Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors.
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
http://secunia.com/advisories/36669
http://secunia.com/advisories/36670
http://secunia.com/advisories/36671
http://secunia.com/advisories/36692
http://secunia.com/advisories/37098
http://secunia.com/advisories/38977
http://secunia.com/advisories/39001
http://www.debian.org/security/2009/dsa-1885
http://www.mozilla.org/security/announce/2009/mfsa2009-47.html
http://www.mozilla.org/security/announce/2010/mfsa2010-07.html
http://www.novell.com/linux/security/advisories/2009_48_firefox.html
http://www.redhat.com/support/errata/RHSA-2009-1430.html
http://www.redhat.com/support/errata/RHSA-2009-1431.html
http://www.redhat.com/support/errata/RHSA-2009-1432.html
http://www.redhat.com/support/errata/RHSA-2010-0153.html
http://www.redhat.com/support/errata/RHSA-2010-0154.html
http://www.securityfocus.com/bid/36343
http://www.ubuntu.com/usn/USN-915-1
http://www.vupen.com/english/advisories/2010/0648
http://www.vupen.com/english/advisories/2010/0650
https://bugzilla.mozilla.org/show_bug.cgi?id=494283
https://bugzilla.mozilla.org/show_bug.cgi?id=501900
https://bugzilla.mozilla.org/show_bug.cgi?id=508074
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10349
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6315
Source: MITRE
Published: 2009-09-10
Updated: 2017-09-19
Type: NVD-CWE-noinfo
Base Score: 10
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 10
Severity: HIGH
OR
cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9_rc:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:beta_1:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.21:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0_.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0_.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0_.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0_.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0_.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0_.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0_.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0_8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* versions up to 3.0.13 (inclusive)
OR
cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
68015 | Oracle Linux 4 : thunderbird (ELSA-2010-0154) | Nessus | Oracle Linux Local Security Checks | critical |
67924 | Oracle Linux 3 : seamonkey (ELSA-2009-1432) | Nessus | Oracle Linux Local Security Checks | critical |
67923 | Oracle Linux 4 : seamonkey (ELSA-2009-1431) | Nessus | Oracle Linux Local Security Checks | critical |
67922 | Oracle Linux 4 / 5 : firefox (ELSA-2009-1430) | Nessus | Oracle Linux Local Security Checks | critical |
63923 | RHEL 5 : thunderbird (RHSA-2010:0153) | Nessus | Red Hat Local Security Checks | critical |
63402 | GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST) | Nessus | Gentoo Local Security Checks | critical |
60750 | Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | critical |
60665 | Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | critical |
60664 | Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | critical |
52687 | SuSE 11 Security Update : Mozilla (SAT Patch Number 1328) | Nessus | SuSE Local Security Checks | critical |
49852 | SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6563) | Nessus | SuSE Local Security Checks | critical |
46687 | openSUSE Security Update : seamonkey (openSUSE-SU-2010:0273-1) | Nessus | SuSE Local Security Checks | critical |
46686 | openSUSE Security Update : seamonkey (openSUSE-SU-2010:0273-1) | Nessus | SuSE Local Security Checks | critical |
46685 | SuSE9 Security Update : epiphany (YOU Patch Number 12616) | Nessus | SuSE Local Security Checks | critical |
46271 | RHEL 4 : thunderbird (RHSA-2010:0154) | Nessus | Red Hat Local Security Checks | critical |
45521 | Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2010:071) | Nessus | Mandriva Local Security Checks | critical |
45397 | Debian DSA-2025-1 : icedove - several vulnerabilities | Nessus | Debian Local Security Checks | critical |
45376 | openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-2189) | Nessus | SuSE Local Security Checks | critical |
45375 | openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-2189) | Nessus | SuSE Local Security Checks | critical |
45361 | CentOS 5 : thunderbird (CESA-2010:0153) | Nessus | CentOS Local Security Checks | critical |
45114 | FreeBSD : mozilla -- multiple vulnerabilities (56cfe192-329f-11df-abb2-000f20797ede) | Nessus | FreeBSD Local Security Checks | critical |
5480 | Mozilla Thunderbird < 2.0.0.24 Multiple Vulnerabilities | Nessus Network Monitor | SMTP Clients | medium |
45110 | Mozilla Thunderbird < 2.0.0.24 Multiple Vulnerabilities | Nessus | Windows | high |
45108 | Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : thunderbird vulnerabilities (USN-915-1) | Nessus | Ubuntu Local Security Checks | critical |
45093 | CentOS 4 : thunderbird (CESA-2010:0154) | Nessus | CentOS Local Security Checks | critical |
44934 | SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6562) | Nessus | SuSE Local Security Checks | critical |
44750 | Debian DSA-1885-1 : xulrunner - several vulnerabilities | Nessus | Debian Local Security Checks | critical |
42189 | SuSE Security Update: Security update for Mozilla Firefox (firefox35upgrade-6562) | Nessus | SuSE Local Security Checks | critical |
41984 | openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-6495) | Nessus | SuSE Local Security Checks | critical |
41957 | SuSE 11 Security Update : Mozilla (SAT Patch Number 1328) | Nessus | SuSE Local Security Checks | critical |
41955 | SuSE 11 Security Update : Firefox (SAT Patch Number 1340) | Nessus | SuSE Local Security Checks | critical |
41039 | openSUSE Security Update : MozillaFirefox (MozillaFirefox-1312) | Nessus | SuSE Local Security Checks | critical |
41033 | openSUSE Security Update : MozillaFirefox (MozillaFirefox-1312) | Nessus | SuSE Local Security Checks | critical |
41027 | Mandriva Linux Security Advisory : firefox (MDVSA-2009:236) | Nessus | Mandriva Local Security Checks | critical |
40956 | Fedora 11 : Miro-2.5.2-4.fc11 / blam-1.8.5-14.fc11 / chmsee-1.0.1-11.fc11 / eclipse-3.4.2-15.fc11 / etc (2009-9505) | Nessus | Fedora Local Security Checks | critical |
40955 | Fedora 10 : Miro-2.0.5-4.fc10 / blam-1.8.5-14.fc10 / epiphany-2.24.3-10.fc10 / etc (2009-9494) | Nessus | Fedora Local Security Checks | critical |
40943 | Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-821-1) | Nessus | Ubuntu Local Security Checks | critical |
40935 | FreeBSD : mozilla firefox -- multiple vulnerabilities (922d2398-9e2d-11de-a998-0030843d3802) | Nessus | FreeBSD Local Security Checks | critical |
40934 | CentOS 3 : seamonkey (CESA-2009:1432) | Nessus | CentOS Local Security Checks | critical |
40933 | CentOS 4 : seamonkey (CESA-2009:1431) | Nessus | CentOS Local Security Checks | critical |
40932 | CentOS 4 / 5 : firefox / seamonkey (CESA-2009:1430) | Nessus | CentOS Local Security Checks | critical |
5161 | Mozilla Firefox < 3.0.14 / 3.5.3 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | medium |
40931 | Firefox 3.5.x < 3.5.3 Multiple Vulnerabilities | Nessus | Windows | high |
40930 | Firefox < 3.0.14 Multiple Vulnerabilities | Nessus | Windows | high |
40923 | RHEL 3 : seamonkey (RHSA-2009:1432) | Nessus | Red Hat Local Security Checks | critical |
40922 | RHEL 4 : seamonkey (RHSA-2009:1431) | Nessus | Red Hat Local Security Checks | critical |
40921 | RHEL 4 / 5 : firefox (RHSA-2009:1430) | Nessus | Red Hat Local Security Checks | critical |