CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
98.5%
Mozilla Firefox is prone to multiple vulnerabilities.
# SPDX-FileCopyrightText: 2008 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:mozilla:firefox";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.800058");
script_version("2023-07-28T05:05:23+0000");
script_tag(name:"last_modification", value:"2023-07-28 05:05:23 +0000 (Fri, 28 Jul 2023)");
script_tag(name:"creation_date", value:"2008-11-21 14:18:03 +0100 (Fri, 21 Nov 2008)");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_cve_id("CVE-2008-5012", "CVE-2008-5013", "CVE-2008-5014", "CVE-2008-5015",
"CVE-2008-5016", "CVE-2008-5017", "CVE-2008-5018", "CVE-2008-5019",
"CVE-2008-5021", "CVE-2008-5022", "CVE-2008-5023", "CVE-2008-5024",
"CVE-2008-5052", "CVE-2008-0017");
script_name("Mozilla Firefox Multiple Vulnerabilities (Nov 2008) - Linux");
script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2008/mfsa2008-47.html");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/32281");
script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2008/mfsa2008-48.html");
script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2008/mfsa2008-49.html");
script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2008/mfsa2008-50.html");
script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2008/mfsa2008-51.html");
script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2008/mfsa2008-52.html");
script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2008/mfsa2008-53.html");
script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2008/mfsa2008-54.html");
script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2008/mfsa2008-55.html");
script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2008/mfsa2008-56.html");
script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2008/mfsa2008-57.html");
script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2008/mfsa2008-58.html");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 Greenbone AG");
script_family("General");
script_dependencies("gb_firefox_detect_lin.nasl");
script_mandatory_keys("mozilla/firefox/linux/detected");
script_tag(name:"impact", value:"Successful exploitation could result in remote arbitrary code execution,
bypass security restrictions, spoofing attacks, sensitive information
disclosure, and JavaScript code that can be executed with the privileges of the signed user.");
script_tag(name:"affected", value:"Mozilla Firefox version prior to 2.0.0.18 and 3.x to 3.0.3.");
script_tag(name:"solution", value:"Update to version 2.0.0.18, 3.0.4 or later.");
script_tag(name:"summary", value:"Mozilla Firefox is prone to multiple vulnerabilities.");
script_tag(name:"qod_type", value:"executable_version_unreliable");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
exit(0);
version = infos["version"];
location = infos["location"];
if(version_is_less(version:version, test_version:"2.0.0.18")) {
report = report_fixed_ver(installed_version:version, fixed_version:"2.0.0.18", install_path:location);
security_message(port:0, data:report);
exit(0);
}
if(version_in_range(version:version, test_version:"3.0", test_version2:"3.0.3")) {
report = report_fixed_ver(installed_version:version, fixed_version:"3.0.4", install_path:location);
security_message(port:0, data:report);
exit(0);
}
exit(99);
www.mozilla.org/security/announce/2008/mfsa2008-47.html
www.mozilla.org/security/announce/2008/mfsa2008-48.html
www.mozilla.org/security/announce/2008/mfsa2008-49.html
www.mozilla.org/security/announce/2008/mfsa2008-50.html
www.mozilla.org/security/announce/2008/mfsa2008-51.html
www.mozilla.org/security/announce/2008/mfsa2008-52.html
www.mozilla.org/security/announce/2008/mfsa2008-53.html
www.mozilla.org/security/announce/2008/mfsa2008-54.html
www.mozilla.org/security/announce/2008/mfsa2008-55.html
www.mozilla.org/security/announce/2008/mfsa2008-56.html
www.mozilla.org/security/announce/2008/mfsa2008-57.html
www.mozilla.org/security/announce/2008/mfsa2008-58.html
www.securityfocus.com/bid/32281