ID CVE-2008-0418
Summary Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js.
References
Vulnerable Configurations
  • Mozilla Firefox 2.0.0.11
    cpe:2.3:a:mozilla:firefox:2.0.0.11
  • Mozilla Seamonkey 1.1.7
    cpe:2.3:a:mozilla:seamonkey:1.1.7
  • Mozilla Thunderbird 2.0.0.11
    cpe:2.3:a:mozilla:thunderbird:2.0.0.11
CVSS
Base: 4.3 (as of 11-02-2008 - 10:33)
Impact:
Exploitability:
CWE CWE-22
CAPEC
  • Relative Path Traversal
    An attacker exploits a weakness in input validation on the target by supplying a specially constructed path utilizing dot and slash characters for the purpose of obtaining access to arbitrary files or resources. An attacker modifies a known path on the target in order to reach material that is not available through intended channels. These attacks normally involve adding additional path separators (/ or \) and/or dots (.), or encodings thereof, in various combinations in order to reach parent directories or entirely separate trees of the target's directory structure.
  • Directory Traversal
    An attacker with access to file system resources, either directly or via application logic, will use various file path specification or navigation mechanisms such as ".." in path strings and absolute paths to extend their range of access to inappropriate areas of the file system. The attacker attempts to either explore the file system for recon purposes or access directories and files that are intended to be restricted from their access. Exploring the file system can be achieved through constructing paths presented to directory listing programs, such as "ls" and 'dir', or through specially crafted programs that attempt to explore the file system. The attacker engaging in this type of activity is searching for information that can be used later in a more exploitive attack. Access to restricted directories or files can be achieved through modification of path references utilized by system applications.
  • File System Function Injection, Content Based
    An attack of this type exploits the host's trust in executing remote content including binary files. The files are poisoned with a malicious payload (targeting the file systems accessible by the target software) by the attacker and may be passed through standard channels such as via email, and standard web content like PDF and multimedia files. The attacker exploits known vulnerabilities or handling routines in the target processes. Vulnerabilities of this type have been found in a wide variety of commercial applications from Microsoft Office to Adobe Acrobat and Apple Safari web browser. When the attacker knows the standard handling routines and can identify vulnerabilities and entry points they can be exploited by otherwise seemingly normal content. Once the attack is executed, the attackers' program can access relative directories such as C:\Program Files or other standard system directories to launch further attacks. In a worst case scenario, these programs are combined with other propagation logic and work as a virus.
  • Using Slashes and URL Encoding Combined to Bypass Validation Logic
    This attack targets the encoding of the URL combined with the encoding of the slash characters. An attacker can take advantage of the multiple way of encoding an URL and abuse the interpretation of the URL. An URL may contain special character that need special syntax handling in order to be interpreted. Special characters are represented using a percentage character followed by two digits representing the octet code of the original character (%HEX-CODE). For instance US-ASCII space character would be represented with %20. This is often referred as escaped ending or percent-encoding. Since the server decodes the URL from the requests, it may restrict the access to some URL paths by validating and filtering out the URL requests it received. An attacker will try to craft an URL with a sequence of special characters which once interpreted by the server will be equivalent to a forbidden URL. It can be difficult to protect against this attack since the URL can contain other format of encoding such as UTF-8 encoding, Unicode-encoding, etc.
  • Manipulating Input to File System Calls
    An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.
  • Using Escaped Slashes in Alternate Encoding
    This attack targets the use of the backslash in alternate encoding. An attacker can provide a backslash as a leading character and causes a parser to believe that the next character is special. This is called an escape. By using that trick, the attacker tries to exploit alternate ways to encode the same character which leads to filter problems and opens avenues to attack.
  • Using Slashes in Alternate Encoding
    This attack targets the encoding of the Slash characters. An attacker would try to exploit common filtering problems related to the use of the slashes characters to gain access to resources on the target host. Directory-driven systems, such as file systems and databases, typically use the slash character to indicate traversal between directories or other container components. For murky historical reasons, PCs (and, as a result, Microsoft OSs) choose to use a backslash, whereas the UNIX world typically makes use of the forward slash. The schizophrenic result is that many MS-based systems are required to understand both forms of the slash. This gives the attacker many opportunities to discover and abuse a number of common filtering problems. The goal of this pattern is to discover server software that only applies filters to one version, but not the other.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
exploit-db via4
description Mozilla Firefox 2.0 chrome:// URI JavaScript File Request Information Disclosure Vulnerability. CVE-2008-0418. Remote exploit for linux platform
id EDB-ID:31051
last seen 2016-02-03
modified 2008-01-19
published 2008-01-19
reporter Gerry Eisenhaur
source https://www.exploit-db.com/download/31051/
title Mozilla Firefox 2.0 chrome:// URI JavaScript File Request Information Disclosure Vulnerability
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MOZILLA-XULRUNNER-5123.NASL
    description This update of the Mozilla XULRunner engine catches up on all previous security problems found in the XULRunner engine. Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA 2008-08/CVE-2008-0591 File action dialog tampering - MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing - MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI - MFSA 2008-04/CVE-2008-0417 Stored password corruption - MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities - MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory corruption (rv:1.8.1.12)
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 31697
    published 2008-03-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31697
    title openSUSE 10 Security Update : mozilla-xulrunner (mozilla-xulrunner-5123)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MOZILLA-XULRUNNER-5118.NASL
    description This update of the Mozilla XULRunner engine catches up on all previous security problems found in the XULRunner engine. Following security problems were fixed : - Web forgery overwrite with div overlay. (MFSA 2008-11 / CVE-2008-0594) - URL token stealing via stylesheet redirect. (MFSA 2008-10 / CVE-2008-0593) - Mishandling of locally-saved plain text files. (MFSA 2008-09 / CVE-2008-0592) - File action dialog tampering. (MFSA 2008-08 / CVE-2008-0591) - Web browsing history and forward navigation stealing. (MFSA 2008-06 / CVE-2008-0419) - Directory traversal via chrome: URI. (MFSA 2008-05 / CVE-2008-0418) - Stored password corruption. (MFSA 2008-04 / CVE-2008-0417) - Privilege escalation, XSS, Remote Code Execution. (MFSA 2008-03 / CVE-2008-0415) - Multiple file input focus stealing vulnerabilities. (MFSA 2008-02 / CVE-2008-0414) - Crashes with evidence of memory corruption (rv:1.8.1.12). (MFSA 2008-01 / CVE-2008-0412)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 31696
    published 2008-03-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31696
    title SuSE 10 Security Update : epiphany (ZYPP Patch Number 5118)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MOZILLATHUNDERBIRD-5095.NASL
    description This update brings Mozilla Thunderbird to security fix level of version 2.0.0.12 Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA 2008-08/CVE-2008-0591 File action dialog tampering - MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing - MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI - MFSA 2008-04/CVE-2008-0417 Stored password corruption - MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities - MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory corruption (rv:1.8.1.12)
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 31620
    published 2008-03-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31620
    title openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-5095)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200805-18.NASL
    description The remote host is affected by the vulnerability described in GLSA-200805-18 (Mozilla products: Multiple vulnerabilities) The following vulnerabilities were reported in all mentioned Mozilla products: Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren, and Paul Nickerson reported browser crashes related to JavaScript methods, possibly triggering memory corruption (CVE-2008-0412). Carsten Book, Wesley Garland, Igor Bukanov, moz_bug_r_a4, shutdown, Philip Taylor, and tgirmann reported crashes in the JavaScript engine, possibly triggering memory corruption (CVE-2008-0413). David Bloom discovered a vulnerability in the way images are treated by the browser when a user leaves a page, possibly triggering memory corruption (CVE-2008-0419). moz_bug_r_a4, Boris Zbarsky, and Johnny Stenback reported a series of privilege escalation vulnerabilities related to JavaScript (CVE-2008-1233, CVE-2008-1234, CVE-2008-1235). Mozilla developers identified browser crashes caused by the layout and JavaScript engines, possibly triggering memory corruption (CVE-2008-1236, CVE-2008-1237). moz_bug_r_a4 and Boris Zbarsky discovered that pages could escape from its sandboxed context and run with chrome privileges, and inject script content into another site, violating the browser's same origin policy (CVE-2008-0415). Gerry Eisenhaur discovered a directory traversal vulnerability when using 'flat' addons (CVE-2008-0418). Alexey Proskuryakov, Yosuke Hasegawa and Simon Montagu reported multiple character handling flaws related to the backspace character, the '0x80' character, involving zero-length non-ASCII sequences in multiple character sets, that could facilitate Cross-Site Scripting attacks (CVE-2008-0416). The following vulnerability was reported in Thunderbird and SeaMonkey: regenrecht (via iDefense) reported a heap-based buffer overflow when rendering an email message with an external MIME body (CVE-2008-0304). The following vulnerabilities were reported in Firefox, SeaMonkey and XULRunner: The fix for CVE-2008-1237 in Firefox 2.0.0.13 and SeaMonkey 1.1.9 introduced a new crash vulnerability (CVE-2008-1380). hong and Gregory Fleischer each reported a variant on earlier reported bugs regarding focus shifting in file input controls (CVE-2008-0414). Gynvael Coldwind (Vexillium) discovered that BMP images could be used to reveal uninitialized memory, and that this data could be extracted using a 'canvas' feature (CVE-2008-0420). Chris Thomas reported that background tabs could create a borderless XUL pop-up in front of pages in other tabs (CVE-2008-1241). oo.rio.oo discovered that a plain text file with a 'Content-Disposition: attachment' prevents Firefox from rendering future plain text files within the browser (CVE-2008-0592). Martin Straka reported that the '.href' property of stylesheet DOM nodes is modified to the final URI of a 302 redirect, bypassing the same origin policy (CVE-2008-0593). Gregory Fleischer discovered that under certain circumstances, leading characters from the hostname part of the 'Referer:' HTTP header are removed (CVE-2008-1238). Peter Brodersen and Alexander Klink reported that the browser automatically selected and sent a client certificate when SSL Client Authentication is requested by a server (CVE-2007-4879). Gregory Fleischer reported that web content fetched via the 'jar:' protocol was not subject to network access restrictions (CVE-2008-1240). The following vulnerabilities were reported in Firefox: Justin Dolske discovered a CRLF injection vulnerability when storing passwords (CVE-2008-0417). Michal Zalewski discovered that Firefox does not properly manage a delay timer used in confirmation dialogs (CVE-2008-0591). Emil Ljungdahl and Lars-Olof Moilanen discovered that a web forgery warning dialog is not displayed if the entire contents of a web page are in a DIV tag that uses absolute positioning (CVE-2008-0594). Impact : A remote attacker could entice a user to view a specially crafted web page or email that will trigger one of the vulnerabilities, possibly leading to the execution of arbitrary code or a Denial of Service. It is also possible for an attacker to trick a user to upload arbitrary files when submitting a form, to corrupt saved passwords for other sites, to steal login credentials, or to conduct Cross-Site Scripting and Cross-Site Request Forgery attacks. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 32416
    published 2008-05-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32416
    title GLSA-200805-18 : Mozilla products: Multiple vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MOZILLAFIREFOX-5001.NASL
    description This update brings Mozilla Firefox to security update version 2.0.0.12 Following security problems were fixed : - Web forgery overwrite with div overlay. (MFSA 2008-11 / CVE-2008-0594) - URL token stealing via stylesheet redirect. (MFSA 2008-10 / CVE-2008-0593) - Mishandling of locally-saved plain text files. (MFSA 2008-09 / CVE-2008-0592) - File action dialog tampering. (MFSA 2008-08 / CVE-2008-0591) - Web browsing history and forward navigation stealing. (MFSA 2008-06 / CVE-2008-0419) - Directory traversal via chrome: URI. (MFSA 2008-05 / CVE-2008-0418) - Stored password corruption. (MFSA 2008-04 / CVE-2008-0417) - Privilege escalation, XSS, Remote Code Execution. (MFSA 2008-03 / CVE-2008-0415) - Multiple file input focus stealing vulnerabilities. (MFSA 2008-02 / CVE-2008-0414) - Crashes with evidence of memory corruption (rv:1.8.1.12). (MFSA 2008-01 / CVE-2008-0412)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 31087
    published 2008-02-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31087
    title SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 5001)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MOZILLAFIREFOX-5002.NASL
    description This update brings Mozilla Firefox to security update version 2.0.0.12 Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA 2008-08/CVE-2008-0591 File action dialog tampering - MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing - MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI - MFSA 2008-04/CVE-2008-0417 Stored password corruption - MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities - MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory corruption (rv:1.8.1.12)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 31088
    published 2008-02-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31088
    title openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-5002)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-582-2.NASL
    description USN-582-1 fixed several vulnerabilities in Thunderbird. The upstream fixes were incomplete, and after performing certain actions Thunderbird would crash due to memory errors. This update fixes the problem. We apologize for the inconvenience. It was discovered that Thunderbird did not properly set the size of a buffer when parsing an external-body MIME-type. If a user were to open a specially crafted email, an attacker could cause a denial of service via application crash or possibly execute arbitrary code as the user. (CVE-2008-0304) Various flaws were discovered in Thunderbird and its JavaScript engine. By tricking a user into opening a malicious message, an attacker could execute arbitrary code with the user's privileges. (CVE-2008-0412, CVE-2008-0413) Various flaws were discovered in the JavaScript engine. By tricking a user into opening a malicious message, an attacker could escalate privileges within Thunderbird, perform cross-site scripting attacks and/or execute arbitrary code with the user's privileges. (CVE-2008-0415) Gerry Eisenhaur discovered that the chrome URI scheme did not properly guard against directory traversal. Under certain circumstances, an attacker may be able to load files or steal session data. Ubuntu is not vulnerable in the default installation. (CVE-2008-0418) Flaws were discovered in the BMP decoder. By tricking a user into opening a specially crafted BMP file, an attacker could obtain sensitive information. (CVE-2008-0420). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 65107
    published 2013-03-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65107
    title Ubuntu 6.06 LTS / 6.10 / 7.04 : mozilla-thunderbird (USN-582-2)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_EPIPHANY-5102.NASL
    description The Mozilla XULRunner 1.8.1 engine was updated to security update version 1.8.1.12. This includes fixes for the following security issues : - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing - MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI - MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities - MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory corruption (rv:1.8.1.12)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 31622
    published 2008-03-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31622
    title openSUSE 10 Security Update : epiphany (epiphany-5102)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MOZILLATHUNDERBIRD-5098.NASL
    description This update brings Mozilla Thunderbird to security update version 2.0.0.12 Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA 2008-08/CVE-2008-0591 File action dialog tampering - MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing - MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI - MFSA 2008-04/CVE-2008-0417 Stored password corruption - MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities - MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory corruption (rv:1.8.1.12)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 31602
    published 2008-03-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31602
    title openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-5098)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-582-1.NASL
    description It was discovered that Thunderbird did not properly set the size of a buffer when parsing an external-body MIME-type. If a user were to open a specially crafted email, an attacker could cause a denial of service via application crash or possibly execute arbitrary code as the user. (CVE-2008-0304) Various flaws were discovered in Thunderbird and its JavaScript engine. By tricking a user into opening a malicious message, an attacker could execute arbitrary code with the user's privileges. (CVE-2008-0412, CVE-2008-0413) Various flaws were discovered in the JavaScript engine. By tricking a user into opening a malicious message, an attacker could escalate privileges within Thunderbird, perform cross-site scripting attacks and/or execute arbitrary code with the user's privileges. (CVE-2008-0415) Gerry Eisenhaur discovered that the chrome URI scheme did not properly guard against directory traversal. Under certain circumstances, an attacker may be able to load files or steal session data. Ubuntu is not vulnerable in the default installation. (CVE-2008-0418) Flaws were discovered in the BMP decoder. By tricking a user into opening a specially crafted BMP file, an attacker could obtain sensitive information. (CVE-2008-0420). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 31341
    published 2008-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31341
    title Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : mozilla-thunderbird, thunderbird vulnerabilities (USN-582-1)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2008-061-01.NASL
    description New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, and -current to fix security issues.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 31323
    published 2008-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31323
    title Slackware 10.2 / 11.0 / 12.0 / current : mozilla-thunderbird (SSA:2008-061-01)
  • NASL family Windows
    NASL id MOZILLA_THUNDERBIRD_20012.NASL
    description The installed version of Thunderbird is affected by various security issues : - Several stability bugs exist leading to crashes which, in some cases, show traces of memory corruption. - Several issues exist that allow scripts from page content to escape from their sandboxed context and/or run with chrome privileges, resulting in privilege escalation, cross-site scripting, and/or remote code execution. - A directory traversal vulnerability exist via the 'chrome:' URI. - A heap-based buffer overflow exists that can be triggered when viewing an email with an external MIME body. - Multiple cross-site scripting vulnerabilities exist related to character encoding.
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 31193
    published 2008-02-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31193
    title Mozilla Thunderbird < 2.0.0.12 Multiple Vulnerabilities
  • NASL family Windows
    NASL id SEAMONKEY_118.NASL
    description The installed version of SeaMonkey is affected by various security issues : - Several stability bugs leading to crashes which, in some cases, show traces of memory corruption - Several file input focus stealing vulnerabilities that could result in uploading of arbitrary files provided their full path and file names are known. - Several issues that allow scripts from page content to escape from their sandboxed context and/or run with chrome privileges, resulting in privilege escalation, XSS, and/or remote code execution. - A directory traversal vulnerability via the 'chrome:' URI. - A vulnerability involving 'designMode' frames that may result in web browsing history and forward navigation stealing. - An information disclosure issue in the BMP decoder. - Mis-handling of locally-saved plaintext files. - Possible disclosure of sensitive URL parameters, such as session tokens, via the .href property of stylesheet DOM nodes reflecting the final URI of the stylesheet after following any 302 redirects. - A heap-based buffer overflow that can be triggered when viewing an email with an external MIME body. - Multiple cross-site scripting vulnerabilities related to character encoding.
    last seen 2019-02-21
    modified 2018-07-27
    plugin id 30210
    published 2008-02-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30210
    title SeaMonkey < 1.1.8 Multiple Vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1485.NASL
    description Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0412 Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul Nickerson discovered crashes in the layout engine, which might allow the execution of arbitrary code. - CVE-2008-0413 Carsten Book, Wesley Garland, Igor Bukanov, 'moz_bug_r_a4', 'shutdown', Philip Taylor and 'tgirmann' discovered crashes in the JavaScript engine, which might allow the execution of arbitrary code. - CVE-2008-0415 'moz_bug_r_a4' and Boris Zbarsky discovered several vulnerabilities in JavaScript handling, which could allow privilege escalation. - CVE-2008-0418 Gerry Eisenhaur and 'moz_bug_r_a4' discovered that a directory traversal vulnerability in chrome: URI handling could lead to information disclosure. - CVE-2008-0419 David Bloom discovered a race condition in the image handling of designMode elements, which can lead to information disclosure and potentially the execution of arbitrary code. - CVE-2008-0591 Michal Zalewski discovered that timers protecting security-sensitive dialogs (by disabling dialog elements until a timeout is reached) could be bypassed by window focus changes through JavaScript. The Mozilla products from the old stable distribution (sarge) are no longer supported with security updates.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 30225
    published 2008-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30225
    title Debian DSA-1485-2 : icedove - several vulnerabilities
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2008-048.NASL
    description A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.12. This update provides the latest Firefox to correct these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 37189
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37189
    title Mandriva Linux Security Advisory : mozilla-firefox (MDVSA-2008:048)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1484.NASL
    description Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0412 Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul Nickerson discovered crashes in the layout engine, which might allow the execution of arbitrary code. - CVE-2008-0413 Carsten Book, Wesley Garland, Igor Bukanov, 'moz_bug_r_a4', 'shutdown', Philip Taylor and 'tgirmann' discovered crashes in the JavaScript engine, which might allow the execution of arbitrary code. - CVE-2008-0414 'hong' and Gregory Fleischer discovered that file input focus vulnerabilities in the file upload control could allow information disclosure of local files. - CVE-2008-0415 'moz_bug_r_a4' and Boris Zbarsky discovered several vulnerabilities in JavaScript handling, which could allow privilege escalation. - CVE-2008-0417 Justin Dolske discovered that the password storage mechanism could be abused by malicious websites to corrupt existing saved passwords. - CVE-2008-0418 Gerry Eisenhaur and 'moz_bug_r_a4' discovered that a directory traversal vulnerability in chrome: URI handling could lead to information disclosure. - CVE-2008-0419 David Bloom discovered a race condition in the image handling of designMode elements, which could lead to information disclosure or potentially the execution of arbitrary code. - CVE-2008-0591 Michal Zalewski discovered that timers protecting security-sensitive dialogs (which disable dialog elements until a timeout is reached) could be bypassed by window focus changes through JavaScript. - CVE-2008-0592 It was discovered that malformed content declarations of saved attachments could prevent a user from opening local files with a '.txt' file name, resulting in minor denial of service. - CVE-2008-0593 Martin Straka discovered that insecure stylesheet handling during redirects could lead to information disclosure. - CVE-2008-0594 Emil Ljungdahl and Lars-Olof Moilanen discovered that phishing protections could be bypassed with
    elements.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 30224
    published 2008-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30224
    title Debian DSA-1484-1 : xulrunner - several vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-1435.NASL
    description Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed web content. A web page containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Firefox displayed malformed web content. A web page containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418) A flaw was found in the way Firefox saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', Firefox will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of firefox are advised to upgrade to these updated packages, which contain updated packages to resolve these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 31060
    published 2008-02-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31060
    title Fedora 7 : Miro-1.1-3.fc7 / chmsee-1.0.0-1.28.fc7 / devhelp-0.13-13.fc7 / epiphany-2.18.3-6.fc7 / etc (2008-1435)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-1459.NASL
    description - Fri Feb 8 2008 Kai Engert - 1.1.8-1 - SeaMonkey 1.1.8 - Sun Dec 2 2007 Kai Engert - 1.1.7-1 - SeaMonkey 1.1.7 - Mon Nov 5 2007 Kai Engert - 1.1.6-1 - SeaMonkey 1.1.6 - Fri Oct 19 2007 Kai Engert - 1.1.5-2 - SeaMonkey 1.1.5 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 31061
    published 2008-02-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31061
    title Fedora 8 : seamonkey-1.1.8-1.fc8 (2008-1459)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1489.NASL
    description Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0412 Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul Nickerson discovered crashes in the layout engine, which might allow the execution of arbitrary code. - CVE-2008-0413 Carsten Book, Wesley Garland, Igor Bukanov, 'moz_bug_r_a4', 'shutdown', Philip Taylor and 'tgirmann' discovered crashes in the JavaScript engine, which might allow the execution of arbitrary code. - CVE-2008-0414 'hong' and Gregory Fleischer discovered that file input focus vulnerabilities in the file upload control could allow information disclosure of local files. - CVE-2008-0415 'moz_bug_r_a4' and Boris Zbarsky discovered several vulnerabilities in JavaScript handling, which could allow privilege escalation. - CVE-2008-0417 Justin Dolske discovered that the password storage mechanism could be abused by malicious websites to corrupt existing saved passwords. - CVE-2008-0418 Gerry Eisenhaur and 'moz_bug_r_a4' discovered that a directory traversal vulnerability in chrome: URI handling could lead to information disclosure. - CVE-2008-0419 David Bloom discovered a race condition in the image handling of designMode elements, which can lead to information disclosure and potentially the execution of arbitrary code. - CVE-2008-0591 Michal Zalewski discovered that timers protecting security-sensitive dialogs (by disabling dialog elements until a timeout is reached) could be bypassed by window focus changes through JavaScript. - CVE-2008-0592 It was discovered that malformed content declarations of saved attachments could prevent a user from opening local files with a '.txt' file name, resulting in minor denial of service. - CVE-2008-0593 Martin Straka discovered that insecure stylesheet handling during redirects could lead to information disclosure. - CVE-2008-0594 Emil Ljungdahl and Lars-Olof Moilanen discovered that phishing protections could be bypassed with
    elements. The Mozilla products from the old stable distribution (sarge) are no longer supported with security updates.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 30228
    published 2008-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30228
    title Debian DSA-1489-1 : iceweasel - several vulnerabilities
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080207_FIREFOX_ON_SL4_X.NASL
    description Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Firefox displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418) A flaw was found in the way Firefox saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', Firefox will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content. (CVE-2008-0592)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60355
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60355
    title Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0103.NASL
    description From Red Hat Security Advisory 2008:0103 : Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Firefox displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418) A flaw was found in the way Firefox saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', Firefox will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of firefox are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 67647
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67647
    title Oracle Linux 4 / 5 : firefox (ELSA-2008-0103)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080207_THUNDERBIRD_ON_SL4_X.NASL
    description Several flaws were found in the way Thunderbird processed certain malformed HTML mail content. A HTML mail message containing malicious content could cause Thunderbird to crash, or potentially execute arbitrary code as the user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Thunderbird displayed malformed HTML mail content. A HTML mail message containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Thunderbird handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious HTML mail message to steal sensitive session data. Note: this flaw does not affect a default installation of Thunderbird. (CVE-2008-0418) Note: JavaScript support is disabled by default in Thunderbird; the above issues are not exploitable unless JavaScript is enabled. A flaw was found in the way Thunderbird saves certain text files. If a remote site offers a file of type 'plain/text', rather than 'text/plain', Thunderbird will not show future 'text/plain' content to the user, forcing them to save those files locally to view the content. (CVE-2008-0592)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60357
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60357
    title Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080207_SEAMONKEY_ON_SL3_X.NASL
    description Several flaws were found in the way SeaMonkey processed certain malformed web content. A webpage containing malicious content could cause SeaMonkey to crash, or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way SeaMonkey displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way SeaMonkey stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way SeaMonkey handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of SeaMonkey. (CVE-2008-0418) A flaw was found in the way SeaMonkey saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', SeaMonkey will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content. (CVE-2008-0592)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60356
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60356
    title Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2008-062.NASL
    description A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.12. This update provides the latest Thunderbird to correct these issues.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 37545
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37545
    title Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2008:062)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0103.NASL
    description Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Firefox displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418) A flaw was found in the way Firefox saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', Firefox will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of firefox are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 30220
    published 2008-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30220
    title CentOS 4 / 5 : firefox (CESA-2008:0103)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SEAMONKEY-5011.NASL
    description This update backports changes to Mozilla SeaMonkey to the level of the security update version 1.8.1.12 Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA 2008-08/CVE-2008-0591 File action dialog tampering - MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing - MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI - MFSA 2008-04/CVE-2008-0417 Stored password corruption - MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities - MFSA 2008-01/CVE-2008-0412/CVE-2008-0413 Crashes with evidence of memory corruption (rv:1.8.1.12)
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 31113
    published 2008-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31113
    title openSUSE 10 Security Update : seamonkey (seamonkey-5011)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-1669.NASL
    description - Fri Feb 8 2008 Kai Engert - 1.1.8-1 - SeaMonkey 1.1.8 - Sun Dec 2 2007 Kai Engert - 1.1.7-1 - SeaMonkey 1.1.7 - Mon Nov 5 2007 Kai Engert - 1.1.6-1 - SeaMonkey 1.1.6 - Fri Oct 19 2007 Kai Engert - 1.1.5-1 - SeaMonkey 1.1.5 - Fri Jul 27 2007 Martin Stransky - 1.1.3-2 - added pango patches - Fri Jul 20 2007 Kai Engert - 1.1.3-1 - SeaMonkey 1.1.3 - Thu May 31 2007 Kai Engert 1.1.2-1 - SeaMonkey 1.1.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 31080
    published 2008-02-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31080
    title Fedora 7 : seamonkey-1.1.8-1.fc7 (2008-1669)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0103.NASL
    description Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Firefox displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418) A flaw was found in the way Firefox saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', Firefox will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of firefox are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 30245
    published 2008-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30245
    title RHEL 4 / 5 : firefox (RHSA-2008:0103)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-576-1.NASL
    description Various flaws were discovered in the browser and JavaScript engine. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. (CVE-2008-0412, CVE-2008-0413) Flaws were discovered in the file upload form control. A malicious website could force arbitrary files from the user's computer to be uploaded without consent. (CVE-2008-0414) Various flaws were discovered in the JavaScript engine. By tricking a user into opening a malicious web page, an attacker could escalate privileges within the browser, perform cross-site scripting attacks and/or execute arbitrary code with the user's privileges. (CVE-2008-0415) Various flaws were discovered in character encoding handling. If a user were ticked into opening a malicious web page, an attacker could perform cross-site scripting attacks. (CVE-2008-0416) Justin Dolske discovered a flaw in the password saving mechanism. By tricking a user into opening a malicious web page, an attacker could corrupt the user's stored passwords. (CVE-2008-0417) Gerry Eisenhaur discovered that the chrome URI scheme did not properly guard against directory traversal. Under certain circumstances, an attacker may be able to load files or steal session data. Ubuntu is not vulnerable in the default installation. (CVE-2008-0418) David Bloom discovered flaws in the way images are treated by the browser. A malicious website could exploit this to steal the user's history information, crash the browser and/or possibly execute arbitrary code with the user's privileges. (CVE-2008-0419) Flaws were discovered in the BMP decoder. By tricking a user into opening a specially crafted BMP file, an attacker could obtain sensitive information. (CVE-2008-0420) Michal Zalewski discovered flaws with timer-enabled security dialogs. A malicious website could force the user to confirm a security dialog without explicit consent. (CVE-2008-0591) It was discovered that Firefox mishandled locally saved plain text files. By tricking a user into saving a specially crafted text file, an attacker could prevent the browser from displaying local files with a .txt extension. (CVE-2008-0592) Martin Straka discovered flaws in stylesheet handling after a 302 redirect. By tricking a user into opening a malicious web page, an attacker could obtain sensitive URL parameters. (CVE-2008-0593) Emil Ljungdahl and Lars-Olof Moilanen discovered that a web forgery warning dialog wasn't displayed under certain circumstances. A malicious website could exploit this to conduct phishing attacks against the user. (CVE-2008-0594). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 30252
    published 2008-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30252
    title Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : firefox vulnerabilities (USN-576-1)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0105.NASL
    description Updated thunderbird packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. [Updated 27th February 2008] The erratum text has been updated to include the details of additional issues that were fixed by these erratum packages, but which were not public at the time of release. No changes have been made to the packages. Mozilla Thunderbird is a standalone mail and newsgroup client. A heap-based buffer overflow flaw was found in the way Thunderbird processed messages with external-body Multipurpose Internet Message Extensions (MIME) types. A HTML mail message containing malicious content could cause Thunderbird to execute arbitrary code as the user running Thunderbird. (CVE-2008-0304) Several flaws were found in the way Thunderbird processed certain malformed HTML mail content. A HTML mail message containing malicious content could cause Thunderbird to crash, or potentially execute arbitrary code as the user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Thunderbird displayed malformed HTML mail content. A HTML mail message containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0420, CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Thunderbird handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious HTML mail message to steal sensitive session data. Note: this flaw does not affect a default installation of Thunderbird. (CVE-2008-0418) Note: JavaScript support is disabled by default in Thunderbird; the above issues are not exploitable unless JavaScript is enabled. A flaw was found in the way Thunderbird saves certain text files. If a remote site offers a file of type 'plain/text', rather than 'text/plain', Thunderbird will not show future 'text/plain' content to the user, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of thunderbird are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 30222
    published 2008-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30222
    title CentOS 4 / 5 : thunderbird (CESA-2008:0105)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-1535.NASL
    description Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed web content. A web page containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Firefox displayed malformed web content. A web page containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Firefox stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way Firefox handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of Firefox. (CVE-2008-0418) A flaw was found in the way Firefox saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', Firefox will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of firefox are advised to upgrade to these updated packages, which contain updated packages to resolve these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 31067
    published 2008-02-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31067
    title Fedora 8 : Miro-1.1-3.fc8 / blam-1.8.3-13.fc8 / chmsee-1.0.0-1.28.fc8 / devhelp-0.16.1-5.fc8 / etc (2008-1535)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SEAMONKEY-5012.NASL
    description This update brings Mozilla SeaMonkey to security update version 1.8.1.12 Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA 2008-08/CVE-2008-0591 File action dialog tampering - MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing - MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI - MFSA 2008-04/CVE-2008-0417 Stored password corruption - MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities - MFSA 2008-01/CVE-2008-0412/CVE-2008-0413 Crashes with evidence of memory corruption (rv:1.8.1.12)
    last seen 2019-02-21
    modified 2016-12-27
    plugin id 31114
    published 2008-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31114
    title openSUSE 10 Security Update : seamonkey (seamonkey-5012)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0105.NASL
    description Updated thunderbird packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. [Updated 27th February 2008] The erratum text has been updated to include the details of additional issues that were fixed by these erratum packages, but which were not public at the time of release. No changes have been made to the packages. Mozilla Thunderbird is a standalone mail and newsgroup client. A heap-based buffer overflow flaw was found in the way Thunderbird processed messages with external-body Multipurpose Internet Message Extensions (MIME) types. A HTML mail message containing malicious content could cause Thunderbird to execute arbitrary code as the user running Thunderbird. (CVE-2008-0304) Several flaws were found in the way Thunderbird processed certain malformed HTML mail content. A HTML mail message containing malicious content could cause Thunderbird to crash, or potentially execute arbitrary code as the user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Thunderbird displayed malformed HTML mail content. A HTML mail message containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0420, CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Thunderbird handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious HTML mail message to steal sensitive session data. Note: this flaw does not affect a default installation of Thunderbird. (CVE-2008-0418) Note: JavaScript support is disabled by default in Thunderbird; the above issues are not exploitable unless JavaScript is enabled. A flaw was found in the way Thunderbird saves certain text files. If a remote site offers a file of type 'plain/text', rather than 'text/plain', Thunderbird will not show future 'text/plain' content to the user, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of thunderbird are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 30247
    published 2008-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30247
    title RHEL 4 / 5 : thunderbird (RHSA-2008:0105)
  • NASL family Windows
    NASL id MOZILLA_FIREFOX_20012.NASL
    description The installed version of Firefox is affected by various security issues : - Several stability bugs leading to crashes which, in some cases, show traces of memory corruption - Several file input focus stealing vulnerabilities that could result in uploading of arbitrary files provided their full path and file names are known. - Several issues that allow scripts from page content to escape from their sandboxed context and/or run with chrome privileges, resulting in privilege escalation, XSS, and/or remote code execution. - An issue that could allow a malicious site to inject newlines into the application's password store when a user saves his password, resulting in corruption of saved passwords for other sites. - A directory traversal vulnerability via the 'chrome:' URI. - A vulnerability involving 'designMode' frames that may result in web browsing history and forward navigation stealing. - An information disclosure issue in the BMP decoder. - A file action dialog tampering vulnerability involving timer-enabled security dialogs. - Mis-handling of locally-saved plaintext files. - Possible disclosure of sensitive URL parameters, such as session tokens, via the .href property of stylesheet DOM nodes reflecting the final URI of the stylesheet after following any 302 redirects. - A failure to display a web forgery warning dialog in cases where the entire contents of a page are enclosed in a '
    ' with absolute positioning. - Multiple cross-site scripting vulnerabilities related to character encoding.
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 30209
    published 2008-02-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30209
    title Firefox < 2.0.0.12 Multiple Vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-2060.NASL
    description Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way Thunderbird processed certain malformed HTML mail content. A HTML mail message containing malicious content could cause Thunderbird to crash, or potentially execute arbitrary code as the user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Thunderbird displayed malformed HTML mail content. A HTML mail message containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Thunderbird handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious HTML mail message to steal sensitive session data. Note: this flaw does not affect a default installation of Thunderbird. (CVE-2008-0418) Note: JavaScript support is disabled by default in Thunderbird; the above issues are not exploitable unless JavaScript is enabled. A flaw was found in the way Thunderbird saves certain text files. If a remote site offers a file of type 'plain/text', rather than 'text/plain', Thunderbird will not show future 'text/plain' content to the user, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of thunderbird are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 31314
    published 2008-02-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31314
    title Fedora 8 : thunderbird-2.0.0.12-1.fc8 (2008-2060)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0104.NASL
    description From Red Hat Security Advisory 2008:0104 : Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed web content. A webpage containing malicious content could cause SeaMonkey to crash, or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way SeaMonkey displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way SeaMonkey stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way SeaMonkey handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of SeaMonkey. (CVE-2008-0418) A flaw was found in the way SeaMonkey saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', SeaMonkey will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of SeaMonkey are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 67648
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67648
    title Oracle Linux 3 / 4 : seamonkey (ELSA-2008-0104)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0104.NASL
    description Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed web content. A webpage containing malicious content could cause SeaMonkey to crash, or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way SeaMonkey displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way SeaMonkey stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way SeaMonkey handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of SeaMonkey. (CVE-2008-0418) A flaw was found in the way SeaMonkey saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', SeaMonkey will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of SeaMonkey are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 30221
    published 2008-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30221
    title CentOS 3 / 4 : seamonkey (CESA-2008:0104)
  • NASL family Windows
    NASL id NETSCAPE_BROWSER_9006.NASL
    description The installed version of Netscape is affected by various security issues : - Several stability bugs leading to crashes which, in some cases, show traces of memory corruption. - Several file input focus stealing vulnerabilities that could result in uploading of arbitrary files provided their full path and file names are known. - Several issues that allow scripts from page content to escape from their sandboxed context and/or run with chrome privileges, resulting in privilege escalation, XSS, and/or remote code execution. - An issue that could allow a malicious site to inject newlines into the application's password store when a user saves a password, resulting in corruption of saved passwords for other sites. - A directory traversal vulnerability via the 'chrome:' URI. - A vulnerability involving 'designMode' frames that may result in web browsing history and forward navigation stealing. - An information disclosure issue in the BMP decoder. - A file action dialog tampering vulnerability involving timer-enabled security dialogs. - Mis-handling of locally-saved plaintext files. - Possible disclosure of sensitive URL parameters, such as session tokens, via the .href property of stylesheet DOM nodes reflecting the final URI of the stylesheet after following any 302 redirects. - A failure to display a web forgery warning dialog in cases where the entire contents of a page are enclosed in a '
    ' with absolute positioning.
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 31135
    published 2008-02-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31135
    title Netscape Browser < 9.0.0.6 Multiple Vulnerabilities
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0105.NASL
    description From Red Hat Security Advisory 2008:0105 : Updated thunderbird packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. [Updated 27th February 2008] The erratum text has been updated to include the details of additional issues that were fixed by these erratum packages, but which were not public at the time of release. No changes have been made to the packages. Mozilla Thunderbird is a standalone mail and newsgroup client. A heap-based buffer overflow flaw was found in the way Thunderbird processed messages with external-body Multipurpose Internet Message Extensions (MIME) types. A HTML mail message containing malicious content could cause Thunderbird to execute arbitrary code as the user running Thunderbird. (CVE-2008-0304) Several flaws were found in the way Thunderbird processed certain malformed HTML mail content. A HTML mail message containing malicious content could cause Thunderbird to crash, or potentially execute arbitrary code as the user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Thunderbird displayed malformed HTML mail content. A HTML mail message containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0420, CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Thunderbird handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious HTML mail message to steal sensitive session data. Note: this flaw does not affect a default installation of Thunderbird. (CVE-2008-0418) Note: JavaScript support is disabled by default in Thunderbird; the above issues are not exploitable unless JavaScript is enabled. A flaw was found in the way Thunderbird saves certain text files. If a remote site offers a file of type 'plain/text', rather than 'text/plain', Thunderbird will not show future 'text/plain' content to the user, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of thunderbird are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 67649
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67649
    title Oracle Linux 4 : thunderbird (ELSA-2008-0105)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1506.NASL
    description Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the SeaMonkey Internet Suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0412 Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul Nickerson discovered crashes in the layout engine, which might allow the execution of arbitrary code. - CVE-2008-0413 Carsten Book, Wesley Garland, Igor Bukanov, 'moz_bug_r_a4', 'shutdown', Philip Taylor and 'tgirmann' discovered crashes in the JavaScript engine, which might allow the execution of arbitrary code. - CVE-2008-0414 'hong' and Gregory Fleischer discovered that file input focus vulnerabilities in the file upload control could allow information disclosure of local files. - CVE-2008-0415 'moz_bug_r_a4' and Boris Zbarsky discovered several vulnerabilities in JavaScript handling, which could allow privilege escalation. - CVE-2008-0417 Justin Dolske discovered that the password storage mechanism could be abused by malicious websites to corrupt existing saved passwords. - CVE-2008-0418 Gerry Eisenhaur and 'moz_bug_r_a4' discovered that a directory traversal vulnerability in chrome: URI handling could lead to information disclosure. - CVE-2008-0419 David Bloom discovered a race condition in the image handling of designMode elements, which can lead to information disclosure and potentially the execution of arbitrary code. - CVE-2008-0591 Michal Zalewski discovered that timers protecting security-sensitive dialogs (by disabling dialog elements until a timeout is reached) could be bypassed by window focus changes through JavaScript. - CVE-2008-0592 It was discovered that malformed content declarations of saved attachments could prevent a user in the opening local files with a '.txt' file name, resulting in minor denial of service. - CVE-2008-0593 Martin Straka discovered that insecure stylesheet handling during redirects could lead to information disclosure. - CVE-2008-0594 Emil Ljungdahl and Lars-Olof Moilanen discovered that phishing protections could be bypassed with
    elements. The Mozilla products from the old stable distribution (sarge) are no longer supported with security updates.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 31150
    published 2008-02-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31150
    title Debian DSA-1506-1 : iceape - several vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-2118.NASL
    description Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way Thunderbird processed certain malformed HTML mail content. A HTML mail message containing malicious content could cause Thunderbird to crash, or potentially execute arbitrary code as the user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way Thunderbird displayed malformed HTML mail content. A HTML mail message containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way Thunderbird handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious HTML mail message to steal sensitive session data. Note: this flaw does not affect a default installation of Thunderbird. (CVE-2008-0418) Note: JavaScript support is disabled by default in Thunderbird; the above issues are not exploitable unless JavaScript is enabled. A flaw was found in the way Thunderbird saves certain text files. If a remote site offers a file of type 'plain/text', rather than 'text/plain', Thunderbird will not show future 'text/plain' content to the user, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of thunderbird are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 31318
    published 2008-02-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31318
    title Fedora 7 : thunderbird-2.0.0.12-1.fc7 (2008-2118)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0104.NASL
    description Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed web content. A webpage containing malicious content could cause SeaMonkey to crash, or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419) Several flaws were found in the way SeaMonkey displayed malformed web content. A webpage containing specially crafted content could trick a user into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593) A flaw was found in the way SeaMonkey stored password data. If a user saves login information for a malicious website, it could be possible to corrupt the password database, preventing the user from properly accessing saved password data. (CVE-2008-0417) A flaw was found in the way SeaMonkey handles certain chrome URLs. If a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of SeaMonkey. (CVE-2008-0418) A flaw was found in the way SeaMonkey saves certain text files. If a website offers a file of type 'plain/text', rather than 'text/plain', SeaMonkey will not show future 'text/plain' content to the user in the browser, forcing them to save those files locally to view the content. (CVE-2008-0592) Users of SeaMonkey are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 30246
    published 2008-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30246
    title RHEL 2.1 / 3 / 4 : seamonkey (RHSA-2008:0104)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_810A5197E0D911DC891A02061B08FC24.NASL
    description The Mozilla Foundation reports of multiple security issues in Firefox, SeaMonkey, and Thunderbird. Several of these issues can probably be used to run arbitrary code with the privilege of the user running the program. - Web forgery overwrite with div overlay - URL token stealing via stylesheet redirect - Mishandling of locally-saved plain text files - File action dialog tampering - Possible information disclosure in BMP decoder - Web browsing history and forward navigation stealing - Directory traversal via chrome: URI - Stored password corruption - Privilege escalation, XSS, Remote Code Execution - Multiple file input focus stealing vulnerabilities - Crashes with evidence of memory corruption (rv:1.8.1.12)
    last seen 2019-02-21
    modified 2018-12-19
    plugin id 31155
    published 2008-02-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31155
    title FreeBSD : mozilla -- multiple vulnerabilities (810a5197-e0d9-11dc-891a-02061b08fc24)
oval via4
accepted 2013-04-29T04:07:55.247-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js.
family unix
id oval:org.mitre.oval:def:10705
status accepted
submitted 2010-07-09T03:56:16-04:00
title Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js.
version 24
redhat via4
advisories
  • rhsa
    id RHSA-2008:0103
  • rhsa
    id RHSA-2008:0104
  • rhsa
    id RHSA-2008:0105
rpms
  • firefox-0:1.5.0.12-0.10.el4
  • firefox-0:1.5.0.12-9.el5
  • firefox-devel-0:1.5.0.12-9.el5
  • seamonkey-0:1.0.9-0.9.el3
  • seamonkey-chat-0:1.0.9-0.9.el3
  • seamonkey-devel-0:1.0.9-0.9.el3
  • seamonkey-dom-inspector-0:1.0.9-0.9.el3
  • seamonkey-js-debugger-0:1.0.9-0.9.el3
  • seamonkey-mail-0:1.0.9-0.9.el3
  • seamonkey-nspr-0:1.0.9-0.9.el3
  • seamonkey-nspr-devel-0:1.0.9-0.9.el3
  • seamonkey-nss-0:1.0.9-0.9.el3
  • seamonkey-nss-devel-0:1.0.9-0.9.el3
  • seamonkey-0:1.0.9-9.el4
  • seamonkey-chat-0:1.0.9-9.el4
  • seamonkey-devel-0:1.0.9-9.el4
  • seamonkey-dom-inspector-0:1.0.9-9.el4
  • seamonkey-js-debugger-0:1.0.9-9.el4
  • seamonkey-mail-0:1.0.9-9.el4
  • seamonkey-nspr-0:1.0.9-9.el4
  • seamonkey-nspr-devel-0:1.0.9-9.el4
  • seamonkey-nss-0:1.0.9-9.el4
  • seamonkey-nss-devel-0:1.0.9-9.el4
  • thunderbird-0:1.5.0.12-8.el4
  • thunderbird-0:1.5.0.12-8.el5
refmap via4
bid 27406
bugtraq
  • 20080209 rPSA-2008-0051-1 firefox
  • 20080212 FLEA-2008-0001-1 firefox
  • 20080229 rPSA-2008-0093-1 thunderbird
cert-vn VU#309608
confirm
debian
  • DSA-1484
  • DSA-1485
  • DSA-1489
  • DSA-1506
fedora
  • FEDORA-2008-1435
  • FEDORA-2008-1459
  • FEDORA-2008-1535
  • FEDORA-2008-2060
  • FEDORA-2008-2118
gentoo GLSA-200805-18
mandriva
  • MDVSA-2008:048
  • MDVSA-2008:062
misc http://www.hiredhacker.com/2008/01/19/firefox-chrome-url-handling-directory-traversal/
sectrack 1019329
secunia
  • 28622
  • 28754
  • 28766
  • 28808
  • 28815
  • 28818
  • 28839
  • 28864
  • 28865
  • 28877
  • 28879
  • 28924
  • 28939
  • 28958
  • 29049
  • 29086
  • 29098
  • 29164
  • 29167
  • 29211
  • 29567
  • 30327
  • 30620
  • 31043
slackware SSA:2008-061-01
sunalert
  • 238492
  • 239546
suse SUSE-SA:2008:008
ubuntu
  • USN-576-1
  • USN-582-1
  • USN-582-2
vupen
  • ADV-2008-0263
  • ADV-2008-0453
  • ADV-2008-0454
  • ADV-2008-0627
  • ADV-2008-1793
  • ADV-2008-2091
Last major update 09-09-2013 - 01:30
Published 08-02-2008 - 17:00
Last modified 15-10-2018 - 18:00
Back to Top