Vulnerability Name:

CVE-2012-1964 (CCN-77072)

Assigned:2012-07-17
Published:2012-07-17
Updated:2017-12-29
Summary:The certificate-warning functionality in browser/components/certerror/content/aboutCertError.xhtml in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.10 does not properly handle attempted clickjacking of the about:certerror page, which allows man-in-the-middle attackers to trick users into adding an unintended exception via an IFRAME element.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:4.0 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N)
3.0 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2012-1964

Source: SUSE
Type: UNKNOWN
SUSE-SU-2012:0895

Source: SUSE
Type: UNKNOWN
SUSE-SU-2012:0896

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2012:0899

Source: OSVDB
Type: UNKNOWN
84011

Source: CCN
Type: RHSA-2012-1088
Critical: firefox security update

Source: REDHAT
Type: UNKNOWN
RHSA-2012:1088

Source: CCN
Type: RHSA-2012-1089
Critical: thunderbird security update

Source: CCN
Type: SA49965
Mozilla Firefox Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
49965

Source: SECUNIA
Type: UNKNOWN
49972

Source: SECUNIA
Type: UNKNOWN
49977

Source: SECUNIA
Type: UNKNOWN
49979

Source: CCN
Type: SA49992
Mozilla Firefox Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
49992

Source: CCN
Type: SA49993
Mozilla Thunderbird Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
49993

Source: CCN
Type: SA49994
Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
49994

Source: CCN
Type: MFSA 2012-54
Clickjacking of certificate warning page

Source: CONFIRM
Type: Vendor Advisory
http://www.mozilla.org/security/announce/2012/mfsa2012-54.html

Source: CCN
Type: OSVDB ID: 84011
Mozilla Multiple Product about:certerror Page Certificate Exception Handling Clickjacking Weakness

Source: BID
Type: UNKNOWN
54581

Source: CCN
Type: BID-54581
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-1964 Clickjacking Vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-1509-1

Source: UBUNTU
Type: UNKNOWN
USN-1509-2

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.mozilla.org/show_bug.cgi?id=633691

Source: XF
Type: UNKNOWN
firefox-certificate-clickjacking(77072)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:16783

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mozilla:firefox:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:5.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:12.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:12.0:beta6:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:13.0:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:mozilla:firefox_esr:10.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox_esr:10.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox_esr:10.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox_esr:10.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox_esr:10.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox_esr:10.0.5:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:7.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:9.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:10.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:10.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:10.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:10.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:10.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:12.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:13.0:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/a:mozilla:thunderbird_esr:10.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird_esr:10.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird_esr:10.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird_esr:10.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird_esr:10.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird_esr:10.0.5:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.18:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.19:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:*:*:*:*:*:*:*:* (Version <= 2.0.14)
  • OR cpe:/a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

    • Configuration RedHat 10:
  • cpe:/a:redhat:rhel_productivity:5:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:mozilla:firefox:13.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox_esr:10.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:13.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird_esr:10.0.5:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20121964
    V
    		CVE-2012-1964
    2022-05-22
    oval:org.opensuse.security:def:42260
    P
    		Security update for yaml-cpp (Moderate)
    2022-04-01
    oval:org.opensuse.security:def:31755
    P
    		Security update for libvirt (Important)
    2022-01-10
    oval:org.opensuse.security:def:32252
    P
    		Security update for chrony (Moderate)
    2021-12-22
    oval:org.opensuse.security:def:31321
    P
    		Security update for glib-networking (Important)
    2021-12-13
    oval:org.opensuse.security:def:33755
    P
    		Security update for glib-networking (Important)
    2021-12-13
    oval:org.opensuse.security:def:31320
    P
    		Security update for MozillaFirefox (Important)
    2021-12-12
    oval:org.opensuse.security:def:26179
    P
    		Security update for gmp (Moderate)
    2021-12-02
    oval:org.opensuse.security:def:33034
    P
    		Security update for opensc (Important)
    2021-10-29
    oval:org.opensuse.security:def:32203
    P
    		Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)
    2021-10-18
    oval:org.opensuse.security:def:33011
    P
    		Security update for hivex (Moderate)
    2021-09-23
    oval:org.opensuse.security:def:26135
    P
    		Security update for hivex (Moderate)
    2021-09-23
    oval:org.opensuse.security:def:31687
    P
    		Security update for sqlite3 (Important)
    2021-09-23
    oval:org.opensuse.security:def:26121
    P
    		Security update for ntfs-3g_ntfsprogs (Important)
    2021-09-07
    oval:org.opensuse.security:def:26115
    P
    		Security update for libesmtp (Important)
    2021-09-02
    oval:org.opensuse.security:def:32995
    P
    		Security update for file (Important)
    2021-09-02
    oval:org.opensuse.security:def:32972
    P
    		Security update for webkit2gtk3 (Important)
    2021-08-03
    oval:org.opensuse.security:def:32147
    P
    		Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)
    2021-07-21
    oval:org.opensuse.security:def:32140
    P
    		Security update for MozillaFirefox (Important)
    2021-07-16
    oval:org.opensuse.security:def:26082
    P
    		Security update for openexr (Important)
    2021-06-24
    oval:org.opensuse.security:def:42478
    P
    		MozillaFirefox-31.7.0esr-0.8.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36071
    P
    		MozillaFirefox-31.7.0esr-0.8.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36362
    P
    		MozillaFirefox-devel-31.7.0esr-0.8.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:31630
    P
    		Security update for polkit (Important)
    2021-06-03
    oval:org.opensuse.security:def:31623
    P
    		Security update for libxml2 (Important)
    2021-05-19
    oval:org.opensuse.security:def:26046
    P
    		Security update for libxml2 (Moderate)
    2021-05-05
    oval:org.opensuse.security:def:32074
    P
    		Security update for MozillaFirefox (Important)
    2021-04-27
    oval:org.opensuse.security:def:26033
    P
    		Security update for ImageMagick (Moderate)
    2021-04-20
    oval:org.opensuse.security:def:26197
    P
    		Security update for postgresql13 (Moderate)
    2021-02-22
    oval:org.opensuse.security:def:33078
    P
    		Security update for krb5-appl (Important)
    2021-02-19
    oval:org.opensuse.security:def:26196
    P
    		Security update for ImageMagick (Moderate)
    2021-02-19
    oval:org.opensuse.security:def:32260
    P
    		Security update for java-1_7_1-ibm (Important)
    2021-02-18
    oval:org.opensuse.security:def:31332
    P
    		Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)
    2021-02-10
    oval:org.opensuse.security:def:28929
    P
    		Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP2) (Important)
    2021-02-10
    oval:org.opensuse.security:def:32249
    P
    		Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)
    2021-02-10
    oval:org.opensuse.security:def:32248
    P
    		Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)
    2021-02-10
    oval:org.opensuse.security:def:32096
    P
    		Security update for dnsmasq (Important)
    2021-01-19
    oval:org.opensuse.security:def:33716
    P
    		Security update for tomcat (Moderate)
    2021-01-05
    oval:org.opensuse.security:def:32923
    P
    		Security update for flac (Moderate)
    2021-01-04
    oval:org.opensuse.security:def:25980
    P
    		Security update for MozillaFirefox (Critical)
    2020-12-21
    oval:org.opensuse.security:def:35853
    P
    		MozillaFirefox-17.0.4esr-0.10.42 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:28239
    P
    		Security update for libvorbis (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25962
    P
    		Security update for mariadb (Important)
    2020-12-01
    oval:org.opensuse.security:def:27360
    P
    		MozillaFirefox-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28238
    P
    		Security update for libvorbis (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25905
    P
    		Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:27325
    P
    		xen on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25607
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26687
    P
    		e2fsprogs on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25479
    P
    		Security update for mariadb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31991
    P
    		Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:26643
    P
    		systemtap on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25415
    P
    		Security update for openldap2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31904
    P
    		Security update for foomatic-filters (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26629
    P
    		perl-Tk on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25404
    P
    		Security update for spice (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31847
    P
    		Security update for clamav (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26590
    P
    		libmusicbrainz4 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25403
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:26541
    P
    		evince on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31406
    P
    		Security update for perl-PlRPC (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26488
    P
    		Security update for cacti, cacti-spine (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26337
    P
    		Security update for freexl (Low)
    2020-12-01
    oval:org.opensuse.security:def:26253
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:29703
    P
    		Security update for Mozilla Firefox
    2020-12-01
    oval:org.opensuse.security:def:29667
    P
    		Security update for dbus-1 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25824
    P
    		Security update for mariadb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32866
    P
    		g3utils on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29029
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:25696
    P
    		Security update for sudo (Important)
    2020-12-01
    oval:org.opensuse.security:def:32710
    P
    		libexiv2-4 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28985
    P
    		Security update for wireshark (Low)
    2020-12-01
    oval:org.opensuse.security:def:25632
    P
    		Security update for aspell (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32623
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28968
    P
    		Security update for openssl (Important)
    2020-12-01
    oval:org.opensuse.security:def:25621
    P
    		Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:32566
    P
    		libsamplerate on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26852
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25620
    P
    		Security update for ovmf (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32472
    P
    		Security update for xorg-x11-server (Important)
    2020-12-01
    oval:org.opensuse.security:def:28880
    P
    		Security update for augeas (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26817
    P
    		rsync on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28826
    P
    		Security update for rsync (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31549
    P
    		Security update for screen (Low)
    2020-12-01
    oval:org.opensuse.security:def:28674
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:31538
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28590
    P
    		Security update for libfreebl3
    2020-12-01
    oval:org.opensuse.security:def:32817
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31537
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28533
    P
    		Security update for bogofilter
    2020-12-01
    oval:org.opensuse.security:def:32778
    P
    		pyxml on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25987
    P
    		Security update for the Linux Kernel (Critical)
    2020-12-01
    oval:org.opensuse.security:def:25923
    P
    		Security update for util-linux (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25829
    P
    		Security update for php5 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25912
    P
    		Security update for zziplib (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25745
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:32035
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:27069
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25911
    P
    		Security update for gstreamer-plugins-base (Low)
    2020-12-01
    oval:org.opensuse.security:def:25688
    P
    		Security update for systemd (Important)
    2020-12-01
    oval:org.opensuse.security:def:31986
    P
    		Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:27034
    P
    		stunnel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32337
    P
    		Security update for sblim-sfcb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31930
    P
    		Security update for glib2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26396
    P
    		Security update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:31774
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:26352
    P
    		Security update for Mozilla Thunderbird (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26338
    P
    		Security update for Chromium (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26299
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:28448
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:26250
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32357
    P
    		Security update for squid3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:28317
    P
    		Security update for openssl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32313
    P
    		Security update for quagga (Important)
    2020-12-01
    oval:org.opensuse.security:def:28250
    P
    		Security update for libxml2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32291
    P
    		Security update for postgresql94 (Moderate)
    2020-12-01
    oval:org.mitre.oval:def:16783
    V
    		The certificate-warning functionality in browser/components/certerror/content/aboutCertError.xhtml in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.10 does not properly handle attempted clickjacking of the about:certerror page, which allows man-in-the-middle attackers to trick users into adding an unintended exception via an IFRAME element.
    2014-10-06
    oval:org.mitre.oval:def:17819
    P
    		USN-1509-2 -- ubufox update
    2014-06-30
    oval:org.mitre.oval:def:17874
    P
    		USN-1509-1 -- firefox vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:23757
    P
    		ELSA-2012:1089: thunderbird security update (Critical)
    2014-05-26
    oval:org.mitre.oval:def:23937
    P
    		ELSA-2012:1088: firefox security update (Critical)
    2014-05-26
    oval:org.mitre.oval:def:21520
    P
    		RHSA-2012:1088: firefox security update (Critical)
    2014-02-24
    oval:org.mitre.oval:def:21282
    P
    		RHSA-2012:1089: thunderbird security update (Critical)
    2014-02-24
    oval:com.ubuntu.precise:def:20121964000
    V
    		CVE-2012-1964 on Ubuntu 12.04 LTS (precise) - medium.
    2012-07-18
    oval:com.redhat.rhsa:def:20121088
    P
    		RHSA-2012:1088: firefox security update (Critical)
    2012-07-17
    oval:com.redhat.rhsa:def:20121089
    P
    		RHSA-2012:1089: thunderbird security update (Critical)
    2012-07-17
    BACK
    mozilla firefox 4.0
    mozilla firefox 4.0 beta1
    mozilla firefox 4.0 beta10
    mozilla firefox 4.0 beta11
    mozilla firefox 4.0 beta12
    mozilla firefox 4.0 beta2
    mozilla firefox 4.0 beta3
    mozilla firefox 4.0 beta4
    mozilla firefox 4.0 beta5
    mozilla firefox 4.0 beta6
    mozilla firefox 4.0 beta7
    mozilla firefox 4.0 beta8
    mozilla firefox 4.0 beta9
    mozilla firefox 4.0.1
    mozilla firefox 5.0
    mozilla firefox 5.0.1
    mozilla firefox 6.0
    mozilla firefox 6.0.1
    mozilla firefox 6.0.2
    mozilla firefox 7.0
    mozilla firefox 7.0.1
    mozilla firefox 8.0
    mozilla firefox 8.0.1
    mozilla firefox 9.0
    mozilla firefox 9.0.1
    mozilla firefox 11.0
    mozilla firefox 12.0
    mozilla firefox 12.0 beta6
    mozilla firefox 13.0
    mozilla firefox esr 10.0
    mozilla firefox esr 10.0.1
    mozilla firefox esr 10.0.2
    mozilla firefox esr 10.0.3
    mozilla firefox esr 10.0.4
    mozilla firefox esr 10.0.5
    mozilla thunderbird 5.0
    mozilla thunderbird 6.0
    mozilla thunderbird 6.0.1
    mozilla thunderbird 6.0.2
    mozilla thunderbird 7.0
    mozilla thunderbird 7.0.1
    mozilla thunderbird 8.0
    mozilla thunderbird 9.0
    mozilla thunderbird 9.0.1
    mozilla thunderbird 10.0
    mozilla thunderbird 10.0.1
    mozilla thunderbird 10.0.2
    mozilla thunderbird 10.0.3
    mozilla thunderbird 10.0.4
    mozilla thunderbird 11.0
    mozilla thunderbird 12.0
    mozilla thunderbird 13.0
    mozilla thunderbird esr 10.0
    mozilla thunderbird esr 10.0.1
    mozilla thunderbird esr 10.0.2
    mozilla thunderbird esr 10.0.3
    mozilla thunderbird esr 10.0.4
    mozilla thunderbird esr 10.0.5
    mozilla seamonkey 1.0
    mozilla seamonkey 1.0 alpha
    mozilla seamonkey 1.0 beta
    mozilla seamonkey 1.0.1
    mozilla seamonkey 1.0.2
    mozilla seamonkey 1.0.3
    mozilla seamonkey 1.0.4
    mozilla seamonkey 1.0.5
    mozilla seamonkey 1.0.6
    mozilla seamonkey 1.0.7
    mozilla seamonkey 1.0.8
    mozilla seamonkey 1.0.9
    mozilla seamonkey 1.1
    mozilla seamonkey 1.1 alpha
    mozilla seamonkey 1.1 beta
    mozilla seamonkey 1.1.1
    mozilla seamonkey 1.1.2
    mozilla seamonkey 1.1.3
    mozilla seamonkey 1.1.4
    mozilla seamonkey 1.1.5
    mozilla seamonkey 1.1.6
    mozilla seamonkey 1.1.7
    mozilla seamonkey 1.1.8
    mozilla seamonkey 1.1.9
    mozilla seamonkey 1.1.10
    mozilla seamonkey 1.1.11
    mozilla seamonkey 1.1.12
    mozilla seamonkey 1.1.13
    mozilla seamonkey 1.1.14
    mozilla seamonkey 1.1.15
    mozilla seamonkey 1.1.16
    mozilla seamonkey 1.1.17
    mozilla seamonkey 1.1.18
    mozilla seamonkey 1.1.19
    mozilla seamonkey 1.5.0.8
    mozilla seamonkey 1.5.0.9
    mozilla seamonkey 1.5.0.10
    mozilla seamonkey 2.0
    mozilla seamonkey 2.0 alpha_1
    mozilla seamonkey 2.0 alpha_2
    mozilla seamonkey 2.0 alpha_3
    mozilla seamonkey 2.0 beta_1
    mozilla seamonkey 2.0 beta_2
    mozilla seamonkey 2.0 rc1
    mozilla seamonkey 2.0 rc2
    mozilla seamonkey 2.0.1
    mozilla seamonkey 2.0.2
    mozilla seamonkey 2.0.3
    mozilla seamonkey 2.0.4
    mozilla seamonkey 2.0.5
    mozilla seamonkey 2.0.6
    mozilla seamonkey 2.0.7
    mozilla seamonkey 2.0.8
    mozilla seamonkey 2.0.9
    mozilla seamonkey 2.0.10
    mozilla seamonkey 2.0.11
    mozilla seamonkey 2.0.12
    mozilla seamonkey 2.0.13
    mozilla seamonkey *
    mozilla seamonkey 2.1
    mozilla seamonkey 2.1 alpha1
    mozilla seamonkey 2.1 alpha2
    mozilla seamonkey 2.1 alpha3
    mozilla seamonkey 2.1 beta1
    mozilla seamonkey 2.1 beta2
    mozilla seamonkey 2.1 beta3
    mozilla seamonkey 2.1 rc1
    mozilla seamonkey 2.1 rc2
    mozilla firefox 13.0
    mozilla firefox esr 10.0.5
    mozilla seamonkey 2.10
    mozilla thunderbird 13.0
    mozilla thunderbird esr 10.0.5
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 6
    redhat enterprise linux 6
    redhat enterprise linux desktop 6
    redhat enterprise linux hpc node 6