Lucene search
Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-2550-1.NASLHistoryApr 02, 2015 - 12:00 a.m.
Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2550-1)
2015-04-0200:00:00
Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
21
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.961
Percentile
99.5%
Olli Pettay and Boris Zbarsky discovered an issue during anchor navigations in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin policy restrictions.
(CVE-2015-0801)
Bobby Holley discovered that windows created to hold privileged UI content retained access to privileged internal methods if navigated to unprivileged content. An attacker could potentially exploit this in combination with another flaw, in order to execute arbitrary script in a privileged context. (CVE-2015-0802)
Several type confusion issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2015-0803, CVE-2015-0804)
Abhishek Arya discovered memory corruption issues during 2D graphics rendering. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2015-0805, CVE-2015-0806)
Christoph Kerschbaumer discovered that CORS requests from navigator.sendBeacon() followed 30x redirections after preflight. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct cross-site request forgery (XSRF) attacks. (CVE-2015-0807)
Mitchell Harper discovered an issue with memory management of simple-type arrays in WebRTC. An attacker could potentially exploit this to cause undefined behaviour. (CVE-2015-0808)
Felix Grobert discovered an out-of-bounds read in the QCMS colour management library. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information. (CVE-2015-0811)
Armin Razmdjou discovered that lightweight themes could be installed in Firefox without a user approval message, from Mozilla subdomains over HTTP without SSL. A remote attacker could potentially exploit this by conducting a Man-In-The-Middle (MITM) attack to install themes without user approval. (CVE-2015-0812)
Aki Helin discovered a use-after-free when playing MP3 audio files using the Fluendo MP3 GStreamer plugin in certain circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2015-0813)
Christian Holler, Andrew McCreight, Gary Kwong, Karl Tomlinson, Randell Jesup, Shu-yu Guo, Steve Fink, Tooru Fujisawa, and Byron Campen discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2015-0814, CVE-2015-0815)
Mariusz Mlynski discovered that documents loaded via resource: URLs (such as PDF.js) could load privileged chrome pages. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this in combination with another flaw, in order to execute arbitrary script in a privileged context. (CVE-2015-0816).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-2550-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(82524);
script_version("1.23");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/20");
script_cve_id(
"CVE-2015-0801",
"CVE-2015-0802",
"CVE-2015-0803",
"CVE-2015-0804",
"CVE-2015-0805",
"CVE-2015-0806",
"CVE-2015-0807",
"CVE-2015-0808",
"CVE-2015-0811",
"CVE-2015-0812",
"CVE-2015-0813",
"CVE-2015-0814",
"CVE-2015-0815",
"CVE-2015-0816"
);
script_bugtraq_id(
73454,
73455,
73457,
73458,
73460,
73461,
73462,
73463,
73464,
73465,
73466,
73467
);
script_xref(name:"USN", value:"2550-1");
script_name(english:"Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2550-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"Olli Pettay and Boris Zbarsky discovered an issue during anchor
navigations in some circumstances. If a user were tricked in to
opening a specially crafted website, an attacker could potentially
exploit this to bypass same-origin policy restrictions.
(CVE-2015-0801)
Bobby Holley discovered that windows created to hold privileged UI
content retained access to privileged internal methods if navigated to
unprivileged content. An attacker could potentially exploit this in
combination with another flaw, in order to execute arbitrary script in
a privileged context. (CVE-2015-0802)
Several type confusion issues were discovered in Firefox. If a user
were tricked in to opening a specially crafted website, an attacker
could potentially exploit these to cause a denial of service via
application crash, or execute arbitrary code with the privileges of
the user invoking Firefox. (CVE-2015-0803, CVE-2015-0804)
Abhishek Arya discovered memory corruption issues during 2D graphics
rendering. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit these to cause a denial
of service via application crash, or execute arbitrary code with the
privileges of the user invoking Firefox. (CVE-2015-0805,
CVE-2015-0806)
Christoph Kerschbaumer discovered that CORS requests from
navigator.sendBeacon() followed 30x redirections after preflight. If a
user were tricked in to opening a specially crafted website, an
attacker could potentially exploit this to conduct cross-site request
forgery (XSRF) attacks. (CVE-2015-0807)
Mitchell Harper discovered an issue with memory management of
simple-type arrays in WebRTC. An attacker could potentially exploit
this to cause undefined behaviour. (CVE-2015-0808)
Felix Grobert discovered an out-of-bounds read in the QCMS colour
management library. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to obtain
sensitive information. (CVE-2015-0811)
Armin Razmdjou discovered that lightweight themes could be installed
in Firefox without a user approval message, from Mozilla subdomains
over HTTP without SSL. A remote attacker could potentially exploit
this by conducting a Man-In-The-Middle (MITM) attack to install themes
without user approval. (CVE-2015-0812)
Aki Helin discovered a use-after-free when playing MP3 audio files
using the Fluendo MP3 GStreamer plugin in certain circumstances. If a
user were tricked in to opening a specially crafted website, an
attacker could potentially exploit this to cause a denial of service
via application crash, or execute arbitrary code with the privileges
of the user invoking Firefox. (CVE-2015-0813)
Christian Holler, Andrew McCreight, Gary Kwong, Karl Tomlinson,
Randell Jesup, Shu-yu Guo, Steve Fink, Tooru Fujisawa, and Byron
Campen discovered multiple memory safety issues in Firefox. If a user
were tricked in to opening a specially crafted website, an attacker
could potentially exploit these to cause a denial of service via
application crash, or execute arbitrary code with the privileges of
the user invoking Firefox. (CVE-2015-0814, CVE-2015-0815)
Mariusz Mlynski discovered that documents loaded via resource: URLs
(such as PDF.js) could load privileged chrome pages. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit this in combination with another flaw, in order to
execute arbitrary script in a privileged context. (CVE-2015-0816).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-2550-1");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-0815");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2015-0807");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Firefox Proxy Prototype Privileged Javascript Injection');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/04/01");
script_set_attribute(attribute:"patch_publication_date", value:"2015/04/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/04/02");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-globalmenu");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-af");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-an");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ar");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-as");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ast");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-az");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-be");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bn");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-br");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ca");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-csb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-da");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-de");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-el");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-en");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-es");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-et");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eu");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fa");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fr");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ga");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gu");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-he");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hr");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hsb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hu");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-id");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-is");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-it");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ja");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ka");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-km");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kn");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ko");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ku");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lv");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mai");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ml");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mn");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mr");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ms");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nn");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nso");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-oc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-or");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pa");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ro");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ru");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-si");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sq");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sr");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sv");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sw");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ta");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-te");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-th");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-tr");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uz");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-vi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-xh");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hans");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hant");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zu");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-mozsymbols");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-testsuite");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Ubuntu Local Security Checks");
script_copyright(english:"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include('debian_package.inc');
if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('14.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 14.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);
var pkgs = [
{'osver': '14.04', 'pkgname': 'firefox', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-dev', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-globalmenu', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-af', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-an', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ar', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-as', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ast', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-az', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-be', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-bg', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-bn', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-br', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-bs', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ca', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-cs', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-csb', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-cy', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-da', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-de', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-el', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-en', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-eo', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-es', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-et', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-eu', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-fa', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-fi', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-fr', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-fy', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ga', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-gd', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-gl', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-gu', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-he', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-hi', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-hr', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-hsb', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-hu', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-hy', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-id', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-is', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-it', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ja', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ka', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-kk', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-km', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-kn', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ko', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ku', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-lg', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-lt', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-lv', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-mai', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-mk', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ml', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-mn', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-mr', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ms', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-nb', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-nl', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-nn', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-nso', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-oc', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-or', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-pa', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-pl', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-pt', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ro', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ru', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-si', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-sk', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-sl', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-sq', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-sr', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-sv', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-sw', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ta', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-te', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-th', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-tr', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-uk', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-uz', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-vi', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-xh', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-zh-hans', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-zh-hant', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-zu', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-mozsymbols', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-testsuite', 'pkgver': '37.0+build2-0ubuntu0.14.04.1'}
];
var flag = 0;
foreach package_array ( pkgs ) {
var osver = NULL;
var pkgname = NULL;
var pkgver = NULL;
if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
if (osver && pkgname && pkgver) {
if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
var tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox / firefox-dev / firefox-globalmenu / firefox-locale-af / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | firefox | p-cpe:/a:canonical:ubuntu_linux:firefox |
| canonical | ubuntu_linux | firefox-dev | p-cpe:/a:canonical:ubuntu_linux:firefox-dev |
| canonical | ubuntu_linux | firefox-globalmenu | p-cpe:/a:canonical:ubuntu_linux:firefox-globalmenu |
| canonical | ubuntu_linux | firefox-locale-af | p-cpe:/a:canonical:ubuntu_linux:firefox-locale-af |
| canonical | ubuntu_linux | firefox-locale-an | p-cpe:/a:canonical:ubuntu_linux:firefox-locale-an |
| canonical | ubuntu_linux | firefox-locale-ar | p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ar |
| canonical | ubuntu_linux | firefox-locale-as | p-cpe:/a:canonical:ubuntu_linux:firefox-locale-as |
| canonical | ubuntu_linux | firefox-locale-ast | p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ast |
| canonical | ubuntu_linux | firefox-locale-az | p-cpe:/a:canonical:ubuntu_linux:firefox-locale-az |
| canonical | ubuntu_linux | firefox-locale-be | p-cpe:/a:canonical:ubuntu_linux:firefox-locale-be |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0801
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0802
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0803
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0804
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0805
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0806
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0807
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0808
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0811
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0812
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0813
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0814
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0815
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0816
ubuntu.com/security/notices/USN-2550-1
Related
archlinux
archlinux
firefox: multiple issues
2015-04-01 00:00:00
thunderbird: multiple issues
2015-04-04 00:00:00
openvas
openvas
Mozilla Firefox Multiple Vulnerabilities-01 (Apr 2015) - Windows
2015-04-06 00:00:00
openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2015:0677-1)
2015-04-09 00:00:00
Ubuntu: Security Advisory (USN-2550-1)
2015-04-02 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2015-04-01 00:00:00
Thunderbird vulnerabilities
2015-04-02 00:00:00
suse
suse
Security update for MozillaFirefox (important)
2015-04-10 18:04:46
Security update for MozillaFirefox (important)
2015-04-10 17:04:55
nessus
nessus
Firefox < 37.0 Multiple Vulnerabilities
2015-04-01 00:00:00
openSUSE Security Update : MozillaFirefox / MozillaThunderbird / mozilla-nspr (openSUSE-2015-290)
2015-04-09 00:00:00
Mozilla Firefox < 37.0 Multiple Vulnerabilities
2015-04-29 00:00:00
kaspersky
kaspersky
freebsd
freebsd
mozilla -- multiple vulnerabilities
2015-03-31 00:00:00
debian
debian
[SECURITY] [DSA 3211-1] iceweasel security update
2015-04-01 16:10:19
[SECURITY] [DSA 3212-1] icedove security update
2015-04-02 20:35:14
[SECURITY] [DSA 3211-1] iceweasel security update
2015-04-01 16:10:19
centos
centos
firefox, xulrunner security update
2015-03-31 23:44:15
thunderbird security update
2015-04-01 14:33:26
veracode
veracode
Cross-Site Request Forgery (CSRF)
2019-05-02 05:12:57
Denial Of Service (DoS)
2019-05-02 05:12:58
Arbitrary Code Execution
2019-05-02 05:12:58
mageia
mageia
Updated firefox & thunderbird packages fix security vulnerabilities
2015-04-03 16:11:23
Updated iceape packages fix security vulnerabilities
2015-09-08 10:20:40
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2015-04-08 00:00:00
oraclelinux
oraclelinux
firefox security update
2015-04-01 00:00:00
thunderbird security update
2015-04-01 00:00:00
redhat
redhat
(RHSA-2015:0771) Important: thunderbird security update
2015-04-01 00:00:00
(RHSA-2015:0766) Critical: firefox security update
2015-03-31 00:00:00
mozilla
mozilla
Memory corruption crashes in Off Main Thread Compositing — Mozilla
2015-03-31 00:00:00
Miscellaneous memory safety hazards (rv:37.0 / rv:31.6) — Mozilla
2015-03-31 00:00:00
Use-after-free due to type confusion flaws — Mozilla
2015-03-31 00:00:00
packetstorm
packetstorm
Firefox PDF.js Privileged Javascript Injection
2015-08-23 00:00:00
checkpoint_advisories
checkpoint_advisories
Firefox PDF.js Javascript Injection (CVE-2015-0802; CVE-2015-0816)
2017-08-29 00:00:00
nvd
nvd
cvelist
cvelist
prion
prion
Design/Logic Flaw
2015-04-01 10:59:00
Design/Logic Flaw
2015-04-01 10:59:00
Out-of-bounds
2015-04-01 10:59:00
cve
cve
ubuntucve
ubuntucve
zdi
zdi
(Pwn2Own) Mozilla Firefox resource: URL Remote Code Execution Vulnerability
2015-04-03 00:00:00
zdt
zdt
Firefox PDF.js Privileged Javascript Injection Exploit
2015-08-23 00:00:00
metasploit
metasploit
Firefox PDF.js Privileged Javascript Injection
2015-08-16 01:02:00
exploitdb
exploitdb
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-12-30 00:00:00
androidsecurity
androidsecurity
Nexus Security Bulletin - February 2016
2016-02-01 00:00:00
kitploit
kitploit
Radamsa - A General-Purpose Fuzzer
2024-03-25 11:30:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.961
Percentile
99.5%
Related for UBUNTU_USN-2550-1.NASL