Lucene search
Copyright (C) 2016 Greenbone Networks GmbHOPENVAS:1361412562310851229HistoryMar 12, 2016 - 12:00 a.m.
SUSE: Security Advisory for MozillaFirefox (SUSE-SU-2016:0727-1)
2016-03-1200:00:00
Copyright (C) 2016 Greenbone Networks GmbH
plugins.openvas.org
27
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
Low
EPSS
0.963
Percentile
99.6%
The remote host is missing an update for the
# Copyright (C) 2016 Greenbone Networks GmbH
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.851229");
script_version("2021-09-20T14:01:48+0000");
script_tag(name:"last_modification", value:"2021-09-20 14:01:48 +0000 (Mon, 20 Sep 2021)");
script_tag(name:"creation_date", value:"2016-03-12 06:13:25 +0100 (Sat, 12 Mar 2016)");
script_cve_id("CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954",
"CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1960", "CVE-2016-1961",
"CVE-2016-1962", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966",
"CVE-2016-1974", "CVE-2016-1977", "CVE-2016-1978", "CVE-2016-1979",
"CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793",
"CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797",
"CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801",
"CVE-2016-2802");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2019-12-27 16:08:00 +0000 (Fri, 27 Dec 2019)");
script_tag(name:"qod_type", value:"package");
script_name("SUSE: Security Advisory for MozillaFirefox (SUSE-SU-2016:0727-1)");
script_tag(name:"summary", value:"The remote host is missing an update for the 'MozillaFirefox'
package(s) announced via the referenced advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the
following issues:
Mozilla Firefox was updated to 38.7.0 ESR (bsc#969894), fixing following
security issues:
* MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety
hazards (rv:45.0 / rv:38.7)
* MFSA 2016-17/CVE-2016-1954 Local file overwriting and potential
privilege escalation through CSP reports
* MFSA 2016-20/CVE-2016-1957 Memory leak in libstagefright when deleting
an array during MP4 processing
* MFSA 2016-21/CVE-2016-1958 Displayed page address can be overridden
* MFSA 2016-23/CVE-2016-1960 Use-after-free in HTML5 string parser
* MFSA 2016-24/CVE-2016-1961 Use-after-free in SetBody
* MFSA 2016-25/CVE-2016-1962 Use-after-free when using multiple WebRTC
data channels
* MFSA 2016-27/CVE-2016-1964 Use-after-free during XML transformations
* MFSA 2016-28/CVE-2016-1965 Addressbar spoofing though history navigation
and Location protocol property
* MFSA 2016-31/CVE-2016-1966 Memory corruption with malicious NPAPI plugin
* MFSA 2016-34/CVE-2016-1974 Out-of-bounds read in HTML parser following a
failed allocation
* MFSA 2016-35/CVE-2016-1950 Buffer overflow during ASN.1 decoding in NSS
* MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/
CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/
CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/
CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the
Graphite 2 library
Mozilla NSPR was updated to version 4.12 (bsc#969894), fixing following
bugs:
* added a PR_GetEnvSecure function, which attempts to detect if the
program is being executed with elevated privileges, and returns NULL if
detected. It is recommended to use this function in general purpose
library code.
* fixed a memory allocation bug related to the PR_*printf functions
* exported API PR_DuplicateEnvironment, which had already been added in
NSPR 4.10.9
* added support for FreeBSD aarch64
* several minor correctness and compatibility fixes
Mozilla NSS was updated to fix security issues (bsc#969894):
* MFSA 2016-15/CVE-2016-1978 Use-after-free in NSS during SSL connections
in low memory
* MFSA 2016-35/CVE-2016-1950 Buffer overflow during ASN.1 decoding in NSS
* MFSA 2016-36/CVE-2016-1979 Use-after-free during processing of DER
encoded keys in NSS");
script_tag(name:"affected", value:"MozillaFirefox, on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Desktop 12");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_xref(name:"SUSE-SU", value:"2016:0727-1");
script_tag(name:"solution_type", value:"VendorFix");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2016 Greenbone Networks GmbH");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse", "ssh/login/rpms", re:"ssh/login/release=(SLED12\.0SP0|SLES12\.0SP0)");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "SLED12.0SP0") {
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox", rpm:"MozillaFirefox~38.7.0esr~63.3", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-debuginfo", rpm:"MozillaFirefox-debuginfo~38.7.0esr~63.3", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-debugsource", rpm:"MozillaFirefox-debugsource~38.7.0esr~63.3", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-translations", rpm:"MozillaFirefox-translations~38.7.0esr~63.3", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3", rpm:"libfreebl3~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3-32bit", rpm:"libfreebl3-32bit~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3-debuginfo", rpm:"libfreebl3-debuginfo~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3-debuginfo-32bit", rpm:"libfreebl3-debuginfo-32bit~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3", rpm:"libsoftokn3~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3-32bit", rpm:"libsoftokn3-32bit~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3-debuginfo", rpm:"libsoftokn3-debuginfo~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3-debuginfo-32bit", rpm:"libsoftokn3-debuginfo-32bit~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-32bit", rpm:"mozilla-nspr-32bit~4.12~12.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr", rpm:"mozilla-nspr~4.12~12.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-debuginfo-32bit", rpm:"mozilla-nspr-debuginfo-32bit~4.12~12.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-debuginfo", rpm:"mozilla-nspr-debuginfo~4.12~12.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-debugsource", rpm:"mozilla-nspr-debugsource~4.12~12.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss", rpm:"mozilla-nss~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-32bit", rpm:"mozilla-nss-32bit~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-certs", rpm:"mozilla-nss-certs~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-certs-32bit", rpm:"mozilla-nss-certs-32bit~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-certs-debuginfo", rpm:"mozilla-nss-certs-debuginfo~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-certs-debuginfo-32bit", rpm:"mozilla-nss-certs-debuginfo-32bit~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-debuginfo", rpm:"mozilla-nss-debuginfo~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-debuginfo-32bit", rpm:"mozilla-nss-debuginfo-32bit~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-debugsource", rpm:"mozilla-nss-debugsource~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-sysinit", rpm:"mozilla-nss-sysinit~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-sysinit-32bit", rpm:"mozilla-nss-sysinit-32bit~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-sysinit-debuginfo", rpm:"mozilla-nss-sysinit-debuginfo~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-sysinit-debuginfo-32bit", rpm:"mozilla-nss-sysinit-debuginfo-32bit~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-tools", rpm:"mozilla-nss-tools~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-tools-debuginfo", rpm:"mozilla-nss-tools-debuginfo~3.20.2~40.1", rls:"SLED12.0SP0"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLES12.0SP0") {
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox", rpm:"MozillaFirefox~38.7.0esr~63.3", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-debuginfo", rpm:"MozillaFirefox-debuginfo~38.7.0esr~63.3", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-debugsource", rpm:"MozillaFirefox-debugsource~38.7.0esr~63.3", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-translations", rpm:"MozillaFirefox-translations~38.7.0esr~63.3", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3", rpm:"libfreebl3~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3-debuginfo", rpm:"libfreebl3-debuginfo~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3-hmac", rpm:"libfreebl3-hmac~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3", rpm:"libsoftokn3~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3-debuginfo", rpm:"libsoftokn3-debuginfo~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3-hmac", rpm:"libsoftokn3-hmac~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr", rpm:"mozilla-nspr~4.12~12.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-debuginfo", rpm:"mozilla-nspr-debuginfo~4.12~12.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-debugsource", rpm:"mozilla-nspr-debugsource~4.12~12.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss", rpm:"mozilla-nss~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-certs", rpm:"mozilla-nss-certs~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-certs-debuginfo", rpm:"mozilla-nss-certs-debuginfo~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-debuginfo", rpm:"mozilla-nss-debuginfo~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-debugsource", rpm:"mozilla-nss-debugsource~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-sysinit", rpm:"mozilla-nss-sysinit~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-sysinit-debuginfo", rpm:"mozilla-nss-sysinit-debuginfo~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-tools", rpm:"mozilla-nss-tools~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-tools-debuginfo", rpm:"mozilla-nss-tools-debuginfo~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3-32bit", rpm:"libfreebl3-32bit~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3-debuginfo-32bit", rpm:"libfreebl3-debuginfo-32bit~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3-hmac-32bit", rpm:"libfreebl3-hmac-32bit~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3-32bit", rpm:"libsoftokn3-32bit~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3-debuginfo-32bit", rpm:"libsoftokn3-debuginfo-32bit~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3-hmac-32bit", rpm:"libsoftokn3-hmac-32bit~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-32bit", rpm:"mozilla-nspr-32bit~4.12~12.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-debuginfo-32bit", rpm:"mozilla-nspr-debuginfo-32bit~4.12~12.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-32bit", rpm:"mozilla-nss-32bit~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-certs-32bit", rpm:"mozilla-nss-certs-32bit~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-certs-debuginfo-32bit", rpm:"mozilla-nss-certs-debuginfo-32bit~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-debuginfo-32bit", rpm:"mozilla-nss-debuginfo-32bit~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-sysinit-32bit", rpm:"mozilla-nss-sysinit-32bit~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-sysinit-debuginfo-32bit", rpm:"mozilla-nss-sysinit-debuginfo-32bit~3.20.2~40.1", rls:"SLES12.0SP0"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
References
Related
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2016:0777-1)
2021-06-09 00:00:00
CentOS Update for thunderbird CESA-2016:0460 centos7
2016-03-17 00:00:00
Mageia: Security Advisory (MGASA-2016-0115)
2016-03-17 00:00:00
suse
suse
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (important)
2016-03-30 15:07:52
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (important)
2016-03-11 20:11:56
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (important)
2016-03-15 19:12:14
nessus
nessus
SUSE SLED11 / SLES11 Security Update : MozillaFirefox, mozilla-nspr, mozilla-nss (SUSE-SU-2016:0777-1)
2016-03-17 00:00:00
SUSE SLED12 / SLES12 Security Update : MozillaFirefox, mozilla-nspr, mozilla-nss (SUSE-SU-2016:0727-1)
2016-03-15 00:00:00
Firefox ESR < 38.7 Multiple Vulnerabilities (Mac OS X)
2016-03-11 00:00:00
osv
osv
iceweasel - security update
2016-03-09 00:00:00
graphite2 - security update
2016-03-13 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2016-03-16 00:00:00
firefox security update
2016-03-09 00:00:00
nss, nss-util, and nspr security, bug fix, and enhancement update
2016-04-05 00:00:00
redhat
redhat
(RHSA-2016:0460) Important: thunderbird security update
2016-03-16 00:00:00
(RHSA-2016:0373) Critical: firefox security update
2016-03-09 00:00:00
centos
centos
thunderbird security update
2016-03-16 17:52:15
firefox security update
2016-03-09 06:42:15
nspr, nss security update
2016-04-25 17:49:11
ubuntu
ubuntu
Thunderbird vulnerabilities
2016-04-27 00:00:00
graphite2 vulnerabilities
2016-03-14 00:00:00
Firefox regressions
2016-04-19 00:00:00
debian
debian
[SECURITY] [DSA 3520-1] icedove security update
2016-03-18 21:06:06
[SECURITY] [DSA 3510-1] iceweasel security update
2016-03-09 18:27:44
[SECURITY] [DSA 3515-1] graphite2 security update
2016-03-13 19:13:59
veracode
veracode
Use-After-Free
2019-05-02 05:27:24
NULL Pointer Dereference
2019-05-02 05:27:24
Buffer Over-Read
2019-05-02 05:27:26
mageia
mageia
Updated firefox packages fix security vulnerabilities
2016-03-10 01:57:53
Updated thunderbird packages fix security vulnerabilities
2016-03-16 21:07:23
Updated graphite2 package fixes security vulnerabilities
2016-03-07 14:20:30
archlinux
archlinux
thunderbird: multiple issues
2016-03-20 00:00:00
firefox: multiple issues
2016-03-09 00:00:00
freebsd
freebsd
graphite2 -- multiple vulnerabilities
2016-03-08 00:00:00
mozilla -- multiple vulnerabilities
2016-03-08 00:00:00
NSS -- multiple vulnerabilities
2016-03-08 00:00:00
mozilla
mozilla
Font vulnerabilities in the Graphite 2 library — Mozilla
2016-03-08 00:00:00
Miscellaneous memory safety hazards (rv:45.0 / rv:38.7) — Mozilla
2016-03-08 00:00:00
gentoo
gentoo
Graphite: Multiple vulnerabilities
2017-01-24 00:00:00
kaspersky
kaspersky
KLA10765 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2016-03-08 00:00:00
ibm
ibm
symantec
symantec
SA124 : NSS Vulnerabilities March 2016
2016-06-07 08:00:00
amazon
amazon
Medium: nspr, nss-util, nss, nss-softokn
2016-05-18 14:00:00
nvd
nvd
cvelist
cvelist
CVE-2016-2792
2016-03-13 18:00:00
cve
cve
CVE-2016-2792
2016-03-13 18:59:31
debiancve
debiancve
CVE-2016-2797
2016-03-13 18:59:36
prion
prion
Design/Logic Flaw
2016-03-13 18:59:00
Design/Logic Flaw
2016-03-13 18:59:00
ubuntucve
ubuntucve
CVE-2016-2792
2016-03-08 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
Low
EPSS
0.963
Percentile
99.6%
Related for OPENVAS:1361412562310851229