Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-2528.NASL
HistoryAug 15, 2012 - 12:00 a.m.

Debian DSA-2528-1 : icedove - several vulnerabilities

2012-08-1500:00:00
This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.375 Low

EPSS

Percentile

97.2%

JSON

Several vulnerabilities were discovered in Icedove, Debian’s version of the Mozilla Thunderbird mail and news client.

  • CVE-2012-1948 Multiple unspecified vulnerabilities in the browser engine were fixed.

  • CVE-2012-1950 The underlying browser engine allows address bar spoofing through drag-and-drop.

  • CVE-2012-1954 A use-after-free vulnerability in the nsDocument::AdoptNode function allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code.

  • CVE-2012-1967 An error in the implementation of the JavaScript sandbox allows execution of JavaScript code with improper privileges using javascript: URLs.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-2528. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(61537);
  script_version("1.14");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2012-1948", "CVE-2012-1950", "CVE-2012-1954", "CVE-2012-1967");
  script_bugtraq_id(54573, 54578, 54580, 54585);
  script_xref(name:"DSA", value:"2528");

  script_name(english:"Debian DSA-2528-1 : icedove - several vulnerabilities");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several vulnerabilities were discovered in Icedove, Debian's version
of the Mozilla Thunderbird mail and news client.

  - CVE-2012-1948
    Multiple unspecified vulnerabilities in the browser
    engine were fixed.

  - CVE-2012-1950
    The underlying browser engine allows address bar
    spoofing through drag-and-drop.

  - CVE-2012-1954
    A use-after-free vulnerability in the
    nsDocument::AdoptNode function allows remote attackers
    to cause a denial of service (heap memory corruption) or
    possibly execute arbitrary code.

  - CVE-2012-1967
    An error in the implementation of the JavaScript sandbox
    allows execution of JavaScript code with improper
    privileges using javascript: URLs."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2012-1948"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2012-1950"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2012-1954"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2012-1967"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/squeeze/icedove"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2012/dsa-2528"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the icedove packages.

For the stable distribution (squeeze), these problems have been fixed
in version 3.0.11-1+squeeze12."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:icedove");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2012/08/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/15");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"6.0", prefix:"icedove", reference:"3.0.11-1+squeeze12")) flag++;
if (deb_check(release:"6.0", prefix:"icedove-dbg", reference:"3.0.11-1+squeeze12")) flag++;
if (deb_check(release:"6.0", prefix:"icedove-dev", reference:"3.0.11-1+squeeze12")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxicedovep-cpe:/a:debian:debian_linux:icedove
debiandebian_linux6.0cpe:/o:debian:debian_linux:6.0

Related

osv 3
openvas 56
debian 3
nessus 37
ubuntucve 4
cve 4
veracode 17
nvd 4
cvelist 4
mozilla 4
prion 4
centos 2
oraclelinux 2
suse 7
ubuntu 3
redhat 2
securityvulns 1
freebsd 1
gentoo 1
osv
osv
icedove - several
2012-08-14 00:00:00
iceweasel - several vulnerabilities
2012-07-17 00:00:00
iceape - several vulnerabilities
2012-07-17 00:00:00
openvas
openvas
Debian Security Advisory DSA 2528-1 (icedove)
2012-08-30 00:00:00
Debian: Security Advisory (DSA-2528-1)
2012-08-30 00:00:00
Debian Security Advisory DSA 2514-1 (iceweasel)
2012-08-10 00:00:00
debian
debian
[SECURITY] [DSA 2528-1] icedove security update
2012-08-14 19:26:36
[SECURITY] [DSA 2514-1] iceweasel security update
2012-07-17 20:03:42
[SECURITY] [DSA 2513-1] iceape security update
2012-07-17 19:47:49
nessus
nessus
Debian DSA-2513-1 : iceape - several vulnerabilities
2012-07-18 00:00:00
Debian DSA-2514-1 : iceweasel - several vulnerabilities
2012-07-18 00:00:00
RHEL 5 / 6 : firefox (RHSA-2012:1088)
2012-07-18 00:00:00
ubuntucve
ubuntucve
CVE-2012-1948
2012-07-17 00:00:00
CVE-2012-1967
2012-07-17 00:00:00
CVE-2012-1950
2012-07-17 00:00:00
cve
cve
CVE-2012-1948
2012-07-18 10:26:48
CVE-2012-1954
2012-07-18 10:26:48
CVE-2012-1967
2012-07-18 10:26:49
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 08:54:29
Use-After-Free (UAF)
2019-05-02 04:42:25
Denial Of Service (DoS)
2019-05-02 04:42:25
nvd
nvd
CVE-2012-1948
2012-07-18 10:26:48
CVE-2012-1967
2012-07-18 10:26:49
CVE-2012-1950
2012-07-18 10:26:48
cvelist
cvelist
CVE-2012-1948
2012-07-18 10:00:00
CVE-2012-1967
2012-07-18 10:00:00
CVE-2012-1954
2012-07-18 10:00:00
mozilla
mozilla
Code execution through javascript: URLs — Mozilla
2012-07-17 00:00:00
Incorrect URL displayed in addressbar through drag and drop — Mozilla
2012-07-17 00:00:00
Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6) — Mozilla
2012-07-17 00:00:00
prion
prion
Code injection
2012-07-18 10:26:00
Memory corruption
2012-07-18 10:26:00
Design/Logic Flaw
2012-07-18 10:26:00
centos
centos
firefox, xulrunner security update
2012-07-17 20:41:16
thunderbird security update
2012-07-17 21:25:02
oraclelinux
oraclelinux
firefox security update
2012-07-17 00:00:00
thunderbird security update
2012-07-17 00:00:00
suse
suse
xulrunner to 14.0.1 (critical)
2012-07-30 17:08:56
Security update for Mozilla Firefox (important)
2012-07-21 01:08:17
MozillaFirefox to 14.0.1 (critical)
2012-07-23 14:08:16
ubuntu
ubuntu
ubufox update
2012-07-18 00:00:00
Firefox vulnerabilities
2012-07-17 00:00:00
Thunderbird vulnerabilities
2012-07-17 00:00:00
redhat
redhat
(RHSA-2012:1088) Critical: firefox security update
2012-07-17 00:00:00
(RHSA-2012:1089) Critical: thunderbird security update
2012-07-17 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-08-13 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-07-17 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.375 Low

EPSS

Percentile

97.2%

JSON
Related for DEBIAN_DSA-2528.NASL
osv3openvas56debian3nessus37ubuntucve4cve4veracode17nvd4cvelist4mozilla4prion4centos2oraclelinux2suse7ubuntu3redhat2securityvulns1freebsd1gentoo1