (CVE-2011-2377) - When a JavaScript Array object has its length set to an extremely large value, the iteration of array elements that occurs when its reduceRight method is called could result in code execution due to an invalid index value being used. (CVE-2011-2371) - Multiple dangling pointer vulnerabilities could lead to code execution. (CVE-2011-0083, CVE-2011-2363, CVE-2011-0085) - An error in the way cookies are handled could lead to information disclosure. (CVE-2011-2362)
    last seen2020-06-01
    modified2020-06-02
    plugin id55287
    published2011-06-21
    reporterThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/55287
    titleFirefox 3.6 < 3.6.18 Multiple Vulnerabilities
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2011-0885.NASL
    descriptionFrom Red Hat Security Advisory 2011:0885 : Updated firefox packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the way Firefox handled malformed JPEG images. A website containing a malicious JPEG image could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2377) Multiple dangling pointer flaws were found in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Firefox handled JavaScript Array objects. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2371) A use-after-free flaw was found in the way Firefox handled malformed JavaScript. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2373) It was found that Firefox could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing
    last seen2020-06-01
    modified2020-06-02
    plugin id68293
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68293
    titleOracle Linux 4 / 5 / 6 : firefox (ELSA-2011-0885)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2011-0887.NASL
    descriptionAn updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Thunderbird handled JavaScript Array objects. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2371) A use-after-free flaw was found in the way Thunderbird handled malformed JavaScript. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2373) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing
    last seen2020-06-01
    modified2020-06-02
    plugin id55400
    published2011-06-22
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/55400
    titleRHEL 4 / 5 : thunderbird (RHSA-2011:0887)
  • NASL familyWindows
    NASL idMOZILLA_THUNDERBIRD_3111.NASL
    descriptionThe installed version of Thunderbird 3.1 is earlier than 3.1.11. Such versions are potentially affected by the following security issues : - Multiple memory safety issues can lead to application crashes and possibly remote code execution. (CVE-2011-2374, CVE-2011-2376, CVE-2011-2364, CVE-2011-2365) - A use-after-free issue when viewing XUL documents with scripts disabled could lead to code execution. (CVE-2011-2373) - A memory corruption issue due to multipart / x-mixed-replace images could lead to memory corruption. (CVE-2011-2377) - When a JavaScript Array object has its length set to an extremely large value, the iteration of array elements that occurs when its reduceRight method is called could result in code execution due to an invalid index value being used. (CVE-2011-2371) - Multiple dangling pointer vulnerabilities could lead to code execution. (CVE-2011-0083, CVE-2011-2363, CVE-2011-0085) - An error in the way cookies are handled could lead to information disclosure. (CVE-2011-2362)
    last seen2020-06-01
    modified2020-06-02
    plugin id55289
    published2011-06-21
    reporterThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/55289
    titleMozilla Thunderbird 3.1 < 3.1.11 Multiple Vulnerabilities
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2011-0887.NASL
    descriptionFrom Red Hat Security Advisory 2011:0887 : An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Thunderbird handled JavaScript Array objects. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2371) A use-after-free flaw was found in the way Thunderbird handled malformed JavaScript. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2373) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing
    last seen2020-06-01
    modified2020-06-02
    plugin id68295
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68295
    titleOracle Linux 4 : thunderbird (ELSA-2011-0887)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2011-0885.NASL
    descriptionUpdated firefox packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the way Firefox handled malformed JPEG images. A website containing a malicious JPEG image could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2377) Multiple dangling pointer flaws were found in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Firefox handled JavaScript Array objects. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2371) A use-after-free flaw was found in the way Firefox handled malformed JavaScript. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2373) It was found that Firefox could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing
    last seen2020-06-01
    modified2020-06-02
    plugin id55404
    published2011-06-23
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/55404
    titleCentOS 4 / 5 : firefox (CESA-2011:0885)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20110621_SEAMONKEY_ON_SL4_X.NASL
    descriptionSeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey handled malformed JPEG images. A website containing a malicious JPEG image could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-2377) Multiple dangling pointer flaws were found in SeaMonkey. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way SeaMonkey handled JavaScript Array objects. A website containing malicious JavaScript could cause SeaMonkey to execute that JavaScript with the privileges of the user running SeaMonkey. (CVE-2011-2371) A use-after-free flaw was found in the way SeaMonkey handled malformed JavaScript. A website containing malicious JavaScript could cause SeaMonkey to execute that JavaScript with the privileges of the user running SeaMonkey. (CVE-2011-2373) It was found that SeaMonkey could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing
    last seen2020-06-01
    modified2020-06-02
    plugin id61072
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61072
    titleScientific Linux Security Update : seamonkey on SL4.x i386/x86_64
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201301-01.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201301-01 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL&rsquo;s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser&rsquo;s font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id63402
    published2013-01-08
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63402
    titleGLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2011-0888.NASL
    descriptionFrom Red Hat Security Advisory 2011:0888 : Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey handled malformed JPEG images. A website containing a malicious JPEG image could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-2377) Multiple dangling pointer flaws were found in SeaMonkey. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way SeaMonkey handled JavaScript Array objects. A website containing malicious JavaScript could cause SeaMonkey to execute that JavaScript with the privileges of the user running SeaMonkey. (CVE-2011-2371) A use-after-free flaw was found in the way SeaMonkey handled malformed JavaScript. A website containing malicious JavaScript could cause SeaMonkey to execute that JavaScript with the privileges of the user running SeaMonkey. (CVE-2011-2373) It was found that SeaMonkey could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing
    last seen2020-06-01
    modified2020-06-02
    plugin id68296
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68296
    titleOracle Linux 4 : seamonkey (ELSA-2011-0888)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2011-0887.NASL
    descriptionAn updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Thunderbird handled JavaScript Array objects. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2371) A use-after-free flaw was found in the way Thunderbird handled malformed JavaScript. Malicious content could cause Thunderbird to execute JavaScript with the privileges of the user running Thunderbird. (CVE-2011-2373) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing
    last seen2020-06-01
    modified2020-06-02
    plugin id55405
    published2011-06-23
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/55405
    titleCentOS 4 / 5 : thunderbird (CESA-2011:0887)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1149-2.NASL
    descriptionUSN-1149-1 fixed vulnerabilities in Firefox. Unfortunately, a regression was introduced that prevented cookies from being stored properly when the hostname was a single character. This update fixes the problem. We apologize for the inconvenience. Multiple memory vulnerabilities were discovered in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2376) Martin Barbella discovered that under certain conditions, viewing a XUL document while JavaScript was disabled caused deleted memory to be accessed. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-2373) Jordi Chancel discovered a vulnerability on multipart/x-mixed-replace images due to memory corruption. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-2377) Chris Rohlf and Yan Ivnitskiy discovered an integer overflow vulnerability in JavaScript Arrays. An attacker could potentially use this to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-2371) Multiple use-after-free vulnerabilities were discovered. An attacker could potentially use these to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) David Chan discovered that cookies did not honor same-origin conventions. This could potentially lead to cookie data being leaked to a third-party. (CVE-2011-2362). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id55469
    published2011-06-30
    reporterUbuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/55469
    titleUbuntu 10.04 LTS / 10.10 : firefox regression (USN-1149-2)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_4_MOZILLATHUNDERBIRD-110628.NASL
    descriptionMozilla Thunderbird was updated to the 3.1.11 release. It has new features, fixes lots of bugs, and also fixes the following security issues: dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight() dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 Multiple dangling pointer vulnerabilities dbg114-MozillaThunderbird-4800 MozillaThunderbird-4800 new_updateinfo MFSA 2011-24/CVE-2011-2362 (bmo#616264) Cookie isolation error
    last seen2020-06-01
    modified2020-06-02
    plugin id75965
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/75965
    titleopenSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4800)

Oval

accepted2014-10-06T04:01:16.815-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationDTCC
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameShane Shaffer
    organizationG2, Inc.
  • nameRichard Helbing
    organizationbaramundi software
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
definition_extensions
  • commentMozilla Thunderbird Mainline release is installed
    ovaloval:org.mitre.oval:def:22093
  • commentMozilla Firefox Mainline release is installed
    ovaloval:org.mitre.oval:def:22259
  • commentMozilla Thunderbird Mainline release is installed
    ovaloval:org.mitre.oval:def:22093
  • commentMozilla Thunderbird Mainline release is installed
    ovaloval:org.mitre.oval:def:22093
  • commentMozilla Thunderbird Mainline release is installed
    ovaloval:org.mitre.oval:def:22093
descriptionUnspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2364.
familywindows
idoval:org.mitre.oval:def:14184
statusaccepted
submitted2011-11-25T18:18:10.000-05:00
titleUnspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2364.
version32

Redhat

advisories
  • rhsa
    idRHSA-2011:0885
  • rhsa
    idRHSA-2011:0886
  • rhsa
    idRHSA-2011:0887
  • rhsa
    idRHSA-2011:0888
rpms
  • firefox-0:3.6.18-1.el5_6
  • firefox-0:3.6.18-1.el6_1
  • firefox-0:3.6.18-2.el4
  • firefox-debuginfo-0:3.6.18-1.el5_6
  • firefox-debuginfo-0:3.6.18-1.el6_1
  • firefox-debuginfo-0:3.6.18-2.el4
  • xulrunner-0:1.9.2.18-2.el5_6
  • xulrunner-0:1.9.2.18-2.el6_1
  • xulrunner-debuginfo-0:1.9.2.18-2.el5_6
  • xulrunner-debuginfo-0:1.9.2.18-2.el6_1
  • xulrunner-devel-0:1.9.2.18-2.el5_6
  • xulrunner-devel-0:1.9.2.18-2.el6_1
  • thunderbird-0:3.1.11-2.el6_1
  • thunderbird-debuginfo-0:3.1.11-2.el6_1
  • thunderbird-0:1.5.0.12-39.el4
  • thunderbird-0:2.0.0.24-18.el5_6
  • thunderbird-debuginfo-0:1.5.0.12-39.el4
  • thunderbird-debuginfo-0:2.0.0.24-18.el5_6
  • seamonkey-0:1.0.9-71.el4
  • seamonkey-chat-0:1.0.9-71.el4
  • seamonkey-debuginfo-0:1.0.9-71.el4
  • seamonkey-devel-0:1.0.9-71.el4
  • seamonkey-dom-inspector-0:1.0.9-71.el4
  • seamonkey-js-debugger-0:1.0.9-71.el4
  • seamonkey-mail-0:1.0.9-71.el4