Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.
VPR Score: 6.7
https://bugzilla.mozilla.org/show_bug.cgi?id=1227538
https://bugzilla.mozilla.org/show_bug.cgi?id=1245791
https://bugzilla.mozilla.org/show_bug.cgi?id=1245795
https://bugzilla.mozilla.org/show_bug.cgi?id=1246945
https://bugzilla.mozilla.org/show_bug.cgi?id=1246972
https://bugzilla.mozilla.org/show_bug.cgi?id=1247239
https://bugzilla.mozilla.org/show_bug.cgi?id=1274777
https://bugzilla.mozilla.org/show_bug.cgi?id=1276976
https://bugzilla.mozilla.org/show_bug.cgi?id=1281071
https://bugzilla.mozilla.org/show_bug.cgi?id=1285003
https://bugzilla.mozilla.org/show_bug.cgi?id=1288482
https://bugzilla.mozilla.org/show_bug.cgi?id=1289273
https://bugzilla.mozilla.org/show_bug.cgi?id=1292159
https://bugzilla.mozilla.org/show_bug.cgi?id=1292443
https://bugzilla.mozilla.org/show_bug.cgi?id=1293334
https://bugzilla.mozilla.org/show_bug.cgi?id=1294438
https://bugzilla.mozilla.org/show_bug.cgi?id=1295324
https://bugzilla.mozilla.org/show_bug.cgi?id=1298552
https://bugzilla.mozilla.org/show_bug.cgi?id=1299686
https://bugzilla.mozilla.org/show_bug.cgi?id=1300083
https://bugzilla.mozilla.org/show_bug.cgi?id=1301777
https://bugzilla.mozilla.org/show_bug.cgi?id=1302973
https://bugzilla.mozilla.org/show_bug.cgi?id=1303418
https://bugzilla.mozilla.org/show_bug.cgi?id=1303678
https://bugzilla.mozilla.org/show_bug.cgi?id=1306696
https://bugzilla.mozilla.org/show_bug.cgi?id=1308922
https://bugzilla.mozilla.org/show_bug.cgi?id=1317641
https://bugzilla.mozilla.org/show_bug.cgi?id=1321066
https://bugzilla.opensuse.org/show_bug.cgi?id=1009026
https://bugzilla.opensuse.org/show_bug.cgi?id=1010401
https://bugzilla.opensuse.org/show_bug.cgi?id=1010404
https://bugzilla.opensuse.org/show_bug.cgi?id=1010410
https://bugzilla.opensuse.org/show_bug.cgi?id=1010411
https://bugzilla.opensuse.org/show_bug.cgi?id=1010427
Severity: High
ID: 95590
File Name: openSUSE-2016-1407.nasl
Version: 3.11
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 12/7/2016
Updated: 1/19/2021
Dependencies: 12634
Risk Factor: High
VPR Score: 6.7
Base Score: 7.5
Temporal Score: 6.5
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Temporal Vector: E:H/RL:OF/RC:C
Base Score: 9.8
Temporal Score: 9.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: E:H/RL:O/RC:C
CPE: p-cpe:/a:novell:opensuse:MozillaFirefox, p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream, p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols, p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo, p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource, p-cpe:/a:novell:opensuse:MozillaFirefox-devel, p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common, p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other, p-cpe:/a:novell:opensuse:MozillaThunderbird, p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols, p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo, p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource, p-cpe:/a:novell:opensuse:MozillaThunderbird-devel, p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common, p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other, p-cpe:/a:novell:opensuse:libfreebl3, p-cpe:/a:novell:opensuse:libfreebl3-32bit, p-cpe:/a:novell:opensuse:libfreebl3-debuginfo, p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsoftokn3, p-cpe:/a:novell:opensuse:libsoftokn3-32bit, p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo, p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit, p-cpe:/a:novell:opensuse:mozilla-nss, p-cpe:/a:novell:opensuse:mozilla-nss-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-certs, p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo, p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo, p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-debugsource, p-cpe:/a:novell:opensuse:mozilla-nss-devel, p-cpe:/a:novell:opensuse:mozilla-nss-sysinit, p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo, p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-tools, p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo, cpe:/o:novell:opensuse:13.1
Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 12/5/2016
Core Impact
Metasploit (Firefox nsSMILTimeContainer::NotifyTimeChange() RCE)
CVE: CVE-2016-5289, CVE-2016-5290, CVE-2016-5291, CVE-2016-5292, CVE-2016-5293, CVE-2016-5294, CVE-2016-5295, CVE-2016-5296, CVE-2016-5297, CVE-2016-5298, CVE-2016-5299, CVE-2016-9061, CVE-2016-9062, CVE-2016-9063, CVE-2016-9064, CVE-2016-9065, CVE-2016-9066, CVE-2016-9067, CVE-2016-9068, CVE-2016-9069, CVE-2016-9070, CVE-2016-9071, CVE-2016-9072, CVE-2016-9073, CVE-2016-9074, CVE-2016-9075, CVE-2016-9076, CVE-2016-9077, CVE-2016-9078, CVE-2016-9079