HIGH
The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement JavaScript, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html
http://secunia.com/advisories/49055
http://www.mozilla.org/security/announce/2011/mfsa2011-29.html
http://www.mozilla.org/security/announce/2011/mfsa2011-31.html
http://www.mozilla.org/security/announce/2011/mfsa2011-33.html
https://bugzilla.mozilla.org/show_bug.cgi?id=655660
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14303
OR
cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*
OR
cpe:2.3:a:mozilla:thunderbird:0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5.0.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5.0.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5.0.13:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5.0.14:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.14:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.16:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.17:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.18:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.19:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.21:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.22:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:2.0.0.23:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.0.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.1.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.1.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:3.1.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* versions up to 5.0 (inclusive)
OR
cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.2:beta1:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
76020 | openSUSE Security Update : seamonkey (openSUSE-SU-2011:0957-1) | Nessus | SuSE Local Security Checks | critical |
75945 | openSUSE Security Update : MozillaFirefox (openSUSE-SU-2011:0957-2) | Nessus | SuSE Local Security Checks | critical |
75739 | openSUSE Security Update : seamonkey (openSUSE-SU-2011:0957-1) | Nessus | SuSE Local Security Checks | critical |
74612 | openSUSE Security Update : MozillaFirefox / MozillaThunderbird / seamonkey / etc (openSUSE-SU-2012:0567-1) | Nessus | SuSE Local Security Checks | critical |
63402 | GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST) | Nessus | Gentoo Local Security Checks | critical |
56562 | Ubuntu 11.04 : libvoikko regression (USN-1192-3) | Nessus | Ubuntu Local Security Checks | critical |
801346 | Mozilla Firefox 5.0 Multiple Vulnerabilities | Log Correlation Engine | Web Clients | high |
801272 | Mozilla SeaMonkey 2.x < 2.3.0 Multiple Vulnerabilities | Log Correlation Engine | Web Clients | high |
801266 | Mozilla Thunderbird 5 Multiple Vulnerabilities | Log Correlation Engine | SMTP Clients | high |
55902 | Firefox < 6.0 Multiple Vulnerabilities | Nessus | Windows | high |
55899 | Ubuntu 11.04 : mozvoikko update (USN-1192-2) | Nessus | Ubuntu Local Security Checks | critical |
55898 | Ubuntu 11.04 : firefox vulnerabilities (USN-1192-1) | Nessus | Ubuntu Local Security Checks | critical |
6012 | SeaMonkey 2.x < 2.3.0 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | high |
6010 | Mozilla Thunderbird < 6.0 Multiple Vulnerabilities | Nessus Network Monitor | SMTP Clients | high |
6008 | Mozilla Firefox < 6.0 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | high |
55887 | Mozilla Thunderbird < 6.0 Multiple Vulnerabilities | Nessus | Windows | critical |
55885 | SeaMonkey < 2.3.0 Multiple Vulnerabilities | Nessus | Windows | high |
55878 | FreeBSD : mozilla -- multiple vulnerabilities (834591a9-c82f-11e0-897d-6c626dd55a41) | Nessus | FreeBSD Local Security Checks | critical |