Vulnerability Name:

CVE-2008-0593 (CCN-40355)

Assigned:2008-02-07
Published:2008-02-07
Updated:2018-10-15
Summary:Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-200
Vulnerability Consequences:Obtain Information
References:Source: CCN
Type: Netscape Web site
Release Notes: What's New in Netscape Navigator 9.0.0.6

Source: CONFIRM
Type: UNKNOWN
http://browser.netscape.com/releasenotes/

Source: MITRE
Type: CNA
CVE-2008-0593

Source: MITRE
Type: CNA
CVE-2010-0315

Source: SUSE
Type: UNKNOWN
SUSE-SA:2008:008

Source: CCN
Type: No More Root Blog
Little bug in Safari and Google Chrome

Source: CCN
Type: RHSA-2008-0103
Critical: firefox security update

Source: CCN
Type: RHSA-2008-0104
Critical: seamonkey security update

Source: CCN
Type: RHSA-2008-0105
Moderate: thunderbird security update

Source: SECUNIA
Type: Vendor Advisory
28754

Source: CCN
Type: SA28758
Mozilla Firefox Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
28758

Source: SECUNIA
Type: Vendor Advisory
28766

Source: CCN
Type: SA28815
Mozilla SeaMonkey Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
28815

Source: SECUNIA
Type: Vendor Advisory
28818

Source: SECUNIA
Type: Vendor Advisory
28839

Source: SECUNIA
Type: Vendor Advisory
28864

Source: SECUNIA
Type: Vendor Advisory
28865

Source: SECUNIA
Type: Vendor Advisory
28877

Source: SECUNIA
Type: Vendor Advisory
28879

Source: SECUNIA
Type: Vendor Advisory
28924

Source: SECUNIA
Type: Vendor Advisory
28939

Source: SECUNIA
Type: Vendor Advisory
28958

Source: CCN
Type: SA29049
Netscape Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
29049

Source: SECUNIA
Type: Vendor Advisory
29086

Source: SECUNIA
Type: Vendor Advisory
29167

Source: SECUNIA
Type: Vendor Advisory
29567

Source: SECUNIA
Type: Vendor Advisory
30327

Source: CCN
Type: SA30620
Sun Solaris Firefox Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
30620

Source: CCN
Type: SA37931
Apple Safari Stylesheet Redirection Information Disclosure

Source: CCN
Type: SA38061
Google Chrome Stylesheet Redirection Information Disclosure

Source: CCN
Type: SA38545
Google Chrome Multiple Vulnerabilities

Source: CCN
Type: SECTRACK ID: 1019341
Mozilla Firefox Stylesheet Processing Bug May Let Remote Users Obtain URL Parameters

Source: CCN
Type: SECTRACK ID: 1023583
Google Chrome Bugs Let Remote Users Execute Arbitrary Code and Obtain Information

Source: SUNALERT
Type: UNKNOWN
238492

Source: CCN
Type: Sun Alert ID: 238492
Multiple Security Vulnerabilities in Solaris 10 Firefox may Allow Execution of Arbitrary Code and Access to Unauthorized Data

Source: CCN
Type: ASA-2008-058
thunderbird security update (RHSA-2008-0105)

Source: CCN
Type: ASA-2008-059
firefox security update (RHSA-2008-0103)

Source: CCN
Type: ASA-2008-101
seamonkey security update (RHSA-2008-0104)

Source: CONFIRM
Type: UNKNOWN
http://support.novell.com/techcenter/psdb/6251b18e050302ebe7fe74294b55c818.html

Source: CONFIRM
Type: UNKNOWN
http://wiki.rpath.com/Advisories:rPSA-2008-0051

Source: DEBIAN
Type: UNKNOWN
DSA-1484

Source: DEBIAN
Type: UNKNOWN
DSA-1485

Source: DEBIAN
Type: UNKNOWN
DSA-1489

Source: DEBIAN
Type: UNKNOWN
DSA-1506

Source: DEBIAN
Type: DSA-1484
xulrunner -- several vulnerabilities

Source: DEBIAN
Type: DSA-1485
icedove -- several vulnerabilities

Source: DEBIAN
Type: DSA-1489
iceweasel -- several vulnerabilities

Source: DEBIAN
Type: DSA-1506
iceape -- several vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200805-18

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:048

Source: CCN
Type: MFSA 2008-10
URL token stealing via stylesheet redirect

Source: CONFIRM
Type: UNKNOWN
http://www.mozilla.org/security/announce/2008/mfsa2008-10.html

Source: REDHAT
Type: Vendor Advisory
RHSA-2008:0103

Source: REDHAT
Type: Vendor Advisory
RHSA-2008:0104

Source: REDHAT
Type: Vendor Advisory
RHSA-2008:0105

Source: BUGTRAQ
Type: UNKNOWN
20080209 rPSA-2008-0051-1 firefox

Source: BID
Type: UNKNOWN
27683

Source: CCN
Type: BID-27683
Mozilla Thunderbird/Seamonkey/Firefox 2.0.0.11 Multiple Remote Vulnerabilities

Source: CCN
Type: BID-37917
Google Chrome Style Sheet Redirection Information Disclosure Vulnerability

Source: CCN
Type: BID-38177
Google Chrome prior to 4.0.249.89 Multiple Security Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1019341

Source: CCN
Type: USN-576-1
Firefox vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-576-1

Source: VUPEN
Type: Vendor Advisory
ADV-2008-0453

Source: VUPEN
Type: Vendor Advisory
ADV-2008-0627

Source: VUPEN
Type: Vendor Advisory
ADV-2008-1793

Source: CCN
Type: Mozilla Bugzilla Bug 397427
[FIX]Stylesheet href property shows redirected URL unlike other browsers

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.mozilla.org/show_bug.cgi?id=397427

Source: XF
Type: UNKNOWN
mozilla-stylesheet-information-disclosure(40355)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10075

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-1435

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-1459

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-1535

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-2060

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-2118

Source: SUSE
Type: SUSE-SA:2008:008
Mozilla Firefox and Seamonkey Security Problems

Source: SUSE
Type: SUSE-SR:2011:002
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mozilla:firefox:0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version <= 2.0.0.11)

    • Configuration 2:
  • cpe:/a:mozilla:seamonkey:*:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0:*:beta:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.99:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:*:*:*:*:*:*:*:* (Version <= 1.1.17)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/a:redhat:rhel_productivity:5:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:mozilla:firefox:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:netscape:navigator:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1::beta:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::x86:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.1::personal:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:es:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
  • OR cpe:/a:google:chrome:3.0.195.38:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:4.0.4:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20080593
    V
    		CVE-2008-0593
    2022-06-30
    oval:org.opensuse.security:def:42260
    P
    		Security update for yaml-cpp (Moderate)
    2022-04-01
    oval:org.opensuse.security:def:113434
    P
    		seamonkey-2.53.9.1-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:111899
    P
    		MozillaFirefox-92.0-1.2 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:31755
    P
    		Security update for libvirt (Important)
    2022-01-10
    oval:org.opensuse.security:def:32252
    P
    		Security update for chrony (Moderate)
    2021-12-22
    oval:org.opensuse.security:def:31321
    P
    		Security update for glib-networking (Important)
    2021-12-13
    oval:org.opensuse.security:def:31320
    P
    		Security update for MozillaFirefox (Important)
    2021-12-12
    oval:org.opensuse.security:def:26179
    P
    		Security update for gmp (Moderate)
    2021-12-02
    oval:org.opensuse.security:def:33034
    P
    		Security update for opensc (Important)
    2021-10-29
    oval:org.opensuse.security:def:31698
    P
    		Security update for transfig (Important)
    2021-10-29
    oval:org.opensuse.security:def:31293
    P
    		Security update for postgresql10 (Important)
    2021-10-20
    oval:org.opensuse.security:def:32203
    P
    		Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)
    2021-10-18
    oval:org.opensuse.security:def:105476
    P
    		MozillaFirefox-92.0-1.2 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:106835
    P
    		seamonkey-2.53.9.1-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:31687
    P
    		Security update for sqlite3 (Important)
    2021-09-23
    oval:org.opensuse.security:def:26135
    P
    		Security update for hivex (Moderate)
    2021-09-23
    oval:org.opensuse.security:def:26121
    P
    		Security update for ntfs-3g_ntfsprogs (Important)
    2021-09-07
    oval:org.opensuse.security:def:32995
    P
    		Security update for file (Important)
    2021-09-02
    oval:org.opensuse.security:def:26115
    P
    		Security update for libesmtp (Important)
    2021-09-02
    oval:org.opensuse.security:def:32147
    P
    		Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)
    2021-07-21
    oval:org.opensuse.security:def:32140
    P
    		Security update for MozillaFirefox (Important)
    2021-07-16
    oval:org.opensuse.security:def:26082
    P
    		Security update for openexr (Important)
    2021-06-24
    oval:org.opensuse.security:def:31212
    P
    		Security update for ovmf (Important)
    2021-06-22
    oval:org.opensuse.security:def:36071
    P
    		MozillaFirefox-31.7.0esr-0.8.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36362
    P
    		MozillaFirefox-devel-31.7.0esr-0.8.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:42478
    P
    		MozillaFirefox-31.7.0esr-0.8.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:31630
    P
    		Security update for polkit (Important)
    2021-06-03
    oval:org.opensuse.security:def:31623
    P
    		Security update for libxml2 (Important)
    2021-05-19
    oval:org.opensuse.security:def:26046
    P
    		Security update for libxml2 (Moderate)
    2021-05-05
    oval:org.opensuse.security:def:42065
    P
    		Security update for permissions (Important)
    2021-05-04
    oval:org.opensuse.security:def:32074
    P
    		Security update for MozillaFirefox (Important)
    2021-04-27
    oval:org.opensuse.security:def:26033
    P
    		Security update for ImageMagick (Moderate)
    2021-04-20
    oval:org.opensuse.security:def:31350
    P
    		Security update for python-cryptography (Important)
    2021-03-02
    oval:org.opensuse.security:def:31737
    P
    		Security update for python-cryptography (Important)
    2021-03-02
    oval:org.opensuse.security:def:31736
    P
    		Security update for MozillaFirefox (Important)
    2021-03-01
    oval:org.opensuse.security:def:26197
    P
    		Security update for postgresql13 (Moderate)
    2021-02-22
    oval:org.opensuse.security:def:26196
    P
    		Security update for ImageMagick (Moderate)
    2021-02-19
    oval:org.opensuse.security:def:31344
    P
    		Security update for java-1_7_1-ibm (Important)
    2021-02-18
    oval:org.opensuse.security:def:31332
    P
    		Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)
    2021-02-10
    oval:org.opensuse.security:def:31649
    P
    		Security update for postgresql, postgresql12, postgresql13 (Important)
    2021-01-26
    oval:org.opensuse.security:def:31201
    P
    		Security update for ImageMagick (Important)
    2021-01-22
    oval:org.opensuse.security:def:32096
    P
    		Security update for dnsmasq (Important)
    2021-01-19
    oval:org.opensuse.security:def:25985
    P
    		Security update for gimp (Moderate)
    2020-12-29
    oval:org.opensuse.security:def:25980
    P
    		Security update for MozillaFirefox (Critical)
    2020-12-21
    oval:org.opensuse.security:def:35853
    P
    		MozillaFirefox-17.0.4esr-0.10.42 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35515
    P
    		MozillaFirefox-3.5.9-0.1.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35658
    P
    		MozillaFirefox-10.0-0.3.2 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:41922
    P
    		MozillaFirefox-3.5.9-0.1.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:25209
    P
    		Security update for mutt (Important)
    2020-12-01
    oval:org.opensuse.security:def:25927
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32584
    P
    		ntp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31549
    P
    		Security update for screen (Low)
    2020-12-01
    oval:org.opensuse.security:def:26299
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32357
    P
    		Security update for squid3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25221
    P
    		Security update for sysstat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26541
    P
    		evince on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25621
    P
    		Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:25351
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:31593
    P
    		Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26352
    P
    		Security update for Mozilla Thunderbird (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30983
    P
    		Security update for icu (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25413
    P
    		Security update for ucode-intel (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31774
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:26658
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25696
    P
    		Security update for sudo (Important)
    2020-12-01
    oval:org.opensuse.security:def:25492
    P
    		Security update for webkit2gtk3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:32035
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:27034
    P
    		stunnel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30995
    P
    		Security update for jasper (Important)
    2020-12-01
    oval:org.opensuse.security:def:25745
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:31803
    P
    		Security update for amanda (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25839
    P
    		Security update for gimp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25067
    P
    		Security update for libjpeg-turbo (Important)
    2020-12-01
    oval:org.opensuse.security:def:25798
    P
    		Security update for flash-player (Critical)
    2020-12-01
    oval:org.opensuse.security:def:32480
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25403
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:31406
    P
    		Security update for perl-PlRPC (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26337
    P
    		Security update for freexl (Low)
    2020-12-01
    oval:org.opensuse.security:def:32778
    P
    		pyxml on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25142
    P
    		Security update for wget (Important)
    2020-12-01
    oval:org.opensuse.security:def:31493
    P
    		Security update for python
    2020-12-01
    oval:org.opensuse.security:def:26590
    P
    		libmusicbrainz4 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26480
    P
    		Security update for okular (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25415
    P
    		Security update for openldap2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31847
    P
    		Security update for clamav (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25912
    P
    		Security update for zziplib (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25494
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26643
    P
    		systemtap on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31126
    P
    		Security update for kvm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25607
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31991
    P
    		Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:31880
    P
    		Security update for dhcpcd (Important)
    2020-12-01
    oval:org.opensuse.security:def:26852
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25987
    P
    		Security update for the Linux Kernel (Critical)
    2020-12-01
    oval:org.opensuse.security:def:25635
    P
    		Security update for tigervnc (Critical)
    2020-12-01
    oval:org.opensuse.security:def:27325
    P
    		xen on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31138
    P
    		Security update for lcms
    2020-12-01
    oval:org.opensuse.security:def:25962
    P
    		Security update for mariadb (Important)
    2020-12-01
    oval:org.opensuse.security:def:25888
    P
    		Security update for flash-player (Critical)
    2020-12-01
    oval:org.opensuse.security:def:31946
    P
    		Security update for gnutls (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31538
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32313
    P
    		Security update for quagga (Important)
    2020-12-01
    oval:org.opensuse.security:def:25210
    P
    		Security update for unzip (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25941
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32623
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25620
    P
    		Security update for ovmf (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31437
    P
    		Security update for php53 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26338
    P
    		Security update for Chromium (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25285
    P
    		Security update for tomcat (Important)
    2020-12-01
    oval:org.opensuse.security:def:26623
    P
    		pam on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25632
    P
    		Security update for aspell (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25408
    P
    		Security update for sane-backends (Important)
    2020-12-01
    oval:org.opensuse.security:def:31792
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:26396
    P
    		Security update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:30984
    P
    		Security update for icu (Important)
    2020-12-01
    oval:org.opensuse.security:def:25688
    P
    		Security update for systemd (Important)
    2020-12-01
    oval:org.opensuse.security:def:31930
    P
    		Security update for glib2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31759
    P
    		Security update for LibVNCServer (Important)
    2020-12-01
    oval:org.opensuse.security:def:25824
    P
    		Security update for mariadb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25643
    P
    		Security update for hunspell (Low)
    2020-12-01
    oval:org.opensuse.security:def:27069
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25066
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:31069
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25829
    P
    		Security update for php5 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25784
    P
    		Security update for flash-player (Critical)
    2020-12-01
    oval:org.opensuse.security:def:32441
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:26253
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25078
    P
    		Security update for mailman (Important)
    2020-12-01
    oval:org.opensuse.security:def:31436
    P
    		Security update for php53 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26250
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25842
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25404
    P
    		Security update for spice (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26488
    P
    		Security update for cacti, cacti-spine (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32817
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25911
    P
    		Security update for gstreamer-plugins-base (Low)
    2020-12-01
    oval:org.opensuse.security:def:25270
    P
    		Security update for libxslt (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31580
    P
    		Security update for syslog-ng (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26629
    P
    		perl-Tk on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26515
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25479
    P
    		Security update for mariadb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31904
    P
    		Security update for foomatic-filters (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31841
    P
    		Security update for bzip2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26817
    P
    		rsync on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25923
    P
    		Security update for util-linux (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25551
    P
    		Security update for tomcat (Important)
    2020-12-01
    oval:org.opensuse.security:def:31986
    P
    		Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:26687
    P
    		e2fsprogs on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31127
    P
    		Security update for kvm (Important)
    2020-12-01
    oval:org.opensuse.security:def:25905
    P
    		Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:31902
    P
    		Security update for MozillaFirefox, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:31537
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25786
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32291
    P
    		Security update for postgresql94 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27360
    P
    		MozillaFirefox-devel on GA media (Moderate)
    2020-12-01
    oval:org.mitre.oval:def:17533
    P
    		USN-576-1 -- firefox vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:18434
    P
    		DSA-1489-1 iceweasel - several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:7909
    P
    		DSA-1489 iceweasel -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:20074
    P
    		DSA-1506-1 iceape - several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:7914
    P
    		DSA-1485 icedove -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:20267
    P
    		DSA-1484-1 xulrunner - several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:8000
    P
    		DSA-1484 xulrunner -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:18417
    P
    		DSA-1485-2 icedove - several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:8162
    P
    		DSA-1506 iceape -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:22437
    P
    		ELSA-2008:0103: firefox security update (Critical)
    2014-05-26
    oval:org.mitre.oval:def:21756
    P
    		ELSA-2008:0105: thunderbird security update (Critical)
    2014-05-26
    oval:org.mitre.oval:def:10075
    V
    		Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems.
    2013-04-29
    oval:com.redhat.rhsa:def:20080103
    P
    		RHSA-2008:0103: firefox security update (Critical)
    2008-03-20
    oval:com.redhat.rhsa:def:20080104
    P
    		RHSA-2008:0104: seamonkey security update (Critical)
    2008-03-20
    oval:com.redhat.rhsa:def:20080105
    P
    		RHSA-2008:0105: thunderbird security update (Critical)
    2008-02-27
    oval:org.debian:def:1506
    V
    		several vulnerabilities
    2008-02-24
    oval:org.debian:def:1485
    V
    		several vulnerabilities
    2008-02-10
    oval:org.debian:def:1489
    V
    		several vulnerabilities
    2008-02-10
    oval:org.debian:def:1484
    V
    		several vulnerabilities
    2008-02-10
    BACK
    mozilla firefox 0.2
    mozilla firefox 0.9.2
    mozilla firefox 1.0.2
    mozilla firefox 1.5.0.2
    mozilla firefox 1.5.0.12
    mozilla firefox 1.5.2
    mozilla firefox 2.0
    mozilla firefox 2.0.0.1
    mozilla firefox 2.0.0.10
    mozilla firefox *
    mozilla seamonkey *
    mozilla seamonkey 1.0
    mozilla seamonkey 1.0
    mozilla seamonkey 1.0
    mozilla seamonkey 1.0
    mozilla seamonkey 1.0 alpha
    mozilla seamonkey 1.0 beta
    mozilla seamonkey 1.0.1
    mozilla seamonkey 1.0.2
    mozilla seamonkey 1.0.3
    mozilla seamonkey 1.0.4
    mozilla seamonkey 1.0.5
    mozilla seamonkey 1.0.6
    mozilla seamonkey 1.0.7
    mozilla seamonkey 1.0.8
    mozilla seamonkey 1.0.9
    mozilla seamonkey 1.0.99
    mozilla seamonkey 1.1
    mozilla seamonkey 1.1.1
    mozilla seamonkey 1.1.2
    mozilla seamonkey 1.1.10
    mozilla seamonkey 1.1.11
    mozilla seamonkey 1.1.12
    mozilla seamonkey 1.1.13
    mozilla seamonkey 1.1.14
    mozilla seamonkey 1.1.15
    mozilla seamonkey 1.1.16
    mozilla seamonkey *
    mozilla firefox 2.0
    mozilla firefox 2.0.0.1
    mozilla firefox 2.0.0.2
    mozilla firefox 2.0.0.3
    mozilla firefox 2.0.0.4
    netscape navigator 9.0
    mozilla firefox 2.0.0.5
    mozilla seamonkey 1.1.3
    mozilla firefox 2.0.0.6
    mozilla firefox 2.0.0.9
    mozilla seamonkey 1.1.2
    mozilla seamonkey 1.1.1
    mozilla firefox 2.0.0.7
    mozilla seamonkey 1.1.4
    mozilla firefox 2.0.0.8
    mozilla seamonkey 1.1.5
    mozilla seamonkey 1.1.6
    mozilla firefox 2.0.0.11
    mozilla firefox 2.0 beta1
    mozilla firefox 2.0 rc2
    mozilla firefox 2.0 rc3
    mozilla firefox 2.0.0.10
    mozilla seamonkey 1.1
    mozilla seamonkey 1.1.7
    mozilla seamonkey 1.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    sun solaris 10
    sun solaris 10
    redhat linux advanced workstation 2.1
    canonical ubuntu 6.06
    suse suse linux 10.1
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2007.1
    mandrakesoft mandrake linux 2008.0
    debian debian linux 4.0
    canonical ubuntu 7.04
    redhat enterprise linux 5
    canonical ubuntu 7.10
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2007.1
    redhat enterprise linux 4.6.z ga
    redhat enterprise linux 4.6.z ga
    novell open enterprise server *
    novell opensuse 10.2
    novell opensuse 10.3
    google chrome 3.0.195.38
    apple safari 4.0.4