Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document.
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html
http://www.debian.org/security/2012/dsa-2400
http://www.debian.org/security/2012/dsa-2402
http://www.debian.org/security/2012/dsa-2406
http://www.mandriva.com/security/advisories?name=MDVSA-2012:013
http://www.mozilla.org/security/announce/2012/mfsa2012-08.html
http://www.securityfocus.com/bid/51754
https://bugzilla.mozilla.org/show_bug.cgi?id=701806
https://bugzilla.mozilla.org/show_bug.cgi?id=702466
https://exchange.xforce.ibmcloud.com/vulnerabilities/72868
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14618
OR
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
OR
OR
cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:vmware:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
80788 | Oracle Solaris Third-Party Patch Update : thunderbird (multiple_vulnerabilities_in_thunderbird6) | Nessus | Solaris Local Security Checks | critical |
76026 | openSUSE Security Update : seamonkey (seamonkey-5768) | Nessus | SuSE Local Security Checks | critical |
75969 | openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-5751) | Nessus | SuSE Local Security Checks | critical |
75961 | openSUSE Security Update : mozilla-js192 (mozilla-js192-5749) | Nessus | SuSE Local Security Checks | critical |
75951 | openSUSE Security Update : MozillaFirefox (MozillaFirefox-5750) | Nessus | SuSE Local Security Checks | critical |
74833 | openSUSE Security Update : MozillaFirefox / MozillaThunderbird / chmsee / etc (openSUSE-2012-83) | Nessus | SuSE Local Security Checks | critical |
68444 | Oracle Linux 6 : thunderbird (ELSA-2012-0080) | Nessus | Oracle Linux Local Security Checks | high |
68443 | Oracle Linux 4 / 5 / 6 : firefox (ELSA-2012-0079) | Nessus | Oracle Linux Local Security Checks | critical |
63402 | GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST) | Nessus | Gentoo Local Security Checks | critical |
61231 | Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20120131) | Nessus | Scientific Linux Local Security Checks | high |
61230 | Scientific Linux Security Update : firefox on SL4.x, SL5.x, SL6.x i386/x86_64 (20120131) | Nessus | Scientific Linux Local Security Checks | critical |
58037 | Ubuntu 11.10 : thunderbird vulnerabilities (USN-1369-1) | Nessus | Ubuntu Local Security Checks | critical |
57886 | SuSE 11.1 Security Update : Mozilla XULrunner (SAT Patch Number 5764) | Nessus | SuSE Local Security Checks | critical |
57879 | Debian DSA-2406-1 : icedove - several vulnerabilities | Nessus | Debian Local Security Checks | critical |
57874 | Ubuntu 10.04 LTS / 10.10 : xulrunner-1.9.2 vulnerabilities (USN-1353-1) | Nessus | Ubuntu Local Security Checks | critical |
57873 | Ubuntu 10.04 LTS / 10.10 / 11.04 : thunderbird vulnerabilities (USN-1350-1) | Nessus | Ubuntu Local Security Checks | critical |
57858 | SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7949) | Nessus | SuSE Local Security Checks | critical |
801371 | Mozilla Thunderbird 3.1.x Multiple Vulnerabilities | Log Correlation Engine | Web Clients | high |
801334 | Mozilla SeaMonkey 2.x < 2.7.0 Multiple Vulnerabilities | Log Correlation Engine | Web Clients | high |
801296 | Mozilla Firefox 9.0 Multiple Vulnerabilities | Log Correlation Engine | Web Clients | high |
801268 | Mozilla Firefox 3.6.x < 3.6.26 Multiple Vulnerabilities | Log Correlation Engine | Web Clients | high |
801248 | Mozilla Thunderbird 9.0 Multiple Vulnerabilities | Log Correlation Engine | Web Clients | high |
6310 | SeaMonkey 2.x < 2.7.0 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | high |
6309 | Mozilla Thunderbird 3.1.x < 3.1.18 Multiple Vulnerabilities | Nessus Network Monitor | SMTP Clients | high |
6308 | Mozilla Thunderbird < 10.0 Multiple Vulnerabilities | Nessus Network Monitor | SMTP Clients | high |
6307 | Mozilla Firefox 3.6.x < 3.6.26 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | high |
6306 | Mozilla Firefox < 10.0 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | high |
57846 | Ubuntu 10.04 LTS / 10.10 : ubufox and webfav update (USN-1355-3) | Nessus | Ubuntu Local Security Checks | critical |
57845 | Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : mozvoikko update (USN-1355-2) | Nessus | Ubuntu Local Security Checks | critical |
57844 | Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : firefox vulnerabilities (USN-1355-1) | Nessus | Ubuntu Local Security Checks | critical |
57838 | SuSE 11.1 Security Update : MozillaFirefox (SAT Patch Number 5754) | Nessus | SuSE Local Security Checks | critical |
57833 | Mandriva Linux Security Advisory : mozilla (MDVSA-2012:013) | Nessus | Mandriva Local Security Checks | critical |
57813 | Debian DSA-2402-1 : iceape - several vulnerabilities | Nessus | Debian Local Security Checks | critical |
57811 | Debian DSA-2400-1 : iceweasel - several vulnerabilities | Nessus | Debian Local Security Checks | critical |
57785 | FreeBSD : mozilla -- multiple vulnerabilities (0a9e2b72-4cb7-11e1-9146-14dae9ebcf89) | Nessus | FreeBSD Local Security Checks | critical |
57778 | CentOS 6 : thunderbird (CESA-2012:0080) | Nessus | CentOS Local Security Checks | high |
57777 | CentOS 4 / 5 / 6 : firefox (CESA-2012:0079) | Nessus | CentOS Local Security Checks | critical |
57776 | Thunderbird 3.1 < 3.1.18 Multiple Vulnerabilities (Mac OS X) | Nessus | MacOS X Local Security Checks | high |
57775 | Thunderbird 9.x Multiple Vulnerabilities (Mac OS X) | Nessus | MacOS X Local Security Checks | high |
57774 | Firefox 3.6 < 3.6.26 Multiple Vulnerabilities (Mac OS X) | Nessus | MacOS X Local Security Checks | high |
57773 | Firefox < 10.0 Multiple Vulnerabilities (Mac OS X) | Nessus | MacOS X Local Security Checks | high |
57772 | SeaMonkey < 2.7.0 Multiple Vulnerabilities | Nessus | Windows | high |
57771 | Mozilla Thunderbird 3.1.x < 3.1.18 Multiple Vulnerabilities | Nessus | Windows | high |
57770 | Mozilla Thunderbird < 10.0 Multiple Vulnerabilities | Nessus | Windows | high |
57769 | Firefox 3.6.x < 3.6.26 Multiple Vulnerabilities | Nessus | Windows | high |
57768 | Firefox < 10.0 Multiple Vulnerabilities | Nessus | Windows | high |
57761 | RHEL 6 : thunderbird (RHSA-2012:0080) | Nessus | Red Hat Local Security Checks | high |
57760 | RHEL 4 / 5 / 6 : firefox (RHSA-2012:0079) | Nessus | Red Hat Local Security Checks | critical |