CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.8%
A large number of security issues were discovered in the Gecko rendering engine. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-1123-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include("compat.inc");
if (description)
{
script_id(55083);
script_version("1.24");
script_cvs_date("Date: 2019/09/19 12:54:27");
script_cve_id("CVE-2010-1585", "CVE-2010-3776", "CVE-2010-3778", "CVE-2011-0051", "CVE-2011-0053", "CVE-2011-0054", "CVE-2011-0055", "CVE-2011-0056", "CVE-2011-0057", "CVE-2011-0058", "CVE-2011-0059", "CVE-2011-0062", "CVE-2011-0065", "CVE-2011-0066", "CVE-2011-0067", "CVE-2011-0069", "CVE-2011-0070", "CVE-2011-0071", "CVE-2011-0072", "CVE-2011-0073", "CVE-2011-0074", "CVE-2011-0075", "CVE-2011-0077", "CVE-2011-0078", "CVE-2011-0080", "CVE-2011-1202");
script_bugtraq_id(45344, 45347, 46643, 46645, 46647, 46648, 46650, 46652, 46660, 46661, 46663);
script_xref(name:"USN", value:"1123-1");
script_name(english:"Ubuntu 9.10 : Multiple Xulrunner 1.9.1 vulnerabilities (USN-1123-1)");
script_summary(english:"Checks dpkg output for updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Ubuntu host is missing a security-related patch."
);
script_set_attribute(
attribute:"description",
value:
"A large number of security issues were discovered in the Gecko
rendering engine. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related
to web browser security, including cross-site scripting attacks,
denial of service attacks, and arbitrary code execution.
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://usn.ubuntu.com/1123-1/"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected xulrunner-1.9.1 package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox "nsTreeRange" Dangling Pointer Vulnerability');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:'White_Phosphorus');
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.10");
script_set_attribute(attribute:"vuln_publication_date", value:"2010/04/28");
script_set_attribute(attribute:"patch_publication_date", value:"2011/04/29");
script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/13");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(9\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 9.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"9.10", pkgname:"xulrunner-1.9.1", pkgver:"1.9.1.19+build2+nobinonly-0ubuntu0.9.10.1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xulrunner-1.9.1");
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1585
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3776
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3778
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0051
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0053
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0054
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0055
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0056
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0057
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0058
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0059
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0062
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0065
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0066
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0067
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0069
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0070
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0071
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0072
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0073
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0074
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0075
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0077
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0078
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0080
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1202
usn.ubuntu.com/1123-1/