Vulnerability CVE-2007-3736 - CERT Civis.Net

Vulnerability Name:

CVE-2007-3736 (CCN-35462)

Assigned:

2007-07-18

Published:

2007-07-18

Updated:

2018-10-15

Summary:

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script "into another site's context" via a "timing issue" involving the (1) addEventListener or (2) setTimeout function, probably by setting events that activate after the context has changed.

CVSS v3 Severity:

4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N)
3.5 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: CONFIRM
Type: UNKNOWN
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt

Source: SGI
Type: UNKNOWN
20070701-01-P

Source: MITRE
Type: CNA
CVE-2007-3736

Source: HP
Type: UNKNOWN
HPSBUX02153

Source: CCN
Type: RHSA-2007-0722
Critical: seamonkey security update

Source: CCN
Type: RHSA-2007-0723
Moderate: thunderbird security update

Source: CCN
Type: RHSA-2007-0724
Critical: firefox security update

Source: SECUNIA
Type: UNKNOWN
25589

Source: SECUNIA
Type: UNKNOWN
26072

Source: CCN
Type: SA26095
Mozilla Firefox Multiple Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
26095

Source: SECUNIA
Type: UNKNOWN
26103

Source: SECUNIA
Type: UNKNOWN
26106

Source: SECUNIA
Type: UNKNOWN
26107

Source: SECUNIA
Type: UNKNOWN
26149

Source: SECUNIA
Type: UNKNOWN
26151

Source: SECUNIA
Type: UNKNOWN
26159

Source: SECUNIA
Type: UNKNOWN
26179

Source: SECUNIA
Type: UNKNOWN
26204

Source: SECUNIA
Type: UNKNOWN
26205

Source: SECUNIA
Type: UNKNOWN
26211

Source: SECUNIA
Type: UNKNOWN
26216

Source: SECUNIA
Type: UNKNOWN
26258

Source: SECUNIA
Type: UNKNOWN
26271

Source: SECUNIA
Type: UNKNOWN
26460

Source: CCN
Type: SA28135
Sun Solaris Firefox / Thunderbird Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
28135

Source: CCN
Type: SECTRACK ID: 1018410
Mozilla Firefox addEventListener() or setTimeout() Functions Permit Cross-Site Scripting Attacks

Source: CCN
Type: Sun Alert ID: 103177
Multiple Security Vulnerabilities in Firefox and Thunderbird for Solaris 10 May Allow Execution of Arbitrary Code and Access to Unauthorized Data

Source: SUNALERT
Type: UNKNOWN
103177

Source: SUNALERT
Type: UNKNOWN
201516

Source: CCN
Type: ASA-2007-315
Thunderbird security update (RHSA-2007-0723)

Source: CCN
Type: ASA-2007-316
Seamonkey security update (RHSA-2007-0722)

Source: CCN
Type: ASA-2007-360
Firefox security update (RHSA-2007-0724)

Source: CCN
Type: ASA-2008-008
Multiple Security Vulnerabilities in Firefox and Thunderbird for Solaris 10 May Allow Execution of Arbitrary Code and Access to Unauthorized Data (Sun 103177)

Source: CONFIRM
Type: UNKNOWN
http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html

Source: DEBIAN
Type: UNKNOWN
DSA-1337

Source: DEBIAN
Type: UNKNOWN
DSA-1338

Source: DEBIAN
Type: UNKNOWN
DSA-1339

Source: DEBIAN
Type: DSA-1337
xulrunner -- several vulnerabilities

Source: DEBIAN
Type: DSA-1338
iceweasel -- several vulnerabilities

Source: DEBIAN
Type: DSA-1339
iceape -- several vulnerabilities

Source: CCN
Type: GLSA-200708-09
Mozilla products: Multiple vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200708-09

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:152

Source: CCN
Type: MFSA 2007-19
XSS using addEventListener and setTimeout

Source: CONFIRM
Type: UNKNOWN
http://www.mozilla.org/security/announce/2007/mfsa2007-19.html

Source: SUSE
Type: UNKNOWN
SUSE-SA:2007:049

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0722

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0723

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0724

Source: BUGTRAQ
Type: UNKNOWN
20070720 rPSA-2007-0148-1 firefox thunderbird

Source: BUGTRAQ
Type: UNKNOWN
20070724 FLEA-2007-0033-1: firefox thunderbird

Source: BID
Type: UNKNOWN
24946

Source: CCN
Type: BID-24946
Mozilla Firefox 2.0.0.4 Multiple Remote Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1018410

Source: CCN
Type: USN-490-1
Firefox vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-490-1

Source: VUPEN
Type: UNKNOWN
ADV-2007-2564

Source: VUPEN
Type: UNKNOWN
ADV-2007-4256

Source: XF
Type: UNKNOWN
mozilla-addeventlistener-settimeout-xss(35462)

Source: XF
Type: UNKNOWN
mozilla-addeventlistener-settimeout-xss(35462)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11749

Source: SUSE
Type: SUSE-SA:2007:049
Mozilla security problems

Vulnerable Configuration:

Configuration 1:

cpe:/a:mozilla:firefox:2.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:mozilla:firefox:2.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*

OR cpe:/a:suse:suse_linux_school_server:-:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*

OR cpe:/o:sun:solaris:10::x86:*:*:*:*:*

OR cpe:/o:suse:suse_linux:10.0::oss:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:suse:suse_linux:10.1::personal:*:*:*:*:*

OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.5.z::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.5.z::es:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.1:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.1:*:*:*:x86_64:*:*:*

OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:*

OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:*

OR cpe:/o:mandriva:linux:2010:*:*:*:x86_64:*:*:*

OR cpe:/o:mandriva:linux:2010:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20073736	V	CVE-2007-3736	2022-06-30
oval:org.opensuse.security:def:42260	P	Security update for yaml-cpp (Moderate)	2022-04-01
oval:org.opensuse.security:def:111899	P	MozillaFirefox-92.0-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:111905	P	MozillaThunderbird-91.1.1-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:31755	P	Security update for libvirt (Important)	2022-01-10
oval:org.opensuse.security:def:32252	P	Security update for chrony (Moderate)	2021-12-22
oval:org.opensuse.security:def:31321	P	Security update for glib-networking (Important)	2021-12-13
oval:org.opensuse.security:def:31320	P	Security update for MozillaFirefox (Important)	2021-12-12
oval:org.opensuse.security:def:26179	P	Security update for gmp (Moderate)	2021-12-02
oval:org.opensuse.security:def:31698	P	Security update for transfig (Important)	2021-10-29
oval:org.opensuse.security:def:33034	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:31293	P	Security update for postgresql10 (Important)	2021-10-20
oval:org.opensuse.security:def:32203	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:105476	P	MozillaFirefox-92.0-1.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:105478	P	MozillaThunderbird-91.1.1-1.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:31687	P	Security update for sqlite3 (Important)	2021-09-23
oval:org.opensuse.security:def:26135	P	Security update for hivex (Moderate)	2021-09-23
oval:org.opensuse.security:def:26121	P	Security update for ntfs-3g_ntfsprogs (Important)	2021-09-07
oval:org.opensuse.security:def:32995	P	Security update for file (Important)	2021-09-02
oval:org.opensuse.security:def:26115	P	Security update for libesmtp (Important)	2021-09-02
oval:org.opensuse.security:def:32147	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:32140	P	Security update for MozillaFirefox (Important)	2021-07-16
oval:org.opensuse.security:def:26082	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:31212	P	Security update for ovmf (Important)	2021-06-22
oval:org.opensuse.security:def:36071	P	MozillaFirefox-31.7.0esr-0.8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36362	P	MozillaFirefox-devel-31.7.0esr-0.8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42478	P	MozillaFirefox-31.7.0esr-0.8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31630	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:31623	P	Security update for libxml2 (Important)	2021-05-19
oval:org.opensuse.security:def:26046	P	Security update for libxml2 (Moderate)	2021-05-05
oval:org.opensuse.security:def:42065	P	Security update for permissions (Important)	2021-05-04
oval:org.opensuse.security:def:32074	P	Security update for MozillaFirefox (Important)	2021-04-27
oval:org.opensuse.security:def:26033	P	Security update for ImageMagick (Moderate)	2021-04-20
oval:org.opensuse.security:def:31350	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:31737	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:31736	P	Security update for MozillaFirefox (Important)	2021-03-01
oval:org.opensuse.security:def:26197	P	Security update for postgresql13 (Moderate)	2021-02-22
oval:org.opensuse.security:def:26196	P	Security update for ImageMagick (Moderate)	2021-02-19
oval:org.opensuse.security:def:31344	P	Security update for java-1_7_1-ibm (Important)	2021-02-18
oval:org.opensuse.security:def:31332	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:31649	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:31201	P	Security update for ImageMagick (Important)	2021-01-22
oval:org.opensuse.security:def:32096	P	Security update for dnsmasq (Important)	2021-01-19
oval:org.opensuse.security:def:25985	P	Security update for gimp (Moderate)	2020-12-29
oval:org.opensuse.security:def:25980	P	Security update for MozillaFirefox (Critical)	2020-12-21
oval:org.opensuse.security:def:35515	P	MozillaFirefox-3.5.9-0.1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35658	P	MozillaFirefox-10.0-0.3.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41922	P	MozillaFirefox-3.5.9-0.1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35853	P	MozillaFirefox-17.0.4esr-0.10.42 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25067	P	Security update for libjpeg-turbo (Important)	2020-12-01
oval:org.opensuse.security:def:25798	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:32480	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25403	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31406	P	Security update for perl-PlRPC (Moderate)	2020-12-01
oval:org.opensuse.security:def:26337	P	Security update for freexl (Low)	2020-12-01
oval:org.opensuse.security:def:32778	P	pyxml on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25142	P	Security update for wget (Important)	2020-12-01
oval:org.opensuse.security:def:31493	P	Security update for python	2020-12-01
oval:org.opensuse.security:def:26590	P	libmusicbrainz4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26480	P	Security update for okular (Moderate)	2020-12-01
oval:org.opensuse.security:def:25415	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:31847	P	Security update for clamav (Moderate)	2020-12-01
oval:org.opensuse.security:def:25912	P	Security update for zziplib (Moderate)	2020-12-01
oval:org.opensuse.security:def:25494	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26643	P	systemtap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31126	P	Security update for kvm (Moderate)	2020-12-01
oval:org.opensuse.security:def:25607	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31991	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:31880	P	Security update for dhcpcd (Important)	2020-12-01
oval:org.opensuse.security:def:26852	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25987	P	Security update for the Linux Kernel (Critical)	2020-12-01
oval:org.opensuse.security:def:25635	P	Security update for tigervnc (Critical)	2020-12-01
oval:org.opensuse.security:def:27325	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31138	P	Security update for lcms	2020-12-01
oval:org.opensuse.security:def:25962	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:25888	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:31946	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:31538	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:32313	P	Security update for quagga (Important)	2020-12-01
oval:org.opensuse.security:def:25210	P	Security update for unzip (Moderate)	2020-12-01
oval:org.opensuse.security:def:25941	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32623	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25620	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:31437	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26338	P	Security update for Chromium (Moderate)	2020-12-01
oval:org.opensuse.security:def:25285	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:26623	P	pam on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25632	P	Security update for aspell (Moderate)	2020-12-01
oval:org.opensuse.security:def:25408	P	Security update for sane-backends (Important)	2020-12-01
oval:org.opensuse.security:def:31792	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26396	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:30984	P	Security update for icu (Important)	2020-12-01
oval:org.opensuse.security:def:25688	P	Security update for systemd (Important)	2020-12-01
oval:org.opensuse.security:def:31930	P	Security update for glib2 (Important)	2020-12-01
oval:org.opensuse.security:def:31759	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:25824	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:25643	P	Security update for hunspell (Low)	2020-12-01
oval:org.opensuse.security:def:27069	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25066	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:31069	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25829	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25784	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:32441	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:26253	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25078	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:31436	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26250	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25842	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25404	P	Security update for spice (Moderate)	2020-12-01
oval:org.opensuse.security:def:26488	P	Security update for cacti, cacti-spine (Moderate)	2020-12-01
oval:org.opensuse.security:def:32817	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25911	P	Security update for gstreamer-plugins-base (Low)	2020-12-01
oval:org.opensuse.security:def:25270	P	Security update for libxslt (Moderate)	2020-12-01
oval:org.opensuse.security:def:31580	P	Security update for syslog-ng (Moderate)	2020-12-01
oval:org.opensuse.security:def:26629	P	perl-Tk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26515	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25479	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:31904	P	Security update for foomatic-filters (Moderate)	2020-12-01
oval:org.opensuse.security:def:31841	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:26817	P	rsync on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25923	P	Security update for util-linux (Moderate)	2020-12-01
oval:org.opensuse.security:def:25551	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:31986	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:26687	P	e2fsprogs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31127	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:25905	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:31902	P	Security update for MozillaFirefox, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:31537	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:25786	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32291	P	Security update for postgresql94 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27360	P	MozillaFirefox-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25209	P	Security update for mutt (Important)	2020-12-01
oval:org.opensuse.security:def:25927	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32584	P	ntp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31549	P	Security update for screen (Low)	2020-12-01
oval:org.opensuse.security:def:26299	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32357	P	Security update for squid3 (Important)	2020-12-01
oval:org.opensuse.security:def:25221	P	Security update for sysstat (Moderate)	2020-12-01
oval:org.opensuse.security:def:26541	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25621	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:25351	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31593	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:26352	P	Security update for Mozilla Thunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:30983	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:25413	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:31774	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26658	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25696	P	Security update for sudo (Important)	2020-12-01
oval:org.opensuse.security:def:25492	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:32035	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27034	P	stunnel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30995	P	Security update for jasper (Important)	2020-12-01
oval:org.opensuse.security:def:25745	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31803	P	Security update for amanda (Moderate)	2020-12-01
oval:org.opensuse.security:def:25839	P	Security update for gimp (Moderate)	2020-12-01
oval:org.mitre.oval:def:18981	P	DSA-1338-1 iceweasel	2014-06-23
oval:org.mitre.oval:def:19992	P	DSA-1337-1 xulrunner	2014-06-23
oval:org.mitre.oval:def:21817	P	ELSA-2007:0724: firefox security update (Critical)	2014-05-26
oval:org.mitre.oval:def:21880	P	ELSA-2007:0723: thunderbird security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:11749	V	Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script "into another site's context" via a "timing issue" involving the (1) addEventListener or (2) setTimeout function, probably by setting events that activate after the context has changed.	2013-04-29
oval:com.redhat.rhsa:def:20070723	P	RHSA-2007:0723: thunderbird security update (Moderate)	2008-03-20
oval:com.redhat.rhsa:def:20070724	P	RHSA-2007:0724: firefox security update (Critical)	2008-03-20
oval:org.debian:def:1338	V	several vulnerabilities	2007-07-23
oval:org.debian:def:1339	V	several vulnerabilities	2007-07-23
oval:org.debian:def:1337	V	several vulnerabilities	2007-07-22
oval:com.redhat.rhsa:def:20070722	P	RHSA-2007:0722: seamonkey security update (Critical)	2007-07-19