ID CVE-2008-3837
Summary Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmousedown action that calls window.moveBy, a variant of CVE-2003-0823.
References
Vulnerable Configurations
  • Mozilla Firefox
    cpe:2.3:a:mozilla:firefox
  • Mozilla Firefox 0.1
    cpe:2.3:a:mozilla:firefox:0.1
  • Mozilla Firefox 0.2
    cpe:2.3:a:mozilla:firefox:0.2
  • Mozilla Firefox 0.3
    cpe:2.3:a:mozilla:firefox:0.3
  • Mozilla Firefox 0.4
    cpe:2.3:a:mozilla:firefox:0.4
  • Mozilla Firefox 0.5
    cpe:2.3:a:mozilla:firefox:0.5
  • Mozilla Firefox 0.6
    cpe:2.3:a:mozilla:firefox:0.6
  • Mozilla Firefox 0.6.1
    cpe:2.3:a:mozilla:firefox:0.6.1
  • Mozilla Firefox 0.7
    cpe:2.3:a:mozilla:firefox:0.7
  • Mozilla Firefox 0.7.1
    cpe:2.3:a:mozilla:firefox:0.7.1
  • Mozilla Firefox 0.8
    cpe:2.3:a:mozilla:firefox:0.8
  • Mozilla Firefox 0.9
    cpe:2.3:a:mozilla:firefox:0.9
  • Mozilla Firefox 0.9 rc
    cpe:2.3:a:mozilla:firefox:0.9:rc
  • Mozilla Firefox 0.9.1
    cpe:2.3:a:mozilla:firefox:0.9.1
  • Mozilla Firefox 0.9.2
    cpe:2.3:a:mozilla:firefox:0.9.2
  • Mozilla Firefox 0.9.3
    cpe:2.3:a:mozilla:firefox:0.9.3
  • Mozilla Firefox 0.10
    cpe:2.3:a:mozilla:firefox:0.10
  • Mozilla Firefox 0.10.1
    cpe:2.3:a:mozilla:firefox:0.10.1
  • Mozilla Firefox 1.0
    cpe:2.3:a:mozilla:firefox:1.0
  • Mozilla Firefox 1.0 Preview Release
    cpe:2.3:a:mozilla:firefox:1.0:preview_release
  • Mozilla Firefox 1.0.1
    cpe:2.3:a:mozilla:firefox:1.0.1
  • Mozilla Firefox 1.0.2
    cpe:2.3:a:mozilla:firefox:1.0.2
  • Mozilla Firefox 1.0.3
    cpe:2.3:a:mozilla:firefox:1.0.3
  • Mozilla Firefox 1.0.4
    cpe:2.3:a:mozilla:firefox:1.0.4
  • Mozilla Firefox 1.0.5
    cpe:2.3:a:mozilla:firefox:1.0.5
  • Mozilla Firefox 1.0.6
    cpe:2.3:a:mozilla:firefox:1.0.6
  • Mozilla Firefox 1.0.7
    cpe:2.3:a:mozilla:firefox:1.0.7
  • Mozilla Firefox 1.0.8
    cpe:2.3:a:mozilla:firefox:1.0.8
  • Mozilla Firefox 1.4.1
    cpe:2.3:a:mozilla:firefox:1.4.1
  • Mozilla Firefox 1.5
    cpe:2.3:a:mozilla:firefox:1.5
  • Mozilla Firefox 1.5 Beta 1
    cpe:2.3:a:mozilla:firefox:1.5:beta1
  • Mozilla Firefox 1.5 Beta 2
    cpe:2.3:a:mozilla:firefox:1.5:beta2
  • Mozilla Firefox 1.5.0.1
    cpe:2.3:a:mozilla:firefox:1.5.0.1
  • Mozilla Firefox 1.5.0.2
    cpe:2.3:a:mozilla:firefox:1.5.0.2
  • Mozilla Firefox 1.5.0.3
    cpe:2.3:a:mozilla:firefox:1.5.0.3
  • Mozilla Firefox 1.5.0.4
    cpe:2.3:a:mozilla:firefox:1.5.0.4
  • Mozilla Firefox 1.5.0.5
    cpe:2.3:a:mozilla:firefox:1.5.0.5
  • Mozilla Firefox 1.5.0.6
    cpe:2.3:a:mozilla:firefox:1.5.0.6
  • Mozilla Firefox 1.5.0.7
    cpe:2.3:a:mozilla:firefox:1.5.0.7
  • Mozilla Firefox 1.5.0.8
    cpe:2.3:a:mozilla:firefox:1.5.0.8
  • Mozilla Firefox 1.5.0.9
    cpe:2.3:a:mozilla:firefox:1.5.0.9
  • Mozilla Firefox 1.5.0.10
    cpe:2.3:a:mozilla:firefox:1.5.0.10
  • Mozilla Firefox 1.5.0.11
    cpe:2.3:a:mozilla:firefox:1.5.0.11
  • Mozilla Firefox 1.5.0.12
    cpe:2.3:a:mozilla:firefox:1.5.0.12
  • Mozilla Firefox 1.5.1
    cpe:2.3:a:mozilla:firefox:1.5.1
  • Mozilla Firefox 1.5.2
    cpe:2.3:a:mozilla:firefox:1.5.2
  • Mozilla Firefox 1.5.3
    cpe:2.3:a:mozilla:firefox:1.5.3
  • Mozilla Firefox 1.5.4
    cpe:2.3:a:mozilla:firefox:1.5.4
  • Mozilla Firefox 1.5.5
    cpe:2.3:a:mozilla:firefox:1.5.5
  • Mozilla Firefox 1.5.6
    cpe:2.3:a:mozilla:firefox:1.5.6
  • Mozilla Firefox 1.5.7
    cpe:2.3:a:mozilla:firefox:1.5.7
  • Mozilla Firefox 1.5.8
    cpe:2.3:a:mozilla:firefox:1.5.8
  • Mozilla Firefox 1.8
    cpe:2.3:a:mozilla:firefox:1.8
  • Mozilla Firefox 2.0
    cpe:2.3:a:mozilla:firefox:2.0
  • Mozilla Firefox 2.0.0.1
    cpe:2.3:a:mozilla:firefox:2.0.0.1
  • Mozilla Firefox 2.0.0.2
    cpe:2.3:a:mozilla:firefox:2.0.0.2
  • Mozilla Firefox 2.0.0.3
    cpe:2.3:a:mozilla:firefox:2.0.0.3
  • Mozilla Firefox 2.0.0.4
    cpe:2.3:a:mozilla:firefox:2.0.0.4
  • Mozilla Firefox 2.0.0.5
    cpe:2.3:a:mozilla:firefox:2.0.0.5
  • Mozilla Firefox 2.0.0.6
    cpe:2.3:a:mozilla:firefox:2.0.0.6
  • Mozilla Firefox 2.0.0.7
    cpe:2.3:a:mozilla:firefox:2.0.0.7
  • Mozilla Firefox 2.0.0.8
    cpe:2.3:a:mozilla:firefox:2.0.0.8
  • Mozilla Firefox 2.0.0.9
    cpe:2.3:a:mozilla:firefox:2.0.0.9
  • Mozilla Firefox 2.0.0.10
    cpe:2.3:a:mozilla:firefox:2.0.0.10
  • Mozilla Firefox 2.0.0.11
    cpe:2.3:a:mozilla:firefox:2.0.0.11
  • Mozilla Firefox 2.0.0.12
    cpe:2.3:a:mozilla:firefox:2.0.0.12
  • Mozilla Firefox 2.0.0.13
    cpe:2.3:a:mozilla:firefox:2.0.0.13
  • Mozilla Firefox 2.0.0.14
    cpe:2.3:a:mozilla:firefox:2.0.0.14
  • Mozilla Firefox 2.0.0.15
    cpe:2.3:a:mozilla:firefox:2.0.0.15
  • Mozilla Firefox 2.0.0.16
    cpe:2.3:a:mozilla:firefox:2.0.0.16
  • Mozilla Firefox 3.0
    cpe:2.3:a:mozilla:firefox:3.0
  • Mozilla Firefox 3.0.1
    cpe:2.3:a:mozilla:firefox:3.0.1
  • Mozilla SeaMonkey
    cpe:2.3:a:mozilla:seamonkey
  • Mozilla SeaMonkey 1.0
    cpe:2.3:a:mozilla:seamonkey:1.0
  • Mozilla SeaMonkey 1.0 alpha
    cpe:2.3:a:mozilla:seamonkey:1.0:alpha
  • Mozilla SeaMonkey 1.0 beta
    cpe:2.3:a:mozilla:seamonkey:1.0:beta
  • Mozilla SeaMonkey 1.0.1
    cpe:2.3:a:mozilla:seamonkey:1.0.1
  • Mozilla SeaMonkey 1.0.2
    cpe:2.3:a:mozilla:seamonkey:1.0.2
  • Mozilla SeaMonkey 1.0.3
    cpe:2.3:a:mozilla:seamonkey:1.0.3
  • Mozilla SeaMonkey 1.0.4
    cpe:2.3:a:mozilla:seamonkey:1.0.4
  • Mozilla SeaMonkey 1.0.5
    cpe:2.3:a:mozilla:seamonkey:1.0.5
  • Mozilla SeaMonkey 1.0.6
    cpe:2.3:a:mozilla:seamonkey:1.0.6
  • Mozilla SeaMonkey 1.0.7
    cpe:2.3:a:mozilla:seamonkey:1.0.7
  • Mozilla SeaMonkey 1.0.8
    cpe:2.3:a:mozilla:seamonkey:1.0.8
  • Mozilla SeaMonkey 1.0.9
    cpe:2.3:a:mozilla:seamonkey:1.0.9
  • Mozilla SeaMonkey 1.1
    cpe:2.3:a:mozilla:seamonkey:1.1
  • Mozilla SeaMonkey 1.1 alpha
    cpe:2.3:a:mozilla:seamonkey:1.1:-:alpha
  • Mozilla SeaMonkey 1.1 alpha
    cpe:2.3:a:mozilla:seamonkey:1.1:-:beta
  • Mozilla SeaMonkey 1.1 alpha
    cpe:2.3:a:mozilla:seamonkey:1.1:alpha
  • Mozilla SeaMonkey 1.1 beta
    cpe:2.3:a:mozilla:seamonkey:1.1:beta
  • Mozilla Seamonkey 1.1.1
    cpe:2.3:a:mozilla:seamonkey:1.1.1
  • Mozilla Seamonkey 1.1.2
    cpe:2.3:a:mozilla:seamonkey:1.1.2
  • Mozilla Seamonkey 1.1.3
    cpe:2.3:a:mozilla:seamonkey:1.1.3
  • Mozilla Seamonkey 1.1.4
    cpe:2.3:a:mozilla:seamonkey:1.1.4
  • Mozilla Seamonkey 1.1.5
    cpe:2.3:a:mozilla:seamonkey:1.1.5
  • Mozilla Seamonkey 1.1.6
    cpe:2.3:a:mozilla:seamonkey:1.1.6
  • Mozilla Seamonkey 1.1.7
    cpe:2.3:a:mozilla:seamonkey:1.1.7
  • Mozilla SeaMonkey 1.1.8
    cpe:2.3:a:mozilla:seamonkey:1.1.8
  • Mozilla SeaMonkey 1.1.9
    cpe:2.3:a:mozilla:seamonkey:1.1.9
  • Mozilla SeaMonkey 1.1.10
    cpe:2.3:a:mozilla:seamonkey:1.1.10
  • Mozilla SeaMonkey 1.1.11
    cpe:2.3:a:mozilla:seamonkey:1.1.11
  • Debian GNU/Linux 4.0
    cpe:2.3:o:debian:debian_linux:4.0
  • Canonical Ubuntu Linux 6.06 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:6.06:-:-:-:lts
  • Canonical Ubuntu Linux 7.04
    cpe:2.3:o:canonical:ubuntu_linux:7.04
  • Canonical Ubuntu Linux 7.10
    cpe:2.3:o:canonical:ubuntu_linux:7.10
  • Canonical Ubuntu Linux 8.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:8.04:-:-:-:lts
CVSS
Base: 9.3 (as of 25-09-2008 - 13:29)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1697.NASL
    description Several remote vulnerabilities have been discovered in Iceape an unbranded version of the SeaMonkey internet suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0016 Justin Schuh, Tom Cross and Peter Williams discovered a buffer overflow in the parser for UTF-8 URLs, which may lead to the execution of arbitrary code. (MFSA 2008-37) - CVE-2008-0304 It was discovered that a buffer overflow in MIME decoding can lead to the execution of arbitrary code. (MFSA 2008-26) - CVE-2008-2785 It was discovered that missing boundary checks on a reference counter for CSS objects can lead to the execution of arbitrary code. (MFSA 2008-34) - CVE-2008-2798 Devon Hubbard, Jesse Ruderman and Martijn Wargers discovered crashes in the layout engine, which might allow the execution of arbitrary code. (MFSA 2008-21) - CVE-2008-2799 Igor Bukanov, Jesse Ruderman and Gary Kwong discovered crashes in the JavaScript engine, which might allow the execution of arbitrary code. (MFSA 2008-21) - CVE-2008-2800 'moz_bug_r_a4' discovered several cross-site scripting vulnerabilities. (MFSA 2008-22) - CVE-2008-2801 Collin Jackson and Adam Barth discovered that JavaScript code could be executed in the context or signed JAR archives. (MFSA 2008-23) - CVE-2008-2802 'moz_bug_r_a4' discovered that XUL documements can escalate privileges by accessing the pre-compiled 'fastload' file. (MFSA 2008-24) - CVE-2008-2803 'moz_bug_r_a4' discovered that missing input sanitising in the mozIJSSubScriptLoader.loadSubScript() function could lead to the execution of arbitrary code. Iceape itself is not affected, but some addons are. (MFSA 2008-25) - CVE-2008-2805 Claudio Santambrogio discovered that missing access validation in DOM parsing allows malicious websites to force the browser to upload local files to the server, which could lead to information disclosure. (MFSA 2008-27) - CVE-2008-2807 Daniel Glazman discovered that a programming error in the code for parsing .properties files could lead to memory content being exposed to addons, which could lead to information disclosure. (MFSA 2008-29) - CVE-2008-2808 Masahiro Yamada discovered that file URLs in directory listings were insufficiently escaped. (MFSA 2008-30) - CVE-2008-2809 John G. Myers, Frank Benkstein and Nils Toedtmann discovered that alternate names on self-signed certificates were handled insufficiently, which could lead to spoofings of secure connections. (MFSA 2008-31) - CVE-2008-2810 It was discovered that URL shortcut files could be used to bypass the same-origin restrictions. This issue does not affect current Iceape, but might occur with additional extensions installed. (MFSA 2008-32) - CVE-2008-2811 Greg McManus discovered a crash in the block reflow code, which might allow the execution of arbitrary code. (MFSA 2008-33) - CVE-2008-2933 Billy Rios discovered that passing an URL containing a pipe symbol to Iceape can lead to Chrome privilege escalation. (MFSA 2008-35) - CVE-2008-3835 'moz_bug_r_a4' discovered that the same-origin check in nsXMLDocument::OnChannelRedirect() could be bypassed. (MFSA 2008-38) - CVE-2008-3836 'moz_bug_r_a4' discovered that several vulnerabilities in feedWriter could lead to Chrome privilege escalation. (MFSA 2008-39) - CVE-2008-3837 Paul Nickerson discovered that an attacker could move windows during a mouse click, resulting in unwanted action triggered by drag-and-drop. (MFSA 2008-40) - CVE-2008-4058 'moz_bug_r_a4' discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. (MFSA 2008-41) - CVE-2008-4059 'moz_bug_r_a4' discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. (MFSA 2008-41) - CVE-2008-4060 Olli Pettay and 'moz_bug_r_a4' discovered a Chrome privilege escalation vulnerability in XSLT handling. (MFSA 2008-41) - CVE-2008-4061 Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. (MFSA 2008-42) - CVE-2008-4062 Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour discovered crashes in the JavaScript engine, which might allow the execution of arbitrary code. (MFSA 2008-42) - CVE-2008-4065 Dave Reed discovered that some Unicode byte order marks are stripped from JavaScript code before execution, which can result in code being executed, which were otherwise part of a quoted string. (MFSA 2008-43) - CVE-2008-4067 Boris Zbarsky discovered that resource: URLs allow directory traversal when using URL-encoded slashes. (MFSA 2008-44) - CVE-2008-4068 Georgi Guninski discovered that resource: URLs could bypass local access restrictions. (MFSA 2008-44) - CVE-2008-4069 Billy Hoffman discovered that the XBM decoder could reveal uninitialised memory. (MFSA 2008-45) - CVE-2008-4070 It was discovered that a buffer overflow could be triggered via a long header in a news article, which could lead to arbitrary code execution. (MFSA 2008-46) - CVE-2008-5012 Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions. (MFSA 2008-48) - CVE-2008-5013 It was discovered that insufficient checks in the Flash plugin glue code could lead to arbitrary code execution. (MFSA 2008-49) - CVE-2008-5014 Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution. (MFSA 2008-50) - CVE-2008-5017 It was discovered that crashes in the layout engine could lead to arbitrary code execution. (MFSA 2008-52) - CVE-2008-0017 Justin Schuh discovered that a buffer overflow in http-index-format parser could lead to arbitrary code execution. (MFSA 2008-54) - CVE-2008-5021 It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code. (MFSA 2008-55) - CVE-2008-5022 'moz_bug_r_a4' discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners() could be bypassed. (MFSA 2008-56) - CVE-2008-5024 Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents. (MFSA 2008-58) - CVE-2008-4582 Liu Die Yu discovered an information leak through local shortcut files. (MFSA 2008-59) - CVE-2008-5500 Jesse Ruderman discovered that the layout engine is vulnerable to DoS attacks that might trigger memory corruption and an integer overflow. (MFSA 2008-60) - CVE-2008-5503 Boris Zbarsky discovered that an information disclosure attack could be performed via XBL bindings. (MFSA 2008-61) - CVE-2008-5506 Marius Schilder discovered that it is possible to obtain sensible data via a XMLHttpRequest. (MFSA 2008-64) - CVE-2008-5507 Chris Evans discovered that it is possible to obtain sensible data via a JavaScript URL. (MFSA 2008-65) - CVE-2008-5508 Chip Salzenberg discovered possible phishing attacks via URLs with leading whitespaces or control characters. (MFSA 2008-66) - CVE-2008-5511 It was discovered that it is possible to perform cross-site scripting attacks via an XBL binding to an 'unloaded document.' (MFSA 2008-68) - CVE-2008-5512 It was discovered that it is possible to run arbitrary JavaScript with chrome privileges via unknown vectors. (MFSA 2008-68)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 35314
    published 2009-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35314
    title Debian DSA-1697-1 : iceape - several vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_GECKO-SDK-5654.NASL
    description This update backports lots of security fixes to mozilla-xulrunner package of SLES 10. It contains among others the following security fixes : - XBM image uninitialized memory reading. (MFSA 2008-45 / CVE-2008-4069) - resource: traversal vulnerabilities. (MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068) - BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug. (MFSA 2008-43) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. (MFSA 2008-42) - Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects. (MFSA 2008-41) - Forced mouse drag. (MFSA 2008-40 / CVE-2008-3837) - Privilege escalation using feed preview page and XSS flaw. (MFSA 2008-39 / CVE-2008-3836) - nsXMLDocument::OnChannelRedirect() same-origin violation. (MFSA 2008-38 / CVE-2008-3835) - UTF-8 URL stack buffer overflow. (MFSA 2008-37 / CVE-2008-0016) For more details: http://www.mozilla.org/security/known-vulnerabilities/firefo x20.html
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 34366
    published 2008-10-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34366
    title SuSE 10 Security Update : Mozilla (ZYPP Patch Number 5654)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2008-269-01.NASL
    description New mozilla-firefox packages are available for Slackware 10.2, 11.0, 12.0, 12.1, and -current to fix security issues.
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 34295
    published 2008-09-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34295
    title Slackware 10.2 / 11.0 / 12.0 / 12.1 / current : mozilla-firefox (SSA:2008-269-01)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1649.NASL
    description Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0016 Justin Schuh, Tom Cross and Peter Williams discovered a buffer overflow in the parser for UTF-8 URLs, which may lead to the execution of arbitrary code. - CVE-2008-3835 'moz_bug_r_a4' discovered that the same-origin check in nsXMLDocument::OnChannelRedirect() could by bypassed. - CVE-2008-3836 'moz_bug_r_a4' discovered that several vulnerabilities in feedWriter could lead to Chrome privilege escalation. - CVE-2008-3837 Paul Nickerson discovered that an attacker could move windows during a mouse click, resulting in unwanted action triggered by drag-and-drop. - CVE-2008-4058 'moz_bug_r_a4' discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. - CVE-2008-4059 'moz_bug_r_a4' discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. - CVE-2008-4060 Olli Pettay and 'moz_bug_r_a4' discovered a Chrome privilege escalation vulnerability in XSLT handling. - CVE-2008-4061 Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. - CVE-2008-4062 Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour discovered crashes in the JavaScript engine, which might allow the execution of arbitrary code. - CVE-2008-4065 Dave Reed discovered that some Unicode byte order marks are stripped from JavaScript code before execution, which can result in code being executed, which were otherwise part of a quoted string. - CVE-2008-4066 Gareth Heyes discovered that some Unicode surrogate characters are ignored by the HTML parser. - CVE-2008-4067 Boris Zbarsky discovered that resource: URLs allow directory traversal when using URL-encoded slashes. - CVE-2008-4068 Georgi Guninski discovered that resource: URLs could bypass local access restrictions. - CVE-2008-4069 Billy Hoffman discovered that the XBM decoder could reveal uninitialised memory.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 34371
    published 2008-10-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34371
    title Debian DSA-1649-1 : iceweasel - several vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SEAMONKEY-5657.NASL
    description This patch updates SeaMonkey to version 1.1.12, fixing security and other bugs : MFSA 2008-45 / CVE-2008-4069: XBM image uninitialized memory reading MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects MFSA 2008-40 / CVE-2008-3837: Forced mouse drag MFSA 2008-38 / CVE-2008-3835: nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-37 / CVE-2008-0016: UTF-8 URL stack buffer overflow Details can be found here: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
    last seen 2019-02-21
    modified 2016-12-27
    plugin id 34360
    published 2008-10-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34360
    title openSUSE 10 Security Update : seamonkey (seamonkey-5657)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_2273879E8A2F11DDA6FE0030843D3802.NASL
    description The Mozilla Foundation reports : MFSA 2008-37UTF-8 URL stack-based buffer overflow MFSA 2008-38nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-39Privilege escalation using feed preview page and XSS flaw MFSA 2008-40Forced mouse drag MFSA 2008-41Privilege escalation via XPCnativeWrapper pollution MFSA 2008-42Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) MFSA 2008-43BOM characters stripped from JavaScript before execution MFSA 2008-44resource: traversal vulnerabilities MFSA 2008-45XBM image uninitialized memory reading
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 34270
    published 2008-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34270
    title FreeBSD : mozilla -- multiple vulnerabilities (2273879e-8a2f-11dd-a6fe-0030843d3802)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_SEAMONKEY-081003.NASL
    description This patch updates SeaMonkey to version 1.1.12, fixing security and other bugs : MFSA 2008-45 / CVE-2008-4069: XBM image uninitialized memory reading MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects MFSA 2008-40 / CVE-2008-3837: Forced mouse drag MFSA 2008-38 / CVE-2008-3835: nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-37 / CVE-2008-0016: UTF-8 URL stack buffer overflow Details can be found here: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 40130
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40130
    title openSUSE Security Update : seamonkey (seamonkey-238)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_MOZILLA-XULRUNNER181-081002.NASL
    description This update brings mozilla-xulrunner181 to security fix version 1.8.1.17. It contains the following security fixes: MFSA 2008-45 / CVE-2008-4069: XBM image uninitialized memory reading MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects MFSA 2008-40 / CVE-2008-3837: Forced mouse drag MFSA 2008-39 / CVE-2008-3836: Privilege escalation using feed preview page and XSS flaw MFSA 2008-38 / CVE-2008-3835: nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-37 / CVE-2008-0016: UTF-8 URL stack buffer overflow For more details: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 40071
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40071
    title openSUSE Security Update : mozilla-xulrunner181 (mozilla-xulrunner181-237)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2008-269-02.NASL
    description New seamonkey packages are available for Slackware 11.0, 12.0, 12.1, and -current to fix security issues.
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 34296
    published 2008-09-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34296
    title Slackware 11.0 / 12.0 / 12.1 / current : seamonkey (SSA:2008-269-02)
  • NASL family Windows
    NASL id SEAMONKEY_1112.NASL
    description The installed version of SeaMonkey is affected by various security issues : - Using a specially crafted UTF-8 URL in a hyperlink, an attacker might be able to exploit a stack buffer overflow in the Mozilla URL parsing routes to execute arbitrary code. (MFSA 2008-37) - It is possible to bypass the same-origin check in 'nsXMLDocument::OnChannelRedirect()'. (MFSA 2008-38) - An attacker can cause the content window to move while the mouse is being clicked, causing an item to be dragged rather than clicked-on. (MFSA 2008-40) - Privilege escalation is possible via 'XPCnativeWrapper' pollution. (MFSA 2008-41) - There are several stability bugs in the browser engine that may lead to crashes with evidence of memory corruption. (MFSA 2008-42) - Certain BOM characters and low surrogate characters, if HTML-escaped, are stripped from JavaScript code before it is executed, which could allow for cross- site scripting attacks. (MFSA 2008-43) - The 'resource:' protocol allows directory traversal on Linux when using URL-encoded slashes, and it can by used to bypass restrictions on local HTML files. (MFSA 2008-44) - A bug in the XBM decoder allows random small chunks of uninitialized memory to be read. (MFSA 2008-45) - There is a heap-based buffer overflow that can be triggered when canceling a newsgroup message. (MFSA 2008-46)
    last seen 2019-02-21
    modified 2018-07-27
    plugin id 34269
    published 2008-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34269
    title SeaMonkey < 1.1.12 Multiple Vulnerabilities
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2008-205.NASL
    description Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.17 (CVE-2008-0016, CVE-2008-3835, CVE-2008-3836, CVE-2008-3837, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4065, CVE-2008-4066, CVE-2008-4067, CVE-2008-4068, CVE-2008-4069). This update provides the latest Firefox to correct these issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 36823
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36823
    title Mandriva Linux Security Advisory : mozilla-firefox (MDVSA-2008:205)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201301-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-201301-01 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL’s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser’s font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 63402
    published 2013-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63402
    title GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0879.NASL
    description An updated firefox package that fixes various security issues is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-4058, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Several flaws were found in the way malformed web content was displayed. A web page containing specially crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-4067, CVE-2008-4068) A flaw was found in the way Firefox handles mouse click events. A web page containing specially crafted JavaScript code could move the content window while a mouse-button was pressed, causing any item under the pointer to be dragged. This could, potentially, cause the user to perform an unsafe drag-and-drop action. (CVE-2008-3837) A flaw was found in Firefox that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters. (CVE-2008-4065) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.2. You can find a link to the Mozilla advisories in the References section. All firefox users should upgrade to this updated package, which contains backported patches that correct these issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 34274
    published 2008-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34274
    title RHEL 4 / 5 : firefox (RHSA-2008:0879)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0879.NASL
    description An updated firefox package that fixes various security issues is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-4058, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Several flaws were found in the way malformed web content was displayed. A web page containing specially crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-4067, CVE-2008-4068) A flaw was found in the way Firefox handles mouse click events. A web page containing specially crafted JavaScript code could move the content window while a mouse-button was pressed, causing any item under the pointer to be dragged. This could, potentially, cause the user to perform an unsafe drag-and-drop action. (CVE-2008-3837) A flaw was found in Firefox that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters. (CVE-2008-4065) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.2. You can find a link to the Mozilla advisories in the References section. All firefox users should upgrade to this updated package, which contains backported patches that correct these issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 43709
    published 2010-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43709
    title CentOS 4 / 5 : firefox (CESA-2008:0879)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_MOZILLA-XULRUNNER190-081002.NASL
    description This update brings the mozilla-xulrunner190 engine to version 1.9.0.3, fixing a number of bugs and security problems : MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects MFSA 2008-40 / CVE-2008-3837: Forced mouse drag
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 40074
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40074
    title openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-234)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-8429.NASL
    description Updated seamonkey packages that fix several security issues are now available for Fedora 8 and Fedora 9. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2008-0016, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062) Several flaws were found in the way malformed web content was displayed. A web page containing specially crafted content could potentially trick a SeaMonkey user into surrendering sensitive information. (CVE-2008-3835, CVE-2008-4067, CVE-2008-4068, CVE-2008-4069) A flaw was found in the way SeaMonkey handles mouse click events. A web page containing specially crafted JavaScript code could move the content window while a mouse-button was pressed, causing any item under the pointer to be dragged. This could, potentially, cause the user to perform an unsafe drag-and-drop action. (CVE-2008-3837) A flaw was found in SeaMonkey that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters. (CVE-2008-4065, CVE-2008-4066) All SeaMonkey users should upgrade to these updated packages, which contain patches to resolve these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 34309
    published 2008-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34309
    title Fedora 9 : seamonkey-1.1.12-1.fc9 (2008-8429)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-645-3.NASL
    description USN-645-1 fixed vulnerabilities in Firefox and xulrunner. The upstream patches introduced a regression in the saved password handling. While password data was not lost, if a user had saved any passwords with non-ASCII characters, Firefox could not access the password database. This update fixes the problem. We apologize for the inconvenience. Justin Schuh, Tom Cross and Peter Williams discovered errors in the Firefox URL parsing routines. If a user were tricked into opening a crafted hyperlink, an attacker could overflow a stack buffer and execute arbitrary code. (CVE-2008-0016) It was discovered that the same-origin check in Firefox could be bypassed. If a user were tricked into opening a malicious website, an attacker may be able to execute JavaScript in the context of a different website. (CVE-2008-3835) Several problems were discovered in the JavaScript engine. This could allow an attacker to execute scripts from page content with chrome privileges. (CVE-2008-3836) Paul Nickerson discovered Firefox did not properly process mouse click events. If a user were tricked into opening a malicious web page, an attacker could move the content window, which could potentially be used to force a user to perform unintended drag and drop operations. (CVE-2008-3837) Several problems were discovered in the browser engine. This could allow an attacker to execute code with chrome privileges. (CVE-2008-4058, CVE-2008-4059, CVE-2008-4060) Drew Yao, David Maciejak and other Mozilla developers found several problems in the browser engine of Firefox. If a user were tricked into opening a malicious web page, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Dave Reed discovered a flaw in the JavaScript parsing code when processing certain BOM characters. An attacker could exploit this to bypass script filters and perform cross-site scripting attacks. (CVE-2008-4065) Gareth Heyes discovered a flaw in the HTML parser of Firefox. If a user were tricked into opening a malicious web page, an attacker could bypass script filtering and perform cross-site scripting attacks. (CVE-2008-4066) Boris Zbarsky and Georgi Guninski independently discovered flaws in the resource: protocol. An attacker could exploit this to perform directory traversal, read information about the system, and prompt the user to save information in a file. (CVE-2008-4067, CVE-2008-4068) Billy Hoffman discovered a problem in the XBM decoder. If a user were tricked into opening a malicious web page or XBM file, an attacker may be able to cause a denial of service via application crash. (CVE-2008-4069). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 38073
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38073
    title Ubuntu 8.04 LTS : firefox-3.0, xulrunner-1.9 regression (USN-645-3)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0879.NASL
    description From Red Hat Security Advisory 2008:0879 : An updated firefox package that fixes various security issues is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-4058, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Several flaws were found in the way malformed web content was displayed. A web page containing specially crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-4067, CVE-2008-4068) A flaw was found in the way Firefox handles mouse click events. A web page containing specially crafted JavaScript code could move the content window while a mouse-button was pressed, causing any item under the pointer to be dragged. This could, potentially, cause the user to perform an unsafe drag-and-drop action. (CVE-2008-3837) A flaw was found in Firefox that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters. (CVE-2008-4065) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.2. You can find a link to the Mozilla advisories in the References section. All firefox users should upgrade to this updated package, which contains backported patches that correct these issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 67744
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67744
    title Oracle Linux 5 : firefox (ELSA-2008-0879)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080923_FIREFOX_ON_SL4_X.NASL
    description Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-4058, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Several flaws were found in the way malformed web content was displayed. A web page containing specially crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-4067, CVE-2008-4068) A flaw was found in the way Firefox handles mouse click events. A web page containing specially crafted JavaScript code could move the content window while a mouse-button was pressed, causing any item under the pointer to be dragged. This could, potentially, cause the user to perform an unsafe drag-and-drop action. (CVE-2008-3837) A flaw was found in Firefox that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters. (CVE-2008-4065) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.2. You can find a link to the Mozilla advisories in the References section.
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60475
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60475
    title Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-8425.NASL
    description Mozilla Firefox is an open source Web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-4058, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Several flaws were found in the way malformed web content was displayed. A web page containing specially crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-4067, CVE-2008-4068) A flaw was found in the way Firefox handles mouse click events. A web page containing specially crafted JavaScript code could move the content window while a mouse-button was pressed, causing any item under the pointer to be dragged. This could, potentially, cause the user to perform an unsafe drag-and-drop action. (CVE-2008-3837) A flaw was found in Firefox that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters. (CVE-2008-4065) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.2.[1] All Firefox users should upgrade to these updated packages, which contain patches that correct these issues. [1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 34308
    published 2008-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34308
    title Fedora 9 : Miro-1.2.4-3.fc9 / blam-1.8.5-2.fc9 / cairo-dock-1.6.2.3-1.fc9.1 / chmsee-1.0.1-5.fc9 / etc (2008-8425)
  • NASL family Windows
    NASL id MOZILLA_FIREFOX_302.NASL
    description The installed version of Firefox 3.0 is earlier than 3.0.2. Such versions are potentially affected by the following security issues : - An attacker can cause the content window to move while the mouse is being clicked, causing an item to be dragged rather than clicked-on (MFSA 2008-40). - Privilege escalation is possible via 'XPCnativeWrapper' pollution (MFSA 2008-41). - There are several stability bugs in the browser engine that could lead to crashes with evidence of memory corruption (MFSA 2008-42). - Certain BOM characters and low surrogate characters, if HTML-escaped, are stripped from JavaScript code before it is executed, which could allow for cross- site scripting attacks (MFSA 2008-43). - The 'resource:' protocol allows directory traversal on Linux when using URL-encoded slashes, and it can by used to bypass restrictions on local HTML files (MFSA 2008-44). - By tampering with the window.__proto__.__proto__ object, one can cause the browser to place a lock on a non- native object, leading to a crash and possible code execution. (MFSA 2008-50)
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 34267
    published 2008-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34267
    title Firefox 3.0.x < 3.0.2 Multiple Vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1669.NASL
    description Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0016 Justin Schuh, Tom Cross and Peter Williams discovered a buffer overflow in the parser for UTF-8 URLs, which may lead to the execution of arbitrary code. - CVE-2008-3835 'moz_bug_r_a4' discovered that the same-origin check in nsXMLDocument::OnChannelRedirect() could by bypassed. - CVE-2008-3836 'moz_bug_r_a4' discovered that several vulnerabilities in feedWriter could lead to Chrome privilege escalation. - CVE-2008-3837 Paul Nickerson discovered that an attacker could move windows during a mouse click, resulting in unwanted action triggered by drag-and-drop. - CVE-2008-4058 'moz_bug_r_a4' discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. - CVE-2008-4059 'moz_bug_r_a4' discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. - CVE-2008-4060 Olli Pettay and 'moz_bug_r_a4' discovered a Chrome privilege escalation vulnerability in XSLT handling. - CVE-2008-4061 Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. - CVE-2008-4062 Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour discovered crashes in the JavaScript engine, which might allow the execution of arbitrary code. - CVE-2008-4065 Dave Reed discovered that some Unicode byte order marks are stripped from JavaScript code before execution, which can result in code being executed, which were otherwise part of a quoted string. - CVE-2008-4066 Gareth Heyes discovered that some Unicode surrogate characters are ignored by the HTML parser. - CVE-2008-4067 Boris Zbarsky discovered that resource: URls allow directory traversal when using URL-encoded slashes. - CVE-2008-4068 Georgi Guninski discovered that resource: URLs could bypass local access restrictions. - CVE-2008-4069 Billy Hoffman discovered that the XBM decoder could reveal uninitialised memory. - CVE-2008-4582 Liu Die Yu discovered an information leak through local shortcut files. - CVE-2008-5012 Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions. - CVE-2008-5013 It was discovered that insufficient checks in the Flash plugin glue code could lead to arbitrary code execution. - CVE-2008-5014 Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution. - CVE-2008-5017 It was discovered that crashes in the layout engine could lead to arbitrary code execution. - CVE-2008-5018 It was discovered that crashes in the JavaScript engine could lead to arbitrary code execution. - CVE-2008-0017 Justin Schuh discovered that a buffer overflow in http-index-format parser could lead to arbitrary code execution. - CVE-2008-5021 It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code. - CVE-2008-5022 'moz_bug_r_a4' discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners() could be bypassed. - CVE-2008-5023 Collin Jackson discovered that the -moz-binding property bypasses security checks on codebase principals. - CVE-2008-5024 Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 34938
    published 2008-11-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34938
    title Debian DSA-1669-1 : xulrunner - several vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_MOZILLAFIREFOX-081002.NASL
    description This update brings MozillaFirefox to version 3.0.3, fixing a number of bugs and security problems : MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects MFSA 2008-40 / CVE-2008-3837: Forced mouse drag
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 39883
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39883
    title openSUSE Security Update : MozillaFirefox (MozillaFirefox-233)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-8401.NASL
    description Updated seamonkey packages that fix several security issues are now available for Fedora 8 and Fedora 9. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2008-0016, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062) Several flaws were found in the way malformed web content was displayed. A web page containing specially crafted content could potentially trick a SeaMonkey user into surrendering sensitive information. (CVE-2008-3835, CVE-2008-4067, CVE-2008-4068, CVE-2008-4069) A flaw was found in the way SeaMonkey handles mouse click events. A web page containing specially crafted JavaScript code could move the content window while a mouse-button was pressed, causing any item under the pointer to be dragged. This could, potentially, cause the user to perform an unsafe drag-and-drop action. (CVE-2008-3837) A flaw was found in SeaMonkey that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters. (CVE-2008-4065, CVE-2008-4066) All SeaMonkey users should upgrade to these updated packages, which contain patches to resolve these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 34307
    published 2008-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34307
    title Fedora 8 : seamonkey-1.1.12-1.fc8 (2008-8401)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0882.NASL
    description Updated SeaMonkey packages that fix a security issues are now available for Red Hat Enterprise Linux 2.1, Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2008-0016, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062) Several flaws were found in the way malformed web content was displayed. A web page containing specially crafted content could potentially trick a SeaMonkey user into surrendering sensitive information. (CVE-2008-3835, CVE-2008-4067, CVE-2008-4068, CVE-2008-4069) A flaw was found in the way SeaMonkey handles mouse click events. A web page containing specially crafted JavaScript code could move the content window while a mouse-button was pressed, causing any item under the pointer to be dragged. This could, potentially, cause the user to perform an unsafe drag-and-drop action. (CVE-2008-3837) A flaw was found in SeaMonkey that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters. (CVE-2008-4065, CVE-2008-4066) All SeaMonkey users should upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 34278
    published 2008-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34278
    title CentOS 3 / 4 : seamonkey (CESA-2008:0882)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0882.NASL
    description Updated SeaMonkey packages that fix a security issues are now available for Red Hat Enterprise Linux 2.1, Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2008-0016, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062) Several flaws were found in the way malformed web content was displayed. A web page containing specially crafted content could potentially trick a SeaMonkey user into surrendering sensitive information. (CVE-2008-3835, CVE-2008-4067, CVE-2008-4068, CVE-2008-4069) A flaw was found in the way SeaMonkey handles mouse click events. A web page containing specially crafted JavaScript code could move the content window while a mouse-button was pressed, causing any item under the pointer to be dragged. This could, potentially, cause the user to perform an unsafe drag-and-drop action. (CVE-2008-3837) A flaw was found in SeaMonkey that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters. (CVE-2008-4065, CVE-2008-4066) All SeaMonkey users should upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 34275
    published 2008-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34275
    title RHEL 2.1 / 3 / 4 : seamonkey (RHSA-2008:0882)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MOZILLAFIREFOX-5640.NASL
    description This update brings MozillaFirefox to version 2.0.0.17 to fix bugs and security issues : MFSA 2008-45 / CVE-2008-4069: XBM image uninitialized memory reading MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects MFSA 2008-40 / CVE-2008-3837: Forced mouse drag MFSA 2008-39 / CVE-2008-3836: Privilege escalation using feed preview page and XSS flaw MFSA 2008-38 / CVE-2008-3835: nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-37 / CVE-2008-0016: UTF-8 URL stack buffer overflow For more details: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 34318
    published 2008-10-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34318
    title openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-5640)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-645-2.NASL
    description USN-645-1 fixed vulnerabilities in Firefox and xulrunner for Ubuntu 7.04, 7.10 and 8.04 LTS. This provides the corresponding update for Ubuntu 6.06 LTS. Justin Schuh, Tom Cross and Peter Williams discovered errors in the Firefox URL parsing routines. If a user were tricked into opening a crafted hyperlink, an attacker could overflow a stack buffer and execute arbitrary code. (CVE-2008-0016) It was discovered that the same-origin check in Firefox could be bypassed. If a user were tricked into opening a malicious website, an attacker may be able to execute JavaScript in the context of a different website. (CVE-2008-3835) Several problems were discovered in the JavaScript engine. This could allow an attacker to execute scripts from page content with chrome privileges. (CVE-2008-3836) Paul Nickerson discovered Firefox did not properly process mouse click events. If a user were tricked into opening a malicious web page, an attacker could move the content window, which could potentially be used to force a user to perform unintended drag and drop operations. (CVE-2008-3837) Several problems were discovered in the browser engine. This could allow an attacker to execute code with chrome privileges. (CVE-2008-4058, CVE-2008-4059, CVE-2008-4060) Drew Yao, David Maciejak and other Mozilla developers found several problems in the browser engine of Firefox. If a user were tricked into opening a malicious web page, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Dave Reed discovered a flaw in the JavaScript parsing code when processing certain BOM characters. An attacker could exploit this to bypass script filters and perform cross-site scripting attacks. (CVE-2008-4065) Gareth Heyes discovered a flaw in the HTML parser of Firefox. If a user were tricked into opening a malicious web page, an attacker could bypass script filtering and perform cross-site scripting attacks. (CVE-2008-4066) Boris Zbarsky and Georgi Guninski independently discovered flaws in the resource: protocol. An attacker could exploit this to perform directory traversal, read information about the system, and prompt the user to save information in a file. (CVE-2008-4067, CVE-2008-4068) Billy Hoffman discovered a problem in the XBM decoder. If a user were tricked into opening a malicious web page or XBM file, an attacker may be able to cause a denial of service via application crash. (CVE-2008-4069). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 65110
    published 2013-03-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65110
    title Ubuntu 6.06 LTS : firefox vulnerabilities (USN-645-2)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-645-1.NASL
    description Justin Schuh, Tom Cross and Peter Williams discovered errors in the Firefox URL parsing routines. If a user were tricked into opening a crafted hyperlink, an attacker could overflow a stack buffer and execute arbitrary code. (CVE-2008-0016) It was discovered that the same-origin check in Firefox could be bypassed. If a user were tricked into opening a malicious website, an attacker may be able to execute JavaScript in the context of a different website. (CVE-2008-3835) Several problems were discovered in the JavaScript engine. This could allow an attacker to execute scripts from page content with chrome privileges. (CVE-2008-3836) Paul Nickerson discovered Firefox did not properly process mouse click events. If a user were tricked into opening a malicious web page, an attacker could move the content window, which could potentially be used to force a user to perform unintended drag and drop operations. (CVE-2008-3837) Several problems were discovered in the browser engine. This could allow an attacker to execute code with chrome privileges. (CVE-2008-4058, CVE-2008-4059, CVE-2008-4060) Drew Yao, David Maciejak and other Mozilla developers found several problems in the browser engine of Firefox. If a user were tricked into opening a malicious web page, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Dave Reed discovered a flaw in the JavaScript parsing code when processing certain BOM characters. An attacker could exploit this to bypass script filters and perform cross-site scripting attacks. (CVE-2008-4065) Gareth Heyes discovered a flaw in the HTML parser of Firefox. If a user were tricked into opening a malicious web page, an attacker could bypass script filtering and perform cross-site scripting attacks. (CVE-2008-4066) Boris Zbarsky and Georgi Guninski independently discovered flaws in the resource: protocol. An attacker could exploit this to perform directory traversal, read information about the system, and prompt the user to save information in a file. (CVE-2008-4067, CVE-2008-4068) Billy Hoffman discovered a problem in the XBM decoder. If a user were tricked into opening a malicious web page or XBM file, an attacker may be able to cause a denial of service via application crash. (CVE-2008-4069). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 36243
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36243
    title Ubuntu 7.04 / 7.10 / 8.04 LTS : firefox, firefox-3.0, xulrunner-1.9 vulnerabilities (USN-645-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MOZILLAFIREFOX-5644.NASL
    description This update brings MozillaFirefox to version 2.0.0.17 to fix bugs and security issues : - XBM image uninitialized memory reading. (MFSA 2008-45 / CVE-2008-4069) - resource: traversal vulnerabilities. (MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068) - BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug. (MFSA 2008-43) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. (MFSA 2008-42) - Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects. (MFSA 2008-41) - Forced mouse drag. (MFSA 2008-40 / CVE-2008-3837) - Privilege escalation using feed preview page and XSS flaw. (MFSA 2008-39 / CVE-2008-3836) - nsXMLDocument::OnChannelRedirect() same-origin violation. (MFSA 2008-38 / CVE-2008-3835) - UTF-8 URL stack buffer overflow. (MFSA 2008-37 / CVE-2008-0016) For more details: http://www.mozilla.org/security/known-vulnerabilities/firefo x20.html
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 34319
    published 2008-10-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34319
    title SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 5644)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MOZILLA-XULRUNNER181-5656.NASL
    description This update brings mozilla-xulrunner181 to security fix version 1.8.1.17. It contains the following security fixes: MFSA 2008-45 / CVE-2008-4069: XBM image uninitialized memory reading MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects MFSA 2008-40 / CVE-2008-3837: Forced mouse drag MFSA 2008-39 / CVE-2008-3836: Privilege escalation using feed preview page and XSS flaw MFSA 2008-38 / CVE-2008-3835: nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-37 / CVE-2008-0016: UTF-8 URL stack buffer overflow For more details: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 34367
    published 2008-10-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34367
    title openSUSE 10 Security Update : mozilla-xulrunner181 (mozilla-xulrunner181-5656)
  • NASL family Windows
    NASL id MOZILLA_FIREFOX_20017.NASL
    description The installed version of Firefox is affected by various security issues : - Using a specially crafted UTF-8 URL in a hyperlink, an attacker might be able to exploit a stack buffer overflow in the Mozilla URL parsing routes to execute arbitrary code (MFSA 2008-37). - It is possible to bypass the same-origin check in 'nsXMLDocument::OnChannelRedirect()' (MFSA 2008-38). - There are a series of vulnerabilities in 'feedWriter' that allow scripts from page content to run with chrome privileges (MFSA 2008-39). - An attacker can cause the content window to move while the mouse is being clicked, causing an item to be dragged rather than clicked-on (MFSA 2008-40). - Privilege escalation is possible via 'XPCnativeWrapper' pollution (MFSA 2008-41). - There are several stability bugs in the browser engine that may lead to crashes with evidence of memory corruption (MFSA 2008-42). - Certain BOM characters and low surrogate characters, if HTML-escaped, are stripped from JavaScript code before it is executed, which could allow for cross- site scripting attacks (MFSA 2008-43). - The 'resource:' protocol allows directory traversal on Linux when using URL-encoded slashes, and it can by used to bypass restrictions on local HTML files (MFSA 2008-44). - A bug in the XBM decoder allows random small chunks of uninitialized memory to be read (MFSA 2008-45).
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 34268
    published 2008-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34268
    title Firefox < 2.0.0.17 Multiple Vulnerabilities
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080923_SEAMONKEY_ON_SL3_X.NASL
    description Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2008-0016, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062) Several flaws were found in the way malformed web content was displayed. A web page containing specially crafted content could potentially trick a SeaMonkey user into surrendering sensitive information. (CVE-2008-3835, CVE-2008-4067, CVE-2008-4068, CVE-2008-4069) A flaw was found in the way SeaMonkey handles mouse click events. A web page containing specially crafted JavaScript code could move the content window while a mouse-button was pressed, causing any item under the pointer to be dragged. This could, potentially, cause the user to perform an unsafe drag-and-drop action. (CVE-2008-3837) A flaw was found in SeaMonkey that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters. (CVE-2008-4065, CVE-2008-4066)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60476
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60476
    title Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0882.NASL
    description From Red Hat Security Advisory 2008:0882 : Updated SeaMonkey packages that fix a security issues are now available for Red Hat Enterprise Linux 2.1, Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2008-0016, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062) Several flaws were found in the way malformed web content was displayed. A web page containing specially crafted content could potentially trick a SeaMonkey user into surrendering sensitive information. (CVE-2008-3835, CVE-2008-4067, CVE-2008-4068, CVE-2008-4069) A flaw was found in the way SeaMonkey handles mouse click events. A web page containing specially crafted JavaScript code could move the content window while a mouse-button was pressed, causing any item under the pointer to be dragged. This could, potentially, cause the user to perform an unsafe drag-and-drop action. (CVE-2008-3837) A flaw was found in SeaMonkey that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters. (CVE-2008-4065, CVE-2008-4066) All SeaMonkey users should upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67745
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67745
    title Oracle Linux 3 / 4 : seamonkey (ELSA-2008-0882)
oval via4
accepted 2013-04-29T04:23:34.613-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmousedown action that calls window.moveBy, a variant of CVE-2003-0823.
family unix
id oval:org.mitre.oval:def:9950
status accepted
submitted 2010-07-09T03:56:16-04:00
title Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmousedown action that calls window.moveBy, a variant of CVE-2003-0823.
version 24
redhat via4
advisories
  • rhsa
    id RHSA-2008:0879
  • rhsa
    id RHSA-2008:0882
rpms
  • firefox-0:3.0.2-3.el4
  • yelp-0:2.16.0-21.el5
  • devhelp-0:0.12-19.el5
  • devhelp-devel-0:0.12-19.el5
  • nss-0:3.12.1.1-1.el5
  • nss-devel-0:3.12.1.1-1.el5
  • nss-pkcs11-devel-0:3.12.1.1-1.el5
  • nss-tools-0:3.12.1.1-1.el5
  • xulrunner-0:1.9.0.2-5.el5
  • xulrunner-devel-0:1.9.0.2-5.el5
  • xulrunner-devel-unstable-0:1.9.0.2-5.el5
  • firefox-0:3.0.2-3.el5
  • seamonkey-0:1.0.9-0.24.el3
  • seamonkey-chat-0:1.0.9-0.24.el3
  • seamonkey-devel-0:1.0.9-0.24.el3
  • seamonkey-dom-inspector-0:1.0.9-0.24.el3
  • seamonkey-js-debugger-0:1.0.9-0.24.el3
  • seamonkey-mail-0:1.0.9-0.24.el3
  • seamonkey-nspr-0:1.0.9-0.24.el3
  • seamonkey-nspr-devel-0:1.0.9-0.24.el3
  • seamonkey-nss-0:1.0.9-0.24.el3
  • seamonkey-nss-devel-0:1.0.9-0.24.el3
  • devhelp-0:0.10-0.10.el4
  • devhelp-devel-0:0.10-0.10.el4
  • seamonkey-0:1.0.9-26.el4
  • seamonkey-chat-0:1.0.9-26.el4
  • seamonkey-devel-0:1.0.9-26.el4
  • seamonkey-dom-inspector-0:1.0.9-26.el4
  • seamonkey-js-debugger-0:1.0.9-26.el4
  • seamonkey-mail-0:1.0.9-26.el4
refmap via4
bid 31346
confirm
debian
  • DSA-1649
  • DSA-1669
  • DSA-1697
fedora
  • FEDORA-2008-8401
  • FEDORA-2008-8425
  • FEDORA-2008-8429
mandriva MDVSA-2008:205
sectrack 1020922
secunia
  • 31984
  • 31985
  • 31987
  • 32010
  • 32011
  • 32012
  • 32042
  • 32044
  • 32089
  • 32095
  • 32096
  • 32144
  • 32185
  • 32196
  • 32845
  • 33433
  • 34501
slackware
  • SSA:2008-269-01
  • SSA:2008-269-02
sunalert 256408
suse SUSE-SA:2008:050
ubuntu
  • USN-645-1
  • USN-645-2
vupen
  • ADV-2008-2661
  • ADV-2009-0977
xf firefox-draganddrop-weak-security(45348)
Last major update 29-10-2012 - 23:15
Published 24-09-2008 - 16:37
Last modified 01-11-2018 - 11:14
Back to Top