Vulnerability Name:

CVE-2007-3656 (CCN-35298)

Assigned:2007-07-09
Published:2007-07-09
Updated:2018-10-15
Summary:Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302 redirect controls, (2) XMLHttpRequest, or (3) view-source URIs.
CVSS v3 Severity:4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-200
Vulnerability Consequences:Bypass Security
References:Source: CONFIRM
Type: UNKNOWN
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt

Source: SGI
Type: UNKNOWN
20070701-01-P

Source: MITRE
Type: CNA
CVE-2007-3656

Source: HP
Type: UNKNOWN
HPSBUX02153

Source: MISC
Type: Exploit
http://lcamtuf.coredump.cx/ffcache/

Source: OSVDB
Type: UNKNOWN
38028

Source: CCN
Type: RHSA-2007-0722
Critical: seamonkey security update

Source: CCN
Type: RHSA-2007-0724
Critical: firefox security update

Source: SECUNIA
Type: UNKNOWN
25589

Source: CCN
Type: SA25990
Firefox "wyciwyg://" Handler Vulnerability

Source: SECUNIA
Type: UNKNOWN
25990

Source: SECUNIA
Type: UNKNOWN
26072

Source: SECUNIA
Type: UNKNOWN
26103

Source: SECUNIA
Type: UNKNOWN
26107

Source: SECUNIA
Type: UNKNOWN
26149

Source: SECUNIA
Type: UNKNOWN
26151

Source: SECUNIA
Type: UNKNOWN
26159

Source: SECUNIA
Type: UNKNOWN
26179

Source: SECUNIA
Type: UNKNOWN
26204

Source: SECUNIA
Type: UNKNOWN
26205

Source: SECUNIA
Type: UNKNOWN
26211

Source: SECUNIA
Type: UNKNOWN
26216

Source: SECUNIA
Type: UNKNOWN
26258

Source: SECUNIA
Type: UNKNOWN
26271

Source: SECUNIA
Type: UNKNOWN
26460

Source: CCN
Type: SA28135
Sun Solaris Firefox / Thunderbird Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
28135

Source: SREASON
Type: UNKNOWN
2872

Source: CCN
Type: SECTRACK ID: 1018411
Mozilla Firefox `wyciwyg://` Cache Contents Can Be Accessed By Remote Users

Source: CCN
Type: Sun Alert ID: 103177
Multiple Security Vulnerabilities in Firefox and Thunderbird for Solaris 10 May Allow Execution of Arbitrary Code and Access to Unauthorized Data

Source: SUNALERT
Type: UNKNOWN
103177

Source: SUNALERT
Type: UNKNOWN
201516

Source: CCN
Type: ASA-2007-316
Seamonkey security update (RHSA-2007-0722)

Source: CCN
Type: ASA-2007-360
Firefox security update (RHSA-2007-0724)

Source: CCN
Type: ASA-2008-008
Multiple Security Vulnerabilities in Firefox and Thunderbird for Solaris 10 May Allow Execution of Arbitrary Code and Access to Unauthorized Data (Sun 103177)

Source: CONFIRM
Type: UNKNOWN
http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html

Source: DEBIAN
Type: UNKNOWN
DSA-1337

Source: DEBIAN
Type: UNKNOWN
DSA-1338

Source: DEBIAN
Type: UNKNOWN
DSA-1339

Source: DEBIAN
Type: DSA-1337
xulrunner -- several vulnerabilities

Source: DEBIAN
Type: DSA-1338
iceweasel -- several vulnerabilities

Source: DEBIAN
Type: DSA-1339
iceape -- several vulnerabilities

Source: CCN
Type: GLSA-200708-09
Mozilla products: Multiple vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200708-09

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:152

Source: CCN
Type: MFSA 2007-24
Unauthorized access to wyciwyg:// documents

Source: CONFIRM
Type: UNKNOWN
http://www.mozilla.org/security/announce/2007/mfsa2007-24.html

Source: SUSE
Type: UNKNOWN
SUSE-SA:2007:049

Source: CCN
Type: OSVDB ID: 38028
Mozilla Firefox wyciwyg:// Handler Cache Zone Bypass

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0722

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0724

Source: BUGTRAQ
Type: UNKNOWN
20070709 Firefox wyciwyg:// cache zone bypass

Source: BUGTRAQ
Type: UNKNOWN
20070720 rPSA-2007-0148-1 firefox thunderbird

Source: BUGTRAQ
Type: UNKNOWN
20070724 FLEA-2007-0033-1: firefox thunderbird

Source: BID
Type: UNKNOWN
24831

Source: CCN
Type: BID-24831
Mozilla Firefox WYCIWYG:// URI Cache Zone Bypass Vulnerability

Source: SECTRACK
Type: UNKNOWN
1018411

Source: CCN
Type: USN-490-1
Firefox vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-490-1

Source: VUPEN
Type: UNKNOWN
ADV-2007-4256

Source: CCN
Type: Bugzilla@Mozilla - Bug 387333
[FIX]unauthorized access to wyciwyg:// documents possible

Source: CONFIRM
Type: Exploit
https://bugzilla.mozilla.org/show_bug.cgi?id=387333

Source: XF
Type: UNKNOWN
mozilla-wyciwyg-security-bypass(35298)

Source: XF
Type: UNKNOWN
mozilla-wyciwyg-security-bypass(35298)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9105

Source: SUSE
Type: SUSE-SA:2007:049
Mozilla security problems

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mozilla:firefox:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.8:*:*:*:*:*:*:*

  • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

  • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

  • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

  • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

  • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

  • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

  • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

  • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:mozilla:firefox:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1::beta:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/a:suse:suse_linux_school_server:-:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::x86:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.0::oss:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.1::personal:*:*:*:*:*
  • OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4.5.z::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4.5.z::es:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20073656
    V
    CVE-2007-3656
    2022-06-30
    oval:org.opensuse.security:def:42260
    P
    Security update for yaml-cpp (Moderate)
    2022-04-01
    oval:org.opensuse.security:def:111899
    P
    MozillaFirefox-92.0-1.2 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:111905
    P
    MozillaThunderbird-91.1.1-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:31755
    P
    Security update for libvirt (Important)
    2022-01-10
    oval:org.opensuse.security:def:32252
    P
    Security update for chrony (Moderate)
    2021-12-22
    oval:org.opensuse.security:def:31321
    P
    Security update for glib-networking (Important)
    2021-12-13
    oval:org.opensuse.security:def:31320
    P
    Security update for MozillaFirefox (Important)
    2021-12-12
    oval:org.opensuse.security:def:26179
    P
    Security update for gmp (Moderate)
    2021-12-02
    oval:org.opensuse.security:def:33034
    P
    Security update for opensc (Important)
    2021-10-29
    oval:org.opensuse.security:def:31698
    P
    Security update for transfig (Important)
    2021-10-29
    oval:org.opensuse.security:def:31293
    P
    Security update for postgresql10 (Important)
    2021-10-20
    oval:org.opensuse.security:def:32203
    P
    Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)
    2021-10-18
    oval:org.opensuse.security:def:105476
    P
    MozillaFirefox-92.0-1.2 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:105478
    P
    MozillaThunderbird-91.1.1-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:26135
    P
    Security update for hivex (Moderate)
    2021-09-23
    oval:org.opensuse.security:def:31687
    P
    Security update for sqlite3 (Important)
    2021-09-23
    oval:org.opensuse.security:def:26121
    P
    Security update for ntfs-3g_ntfsprogs (Important)
    2021-09-07
    oval:org.opensuse.security:def:26115
    P
    Security update for libesmtp (Important)
    2021-09-02
    oval:org.opensuse.security:def:32995
    P
    Security update for file (Important)
    2021-09-02
    oval:org.opensuse.security:def:32147
    P
    Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)
    2021-07-21
    oval:org.opensuse.security:def:32140
    P
    Security update for MozillaFirefox (Important)
    2021-07-16
    oval:org.opensuse.security:def:26082
    P
    Security update for openexr (Important)
    2021-06-24
    oval:org.opensuse.security:def:31212
    P
    Security update for ovmf (Important)
    2021-06-22
    oval:org.opensuse.security:def:36071
    P
    MozillaFirefox-31.7.0esr-0.8.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36362
    P
    MozillaFirefox-devel-31.7.0esr-0.8.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:42478
    P
    MozillaFirefox-31.7.0esr-0.8.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:31630
    P
    Security update for polkit (Important)
    2021-06-03
    oval:org.opensuse.security:def:31623
    P
    Security update for libxml2 (Important)
    2021-05-19
    oval:org.opensuse.security:def:26046
    P
    Security update for libxml2 (Moderate)
    2021-05-05
    oval:org.opensuse.security:def:42065
    P
    Security update for permissions (Important)
    2021-05-04
    oval:org.opensuse.security:def:32074
    P
    Security update for MozillaFirefox (Important)
    2021-04-27
    oval:org.opensuse.security:def:26033
    P
    Security update for ImageMagick (Moderate)
    2021-04-20
    oval:org.opensuse.security:def:31350
    P
    Security update for python-cryptography (Important)
    2021-03-02
    oval:org.opensuse.security:def:31737
    P
    Security update for python-cryptography (Important)
    2021-03-02
    oval:org.opensuse.security:def:31736
    P
    Security update for MozillaFirefox (Important)
    2021-03-01
    oval:org.opensuse.security:def:26197
    P
    Security update for postgresql13 (Moderate)
    2021-02-22
    oval:org.opensuse.security:def:26196
    P
    Security update for ImageMagick (Moderate)
    2021-02-19
    oval:org.opensuse.security:def:31344
    P
    Security update for java-1_7_1-ibm (Important)
    2021-02-18
    oval:org.opensuse.security:def:31332
    P
    Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)
    2021-02-10
    oval:org.opensuse.security:def:31649
    P
    Security update for postgresql, postgresql12, postgresql13 (Important)
    2021-01-26
    oval:org.opensuse.security:def:31201
    P
    Security update for ImageMagick (Important)
    2021-01-22
    oval:org.opensuse.security:def:32096
    P
    Security update for dnsmasq (Important)
    2021-01-19
    oval:org.opensuse.security:def:25985
    P
    Security update for gimp (Moderate)
    2020-12-29
    oval:org.opensuse.security:def:25980
    P
    Security update for MozillaFirefox (Critical)
    2020-12-21
    oval:org.opensuse.security:def:41922
    P
    MozillaFirefox-3.5.9-0.1.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35853
    P
    MozillaFirefox-17.0.4esr-0.10.42 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35515
    P
    MozillaFirefox-3.5.9-0.1.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35658
    P
    MozillaFirefox-10.0-0.3.2 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:25404
    P
    Security update for spice (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26488
    P
    Security update for cacti, cacti-spine (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32817
    P
    MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25911
    P
    Security update for gstreamer-plugins-base (Low)
    2020-12-01
    oval:org.opensuse.security:def:25270
    P
    Security update for libxslt (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31580
    P
    Security update for syslog-ng (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26629
    P
    perl-Tk on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26515
    P
    MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25479
    P
    Security update for mariadb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31904
    P
    Security update for foomatic-filters (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31841
    P
    Security update for bzip2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26817
    P
    rsync on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25923
    P
    Security update for util-linux (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25551
    P
    Security update for tomcat (Important)
    2020-12-01
    oval:org.opensuse.security:def:31986
    P
    Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:26687
    P
    e2fsprogs on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31127
    P
    Security update for kvm (Important)
    2020-12-01
    oval:org.opensuse.security:def:25905
    P
    Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:31902
    P
    Security update for MozillaFirefox, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:31537
    P
    Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25786
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32291
    P
    Security update for postgresql94 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27360
    P
    MozillaFirefox-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25209
    P
    Security update for mutt (Important)
    2020-12-01
    oval:org.opensuse.security:def:25927
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32584
    P
    ntp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31549
    P
    Security update for screen (Low)
    2020-12-01
    oval:org.opensuse.security:def:26299
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32357
    P
    Security update for squid3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25221
    P
    Security update for sysstat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26541
    P
    evince on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25621
    P
    Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:25351
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:31593
    P
    Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26352
    P
    Security update for Mozilla Thunderbird (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30983
    P
    Security update for icu (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25413
    P
    Security update for ucode-intel (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31774
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:26658
    P
    MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25696
    P
    Security update for sudo (Important)
    2020-12-01
    oval:org.opensuse.security:def:25492
    P
    Security update for webkit2gtk3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:32035
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:27034
    P
    stunnel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30995
    P
    Security update for jasper (Important)
    2020-12-01
    oval:org.opensuse.security:def:25745
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:31803
    P
    Security update for amanda (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25839
    P
    Security update for gimp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25067
    P
    Security update for libjpeg-turbo (Important)
    2020-12-01
    oval:org.opensuse.security:def:25798
    P
    Security update for flash-player (Critical)
    2020-12-01
    oval:org.opensuse.security:def:32480
    P
    MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25403
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:31406
    P
    Security update for perl-PlRPC (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26337
    P
    Security update for freexl (Low)
    2020-12-01
    oval:org.opensuse.security:def:32778
    P
    pyxml on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25142
    P
    Security update for wget (Important)
    2020-12-01
    oval:org.opensuse.security:def:31493
    P
    Security update for python
    2020-12-01
    oval:org.opensuse.security:def:26590
    P
    libmusicbrainz4 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26480
    P
    Security update for okular (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25415
    P
    Security update for openldap2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31847
    P
    Security update for clamav (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25912
    P
    Security update for zziplib (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25494
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26643
    P
    systemtap on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31126
    P
    Security update for kvm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25607
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31991
    P
    Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:31880
    P
    Security update for dhcpcd (Important)
    2020-12-01
    oval:org.opensuse.security:def:26852
    P
    MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25987
    P
    Security update for the Linux Kernel (Critical)
    2020-12-01
    oval:org.opensuse.security:def:25635
    P
    Security update for tigervnc (Critical)
    2020-12-01
    oval:org.opensuse.security:def:27325
    P
    xen on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31138
    P
    Security update for lcms
    2020-12-01
    oval:org.opensuse.security:def:25962
    P
    Security update for mariadb (Important)
    2020-12-01
    oval:org.opensuse.security:def:25888
    P
    Security update for flash-player (Critical)
    2020-12-01
    oval:org.opensuse.security:def:31946
    P
    Security update for gnutls (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31538
    P
    Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32313
    P
    Security update for quagga (Important)
    2020-12-01
    oval:org.opensuse.security:def:25210
    P
    Security update for unzip (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25941
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32623
    P
    MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25620
    P
    Security update for ovmf (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31437
    P
    Security update for php53 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26338
    P
    Security update for Chromium (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25285
    P
    Security update for tomcat (Important)
    2020-12-01
    oval:org.opensuse.security:def:26623
    P
    pam on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25632
    P
    Security update for aspell (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25408
    P
    Security update for sane-backends (Important)
    2020-12-01
    oval:org.opensuse.security:def:31792
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:26396
    P
    Security update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:30984
    P
    Security update for icu (Important)
    2020-12-01
    oval:org.opensuse.security:def:25688
    P
    Security update for systemd (Important)
    2020-12-01
    oval:org.opensuse.security:def:31930
    P
    Security update for glib2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31759
    P
    Security update for LibVNCServer (Important)
    2020-12-01
    oval:org.opensuse.security:def:25824
    P
    Security update for mariadb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25643
    P
    Security update for hunspell (Low)
    2020-12-01
    oval:org.opensuse.security:def:27069
    P
    MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25066
    P
    Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:31069
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25829
    P
    Security update for php5 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25784
    P
    Security update for flash-player (Critical)
    2020-12-01
    oval:org.opensuse.security:def:32441
    P
    Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:26253
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25078
    P
    Security update for mailman (Important)
    2020-12-01
    oval:org.opensuse.security:def:31436
    P
    Security update for php53 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26250
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25842
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.mitre.oval:def:19992
    P
    DSA-1337-1 xulrunner
    2014-06-23
    oval:org.mitre.oval:def:18981
    P
    DSA-1338-1 iceweasel
    2014-06-23
    oval:org.mitre.oval:def:21817
    P
    ELSA-2007:0724: firefox security update (Critical)
    2014-05-26
    oval:org.mitre.oval:def:9105
    V
    Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302 redirect controls, (2) XMLHttpRequest, or (3) view-source URIs.
    2013-04-29
    oval:com.redhat.rhsa:def:20070724
    P
    RHSA-2007:0724: firefox security update (Critical)
    2008-03-20
    oval:org.debian:def:1339
    V
    several vulnerabilities
    2007-07-23
    oval:org.debian:def:1338
    V
    several vulnerabilities
    2007-07-23
    oval:org.debian:def:1337
    V
    several vulnerabilities
    2007-07-22
    oval:com.redhat.rhsa:def:20070722
    P
    RHSA-2007:0722: seamonkey security update (Critical)
    2007-07-19
    BACK
    mozilla firefox 1.0
    mozilla firefox 1.0.1
    mozilla firefox 1.0.2
    mozilla firefox 1.0.3
    mozilla firefox 1.0.4
    mozilla firefox 1.0.5
    mozilla firefox 1.0.6
    mozilla firefox 1.0.7
    mozilla firefox 1.0.8
    mozilla firefox 1.5
    mozilla firefox 1.5.0.1
    mozilla firefox 1.5.0.2
    mozilla firefox 1.5.0.3
    mozilla firefox 1.5.0.4
    mozilla firefox 1.5.0.5
    mozilla firefox 1.5.0.6
    mozilla firefox 1.5.0.7
    mozilla firefox 1.5.0.8
    mozilla firefox 1.5.0.9
    mozilla firefox 1.5.0.10
    mozilla firefox 1.5.0.11
    mozilla firefox 1.5.0.12
    mozilla firefox 1.5.1
    mozilla firefox 1.5.2
    mozilla firefox 1.5.3
    mozilla firefox 1.5.4
    mozilla firefox 1.5.5
    mozilla firefox 1.5.6
    mozilla firefox 1.5.7
    mozilla firefox 1.5.8
    mozilla firefox 1.8
    mozilla firefox 2.0
    mozilla firefox 2.0.0.1
    mozilla firefox 2.0.0.2
    mozilla firefox 2.0.0.3
    mozilla firefox 2.0.0.4
    mozilla seamonkey 1.1.2
    mozilla seamonkey 1.1.1
    mozilla firefox 2.0 beta1
    mozilla firefox 2.0 rc2
    mozilla firefox 2.0 rc3
    mozilla seamonkey 1.1
    mozilla seamonkey 1.1
    gentoo linux *
    suse linux enterprise server 8
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    suse suse linux school server -
    redhat enterprise linux 3
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell open enterprise server *
    sun solaris 10
    sun solaris 10
    suse suse linux 10.0
    redhat linux advanced workstation 2.1
    canonical ubuntu 6.06
    suse suse linux 10.1
    novell suse linux enterprise server 10 sp2
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2007.1
    mandrakesoft mandrake linux 2008.0
    debian debian linux 4.0
    canonical ubuntu 7.04
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2007.1
    redhat enterprise linux 4.5.z
    redhat enterprise linux 4.5.z
    novell open enterprise server *
    novell opensuse 10.2