Vulnerability CVE-2007-0780 - CERT Civis.Net

Vulnerability Name:

CVE-2007-0780 (CCN-32667)

Assigned:

2007-02-23

Published:

2007-02-23

Updated:

2019-10-09

Summary:

browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI.

CVSS v3 Severity:

4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N)
3.5 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: SGI
Type: Broken Link
20070202-01-P

Source: SGI
Type: Broken Link
20070301-01-P

Source: MITRE
Type: CNA
CVE-2007-0780

Source: FEDORA
Type: Broken Link
FEDORA-2007-281

Source: FEDORA
Type: Broken Link
FEDORA-2007-293

Source: HP
Type: Broken Link
HPSBUX02153

Source: SUSE
Type: Broken Link
SUSE-SA:2007:019

Source: CCN
Type: RHSA-2007-0077
Critical: seamonkey security update

Source: REDHAT
Type: Third Party Advisory
RHSA-2007:0077

Source: CCN
Type: RHSA-2007-0078
Critical: thunderbird security update

Source: CCN
Type: RHSA-2007-0079
Critical: Firefox security update

Source: CCN
Type: RHSA-2007-0097
Critical: firefox security update

Source: CCN
Type: RHSA-2007-0108
Critical: thunderbird security update

Source: CCN
Type: SA24205
Mozilla Firefox Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
24205

Source: CCN
Type: SA24238
Mozilla SeaMonkey Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
24238

Source: SECUNIA
Type: Third Party Advisory
24287

Source: SECUNIA
Type: Third Party Advisory
24290

Source: SECUNIA
Type: Third Party Advisory
24293

Source: SECUNIA
Type: Third Party Advisory
24320

Source: SECUNIA
Type: Third Party Advisory
24328

Source: SECUNIA
Type: Third Party Advisory
24333

Source: SECUNIA
Type: Third Party Advisory
24342

Source: SECUNIA
Type: Third Party Advisory
24343

Source: SECUNIA
Type: Third Party Advisory
24384

Source: SECUNIA
Type: Third Party Advisory
24393

Source: SECUNIA
Type: Third Party Advisory
24395

Source: SECUNIA
Type: Third Party Advisory
24437

Source: SECUNIA
Type: Third Party Advisory
24455

Source: SECUNIA
Type: Third Party Advisory
24457

Source: SECUNIA
Type: Third Party Advisory
24650

Source: GENTOO
Type: Third Party Advisory
GLSA-200703-04

Source: CCN
Type: SECTRACK ID: 1017702
Mozilla Firefox Flaws Permit Cross-Site Scripting Attacks and Local File Access

Source: SLACKWARE
Type: Mailing List, Third Party Advisory
SSA:2007-066-05

Source: SLACKWARE
Type: Mailing List, Third Party Advisory
SSA:2007-066-03

Source: CCN
Type: ASA-2007-092
SeaMonkey security update (RHSA-2007-0077)

Source: CCN
Type: ASA-2007-095
thunderbird security update (RHSA-2007-0078)

Source: CCN
Type: ASA-2007-114
Firefox security update (RHSA-2007-0079)

Source: CCN
Type: GLSA-200703-04
Mozilla Firefox: Multiple vulnerabilities

Source: CCN
Type: GLSA-200703-08
SeaMonkey: Multiple vulnerabilities

Source: GENTOO
Type: Third Party Advisory
GLSA-200703-08

Source: MANDRIVA
Type: Third Party Advisory
MDKSA-2007:050

Source: CCN
Type: MFSA 2007-05
XSS and local file access by opening blocked popups

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.mozilla.org/security/announce/2007/mfsa2007-05.html

Source: SUSE
Type: Broken Link
SUSE-SA:2007:022

Source: OSVDB
Type: Broken Link
32107

Source: CCN
Type: OSVDB ID: 32107
Mozilla Multiple Products Blocked Popup XSS

Source: REDHAT
Type: Third Party Advisory
RHSA-2007:0078

Source: REDHAT
Type: Third Party Advisory
RHSA-2007:0079

Source: REDHAT
Type: Third Party Advisory
RHSA-2007:0097

Source: REDHAT
Type: Third Party Advisory
RHSA-2007:0108

Source: BUGTRAQ
Type: Third Party Advisory, VDB Entry
20070226 rPSA-2007-0040-1 firefox

Source: BUGTRAQ
Type: Third Party Advisory, VDB Entry
20070303 rPSA-2007-0040-3 firefox thunderbird

Source: BID
Type: Third Party Advisory, VDB Entry
22694

Source: CCN
Type: BID-22694
Mozilla Thunderbird/SeaMonkey/Firefox Multiple Remote Vulnerabilities

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1017702

Source: CCN
Type: USN-428-1
Firefox vulnerabilities

Source: UBUNTU
Type: Third Party Advisory
USN-428-1

Source: CCN
Type: USN-428-2
Firefox regression

Source: VUPEN
Type: Third Party Advisory
ADV-2007-0718

Source: CCN
Type: Mozilla Bugzilla Bug 354973
Bug 354973 - Yet Another PopupBlocker XSS

Source: MISC
Type: Issue Tracking, Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=354973

Source: XF
Type: Third Party Advisory, VDB Entry
mozilla-dataurl-xss(32667)

Source: XF
Type: UNKNOWN
mozilla-dataurl-xss(32667)

Source: CONFIRM
Type: Broken Link
https://issues.rpath.com/browse/RPL-1081

Source: CONFIRM
Type: Broken Link
https://issues.rpath.com/browse/RPL-1103

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:9884

Source: SUSE
Type: SUSE-SA:2007:019
MozillaFirefox security update 1.5.0.10/2.0.0.2

Source: SUSE
Type: SUSE-SA:2007:022
Mozilla security problems

Vulnerable Configuration:

Configuration 1:

cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version >= 1.5 and < 1.5.0.10)

OR cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version >= 2.0 and < 2.0.0.2)

OR cpe:/a:mozilla:seamonkey:*:*:*:*:*:*:*:* (Version < 1.0.8)

Configuration 2:

cpe:/o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0::dev:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0::alpha:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0::beta:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*

OR cpe:/a:suse:suse_linux_school_server:-:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:10.0::oss:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:suse:suse_linux:10.1::personal:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20070780	V	CVE-2007-0780	2022-06-30
oval:org.opensuse.security:def:42260	P	Security update for yaml-cpp (Moderate)	2022-04-01
oval:org.opensuse.security:def:111899	P	MozillaFirefox-92.0-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:31755	P	Security update for libvirt (Important)	2022-01-10
oval:org.opensuse.security:def:32252	P	Security update for chrony (Moderate)	2021-12-22
oval:org.opensuse.security:def:31321	P	Security update for glib-networking (Important)	2021-12-13
oval:org.opensuse.security:def:31320	P	Security update for MozillaFirefox (Important)	2021-12-12
oval:org.opensuse.security:def:26179	P	Security update for gmp (Moderate)	2021-12-02
oval:org.opensuse.security:def:33034	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:31698	P	Security update for transfig (Important)	2021-10-29
oval:org.opensuse.security:def:31293	P	Security update for postgresql10 (Important)	2021-10-20
oval:org.opensuse.security:def:32203	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:105476	P	MozillaFirefox-92.0-1.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:31687	P	Security update for sqlite3 (Important)	2021-09-23
oval:org.opensuse.security:def:26135	P	Security update for hivex (Moderate)	2021-09-23
oval:org.opensuse.security:def:26121	P	Security update for ntfs-3g_ntfsprogs (Important)	2021-09-07
oval:org.opensuse.security:def:32995	P	Security update for file (Important)	2021-09-02
oval:org.opensuse.security:def:26115	P	Security update for libesmtp (Important)	2021-09-02
oval:org.opensuse.security:def:32147	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:32140	P	Security update for MozillaFirefox (Important)	2021-07-16
oval:org.opensuse.security:def:26082	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:31212	P	Security update for ovmf (Important)	2021-06-22
oval:org.opensuse.security:def:42478	P	MozillaFirefox-31.7.0esr-0.8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36071	P	MozillaFirefox-31.7.0esr-0.8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36362	P	MozillaFirefox-devel-31.7.0esr-0.8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31630	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:31623	P	Security update for libxml2 (Important)	2021-05-19
oval:org.opensuse.security:def:26046	P	Security update for libxml2 (Moderate)	2021-05-05
oval:org.opensuse.security:def:42065	P	Security update for permissions (Important)	2021-05-04
oval:org.opensuse.security:def:32074	P	Security update for MozillaFirefox (Important)	2021-04-27
oval:org.opensuse.security:def:26033	P	Security update for ImageMagick (Moderate)	2021-04-20
oval:org.opensuse.security:def:31737	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:31350	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:31736	P	Security update for MozillaFirefox (Important)	2021-03-01
oval:org.opensuse.security:def:26197	P	Security update for postgresql13 (Moderate)	2021-02-22
oval:org.opensuse.security:def:26196	P	Security update for ImageMagick (Moderate)	2021-02-19
oval:org.opensuse.security:def:31344	P	Security update for java-1_7_1-ibm (Important)	2021-02-18
oval:org.opensuse.security:def:31332	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:31649	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:31201	P	Security update for ImageMagick (Important)	2021-01-22
oval:org.opensuse.security:def:32096	P	Security update for dnsmasq (Important)	2021-01-19
oval:org.opensuse.security:def:25985	P	Security update for gimp (Moderate)	2020-12-29
oval:org.opensuse.security:def:25980	P	Security update for MozillaFirefox (Critical)	2020-12-21
oval:org.opensuse.security:def:35658	P	MozillaFirefox-10.0-0.3.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41922	P	MozillaFirefox-3.5.9-0.1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35853	P	MozillaFirefox-17.0.4esr-0.10.42 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35515	P	MozillaFirefox-3.5.9-0.1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25621	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:25351	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31593	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:26352	P	Security update for Mozilla Thunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:30983	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:25413	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:31774	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26658	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25696	P	Security update for sudo (Important)	2020-12-01
oval:org.opensuse.security:def:25492	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:32035	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27034	P	stunnel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30995	P	Security update for jasper (Important)	2020-12-01
oval:org.opensuse.security:def:25745	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31803	P	Security update for amanda (Moderate)	2020-12-01
oval:org.opensuse.security:def:25839	P	Security update for gimp (Moderate)	2020-12-01
oval:org.opensuse.security:def:25067	P	Security update for libjpeg-turbo (Important)	2020-12-01
oval:org.opensuse.security:def:25798	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:32480	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25403	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31406	P	Security update for perl-PlRPC (Moderate)	2020-12-01
oval:org.opensuse.security:def:26337	P	Security update for freexl (Low)	2020-12-01
oval:org.opensuse.security:def:32778	P	pyxml on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25142	P	Security update for wget (Important)	2020-12-01
oval:org.opensuse.security:def:31493	P	Security update for python	2020-12-01
oval:org.opensuse.security:def:26590	P	libmusicbrainz4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26480	P	Security update for okular (Moderate)	2020-12-01
oval:org.opensuse.security:def:25415	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:31847	P	Security update for clamav (Moderate)	2020-12-01
oval:org.opensuse.security:def:25912	P	Security update for zziplib (Moderate)	2020-12-01
oval:org.opensuse.security:def:25494	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26643	P	systemtap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31126	P	Security update for kvm (Moderate)	2020-12-01
oval:org.opensuse.security:def:25607	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31991	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:31880	P	Security update for dhcpcd (Important)	2020-12-01
oval:org.opensuse.security:def:26852	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25987	P	Security update for the Linux Kernel (Critical)	2020-12-01
oval:org.opensuse.security:def:25635	P	Security update for tigervnc (Critical)	2020-12-01
oval:org.opensuse.security:def:27325	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31138	P	Security update for lcms	2020-12-01
oval:org.opensuse.security:def:25962	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:25888	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:31946	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:31538	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:32313	P	Security update for quagga (Important)	2020-12-01
oval:org.opensuse.security:def:25210	P	Security update for unzip (Moderate)	2020-12-01
oval:org.opensuse.security:def:25941	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32623	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25620	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:31437	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26338	P	Security update for Chromium (Moderate)	2020-12-01
oval:org.opensuse.security:def:25285	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:26623	P	pam on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25632	P	Security update for aspell (Moderate)	2020-12-01
oval:org.opensuse.security:def:25408	P	Security update for sane-backends (Important)	2020-12-01
oval:org.opensuse.security:def:31792	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26396	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:30984	P	Security update for icu (Important)	2020-12-01
oval:org.opensuse.security:def:25688	P	Security update for systemd (Important)	2020-12-01
oval:org.opensuse.security:def:31930	P	Security update for glib2 (Important)	2020-12-01
oval:org.opensuse.security:def:31759	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:25824	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:25643	P	Security update for hunspell (Low)	2020-12-01
oval:org.opensuse.security:def:27069	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25066	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:31069	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25829	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25784	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:32441	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:26253	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25078	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:31436	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26250	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25842	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25404	P	Security update for spice (Moderate)	2020-12-01
oval:org.opensuse.security:def:26488	P	Security update for cacti, cacti-spine (Moderate)	2020-12-01
oval:org.opensuse.security:def:32817	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25911	P	Security update for gstreamer-plugins-base (Low)	2020-12-01
oval:org.opensuse.security:def:25270	P	Security update for libxslt (Moderate)	2020-12-01
oval:org.opensuse.security:def:31580	P	Security update for syslog-ng (Moderate)	2020-12-01
oval:org.opensuse.security:def:26629	P	perl-Tk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26515	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25479	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:31904	P	Security update for foomatic-filters (Moderate)	2020-12-01
oval:org.opensuse.security:def:31841	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:26817	P	rsync on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25923	P	Security update for util-linux (Moderate)	2020-12-01
oval:org.opensuse.security:def:25551	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:31986	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:26687	P	e2fsprogs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31127	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:25905	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:31902	P	Security update for MozillaFirefox, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:31537	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:25786	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32291	P	Security update for postgresql94 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27360	P	MozillaFirefox-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25209	P	Security update for mutt (Important)	2020-12-01
oval:org.opensuse.security:def:25927	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32584	P	ntp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31549	P	Security update for screen (Low)	2020-12-01
oval:org.opensuse.security:def:26299	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32357	P	Security update for squid3 (Important)	2020-12-01
oval:org.opensuse.security:def:25221	P	Security update for sysstat (Moderate)	2020-12-01
oval:org.opensuse.security:def:26541	P	evince on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:22262	P	ELSA-2007:0108: thunderbird security update (Critical)	2014-05-26
oval:org.mitre.oval:def:21788	P	ELSA-2007:0097: firefox security update (Critical)	2014-05-26
oval:org.mitre.oval:def:9884	V	browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI.	2013-04-29
oval:com.redhat.rhsa:def:20070077	P	RHSA-2007:0077: seamonkey security update (Critical)	2008-03-20
oval:com.redhat.rhsa:def:20070097	P	RHSA-2007:0097: firefox security update (Critical)	2008-03-20
oval:com.redhat.rhsa:def:20070078	P	RHSA-2007:0078: thunderbird security update (Critical)	2007-04-10
oval:com.redhat.rhsa:def:20070108	P	RHSA-2007:0108: thunderbird security update (Critical)	2007-03-14
oval:com.redhat.rhsa:def:20070079	P	RHSA-2007:0079: Firefox security update (Critical)	2007-02-23