Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.MOZILLA_FIREFOX_1008.NASL
HistoryOct 17, 2012 - 12:00 a.m.

Firefox 10.0.x < 10.0.8 Multiple Vulnerabilities

2012-10-1700:00:00
This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
26

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.713 High

EPSS

Percentile

98.1%

JSON

The installed version of Firefox 10.0.x is affected by the following vulnerabilities :

  • Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-3983)

  • Some methods of a feature used for testing (DOMWindowUtils) are not properly protected and may be called through script by web pages. (CVE-2012-3986)

  • A potentially exploitable denial of service may be caused by a combination of invoking full-screen mode and navigating backwards in history. (CVE-2012-3988)

  • When the ‘GetProperty’ function is invoked through JSAP, security checking can by bypassed when getting cross- origin properties, potentially allowing arbitrary code execution. (CVE-2012-3991)

  • The ‘location’ property can be accessed by binary plugins through ‘top.location’ and ‘top’ can be shadowed by ‘Object.defineProperty’, potentially allowing cross- site scripting attacks through plugins. (CVE-2012-3994)

  • The Chrome Object Wrapper (COW) has flaws that could allow access to privileged functions, allowing for cross- site scripting attacks or arbitrary code execution. (CVE-2012-3993, CVE-2012-4184)

  • The ‘location.hash’ property is vulnerable to an attack that could allow an attacker to inject script or intercept post data. (CVE-2012-3992)

  • The ‘Address Sanitizer’ tool is affected by multiple, potentially exploitable use-after-free flaws. (CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183)

  • The ‘Address Sanitizer’ tool is affected by multiple, potentially exploitable heap memory corruption issues. (CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(62579);
  script_version("1.17");
  script_cvs_date("Date: 2019/12/04");

  script_cve_id(
    "CVE-2012-3982",
    "CVE-2012-3983",
    "CVE-2012-3986",
    "CVE-2012-3988",
    "CVE-2012-3990",
    "CVE-2012-3991",
    "CVE-2012-3992",
    "CVE-2012-3993",
    "CVE-2012-3994",
    "CVE-2012-3995",
    "CVE-2012-4179",
    "CVE-2012-4180",
    "CVE-2012-4181",
    "CVE-2012-4182",
    "CVE-2012-4183",
    "CVE-2012-4184",
    "CVE-2012-4185",
    "CVE-2012-4186",
    "CVE-2012-4187",
    "CVE-2012-4188"
  );
  script_bugtraq_id(
    55922,
    55924,
    55930,
    55931,
    56118,
    56119,
    56120,
    56121,
    56123,
    56125,
    56126,
    56127,
    56128,
    56129,
    56130,
    56131,
    56135,
    56136,
    56140,
    56145
  );

  script_name(english:"Firefox 10.0.x < 10.0.8 Multiple Vulnerabilities");
  script_summary(english:"Checks version of Firefox");

  script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains a web browser that is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The installed version of Firefox 10.0.x is affected by the following
vulnerabilities :

  - Several memory safety bugs exist in the browser engine 
    used in Mozilla-based products that could be exploited 
    to execute arbitrary code. (CVE-2012-3983)

  - Some methods of a feature used for testing 
    (DOMWindowUtils) are not properly protected and may be 
    called through script by web pages. (CVE-2012-3986)

  - A potentially exploitable denial of service may be 
    caused by a combination of invoking full-screen mode and 
    navigating backwards in history. (CVE-2012-3988)

  - When the 'GetProperty' function is invoked through JSAP, 
    security checking can by bypassed when getting cross-
    origin properties, potentially allowing arbitrary code 
    execution. (CVE-2012-3991)

  - The 'location' property can be accessed by binary 
    plugins through 'top.location' and 'top' can be shadowed 
    by 'Object.defineProperty', potentially allowing cross-
    site scripting attacks through plugins. (CVE-2012-3994)

  - The Chrome Object Wrapper (COW) has flaws that could 
    allow access to privileged functions, allowing for cross-
    site scripting attacks or arbitrary code execution. 
    (CVE-2012-3993, CVE-2012-4184)

  - The 'location.hash' property is vulnerable to an attack 
    that could allow an attacker to inject script or 
    intercept post data. (CVE-2012-3992)

  - The 'Address Sanitizer' tool is affected by multiple,
    potentially exploitable use-after-free flaws. 
    (CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, 
    CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, 
    CVE-2012-4183)

  - The 'Address Sanitizer' tool is affected by multiple,
    potentially exploitable heap memory corruption issues. 
    (CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, 
    CVE-2012-4188)");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-87/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-86/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-85/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-84/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-83/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-82/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-81/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-79/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-77/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2012-74/");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Firefox 10.0.8 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-4188");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/10/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/10/17");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:firefox");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("mozilla_org_installed.nasl");
  script_require_keys("Mozilla/Firefox/Version");

  exit(0);
}

include("mozilla_version.inc");
port = get_kb_item_or_exit("SMB/transport"); 

installs = get_kb_list("SMB/Mozilla/Firefox/*");
if (isnull(installs)) audit(AUDIT_NOT_INST, "Firefox");

mozilla_check_version(installs:installs, product:'firefox', esr:TRUE, fix:'10.0.8', min:'10.0', severity:SECURITY_HOLE, xss:TRUE);
VendorProductVersionCPE
mozillafirefoxcpe:/a:mozilla:firefox

References

Related

nessus 32
openvas 59
veracode 17
oraclelinux 2
redhat 2
centos 2
ubuntu 2
osv 3
debian 3
suse 2
mozilla 10
freebsd 1
securityvulns 1
ibm 1
nvd 11
cve 12
cvelist 11
prion 12
ubuntucve 15
seebug 1
nessus
nessus
Mozilla Thunderbird 10.0.x < 10.0.8 Multiple Vulnerabilities (Mac OS X)
2012-10-17 00:00:00
Firefox < 10.0.8 Multiple Vulnerabilities (Mac OS X)
2012-10-17 00:00:00
Mozilla Thunderbird 10.0.x < 10.0.8 Multiple Vulnerabilities
2012-10-17 00:00:00
openvas
openvas
Mozilla Thunderbird Multiple Vulnerabilities-01 (Mac OS X)
2012-10-15 00:00:00
Mozilla Firefox Multiple Vulnerabilities - 01 - Windows
2012-10-15 00:00:00
Mozilla Thunderbird ESR Multiple Vulnerabilities - 01 - Windows
2012-10-15 00:00:00
veracode
veracode
Use-After-Free
2019-05-02 04:43:32
Arbitrary Code Execution
2019-05-02 04:43:34
Cross-site Scripting (XSS)
2019-05-02 04:43:34
oraclelinux
oraclelinux
thunderbird security update
2012-10-10 00:00:00
firefox security and bug fix update
2012-10-10 00:00:00
redhat
redhat
(RHSA-2012:1350) Critical: firefox security and bug fix update
2012-10-09 00:00:00
(RHSA-2012:1351) Critical: thunderbird security update
2012-10-09 00:00:00
centos
centos
firefox, xulrunner security update
2012-10-10 13:52:09
thunderbird security update
2012-10-10 13:53:37
ubuntu
ubuntu
Firefox vulnerabilities
2012-10-09 00:00:00
Thunderbird vulnerabilities
2012-10-12 00:00:00
osv
osv
iceweasel - several
2012-10-23 00:00:00
icedove - several
2012-10-29 00:00:00
iceape - several
2012-11-04 00:00:00
debian
debian
[SECURITY] [DSA 2569-1] icedove security update
2012-10-29 20:57:34
[SECURITY] [DSA 2572-1] iceape security update
2012-11-04 18:59:26
[SECURITY] [DSA 2565-1] iceweasel security update
2012-10-23 19:45:56
suse
suse
MozillaFirefox: update to Firefox 16.0.1 (important)
2012-10-15 15:08:30
Security update for Mozilla Firefox (important)
2012-10-16 22:08:48
mozilla
mozilla
Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer — Mozilla
2012-10-09 00:00:00
Heap memory corruption issues found using Address Sanitizer — Mozilla
2012-10-09 00:00:00
Miscellaneous memory safety hazards (rv:16.0/ rv:10.0.8) — Mozilla
2012-10-09 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-10-09 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-10-29 00:00:00
ibm
ibm
Security Bulletin: Storwize V7000 Unified V1.4.1.0 Includes Fixes for Multiple Vendor Security Vulnerabilities
2022-09-26 04:23:14
nvd
nvd
CVE-2012-3993
2012-10-10 17:55:02
CVE-2012-3992
2012-10-10 17:55:02
CVE-2012-3990
2012-10-10 17:55:01
cve
cve
CVE-2012-3992
2012-10-10 17:55:02
CVE-2012-3993
2012-10-10 17:55:02
CVE-2012-3988
2012-10-10 17:55:01
cvelist
cvelist
CVE-2012-3992
2012-10-10 17:00:00
CVE-2012-3993
2012-10-10 17:00:00
CVE-2012-3990
2012-10-10 17:00:00
prion
prion
Cross site scripting
2012-10-10 17:55:00
Cross site scripting
2012-10-10 17:55:00
Memory corruption
2012-10-10 17:55:00
ubuntucve
ubuntucve
CVE-2012-3991
2012-10-09 00:00:00
CVE-2012-3986
2012-10-09 00:00:00
CVE-2012-3983
2012-10-09 00:00:00
seebug
seebug
Mozilla Firefox 15内存破坏漏洞 (CVE-2012-3983)
2012-10-14 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.713 High

EPSS

Percentile

98.1%

JSON
Related for MOZILLA_FIREFOX_1008.NASL
nessus32openvas59veracode17oraclelinux2redhat2centos2ubuntu2osv3debian3suse2mozilla10freebsd1securityvulns1ibm1nvd11cve12cvelist11prion12ubuntucve15seebug1