製品・ソフトウェアに関する情報

JVN脆弱性詳細

Linux 上で稼働する複数の Mozilla 製品における application-launch スクリプトに関する権限昇格の脆弱性

Title	Linux 上で稼働する複数の Mozilla 製品における application-launch スクリプトに関する権限昇格の脆弱性
Summary	Linux 上で稼働する複数の Mozilla 製品の application-launch スクリプトは、 LD_LIBRARY_PATH 内に zero-length ディレクトリ名を配置するため、権限を取得される脆弱性が存在します。
Possible impacts	ローカルユーザにより、カレントワーキングディレクトリ内にあるトロイの木馬の共有ライブラリを介して、権限を取得される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Oct. 19, 2010, midnight
Registration Date	Nov. 11, 2010, 3:05 p.m.
Last Update	Jan. 27, 2011, 2:24 p.m.

CVSS2.0 : 警告
Score	6.9
Vector	AV:L/AC:M/Au:N/C:C/I:C/A:C

Affected System

レッドハット

Red Hat Enterprise Linux 3 (as)

Red Hat Enterprise Linux 3 (es)

Red Hat Enterprise Linux 3 (ws)

Red Hat Enterprise Linux 4 (as)

Red Hat Enterprise Linux 4 (es)

Red Hat Enterprise Linux 4 (ws)

Red Hat Enterprise Linux 4.8 (as)

Red Hat Enterprise Linux 4.8 (es)

Red Hat Enterprise Linux 5 (server)

Red Hat Enterprise Linux Desktop 3.0

Red Hat Enterprise Linux Desktop 4.0

Red Hat Enterprise Linux Desktop 5.0 (client)

Red Hat Enterprise Linux Desktop 6

Red Hat Enterprise Linux HPC Node 6

Red Hat Enterprise Linux Server 6

Red Hat Enterprise Linux Workstation 6

RHEL Desktop Workstation 5 (client)

RHEL Optional Productivity Applications 5 (server)

オラクル

Oracle Solaris 10

Oracle Solaris 11 Express

Mozilla Foundation

Mozilla Firefox 3.6.11 未満

Mozilla Firefox 3.5.14 未満

Mozilla SeaMonkey 2.0.9 未満

Mozilla Thunderbird 3.0.9 未満

Mozilla Thunderbird 3.1.5 未満

サイバートラスト株式会社

Asianux Server 3 (x86)

Asianux Server 3 (x86-64)

Asianux Server 3.0

Asianux Server 3.0 (x86-64)

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2010-3182	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3182
National Vulnerability Database (NVD)
2	CVE-2010-3182	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3182

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-DesignError	https://www.ipa.go.jp/security/vuln/CWE.html#CWEDesignError

ベンダー情報

No	Name	URL
Asianux Technical Support Network
1	firefox-3.6.11-2.0.1.AXS3; nss-3.12.8-1.AXS3; xulrunner-1.9.2.11-2.0.1.AXS3	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=1288
MIRACLE LINUX アップデート情報
2	2150	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=2150
Mozilla Foundation Security Advisory
3	MFSA2010-71	http://www.mozilla.org/security/announce/2010/mfsa2010-71.html
Mozilla Foundation セキュリティアドバイザリ
4	MFSA2010-71	http://www.mozilla-japan.org/security/announce/2010/mfsa2010-71.html
Red Hat Security Advisory
5	RHSA-2010:0780	https://rhn.redhat.com/errata/RHSA-2010-0780.html
6	RHSA-2010:0781	https://rhn.redhat.com/errata/RHSA-2010-0781.html
7	RHSA-2010:0782	https://rhn.redhat.com/errata/RHSA-2010-0782.html
8	RHSA-2010:0861	https://rhn.redhat.com/errata/RHSA-2010-0861.html
9	RHSA-2010:0896	https://rhn.redhat.com/errata/RHSA-2010-0896.html
SECURITY BLOG
10	multiple_vulnerabilities_in_mozilla_firefox	http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox

その他

No	Name	URL
JVN
1	JVNTA10-238A	http://jvn.jp/cert/JVNTA10-238A
JVN Status Tracking Notes
2	JVNTR-2010-23	http://jvn.jp/tr/JVNTR-2010-23
SecurityFocus
3	44251	http://www.securityfocus.com/bid/44251
US-CERT Technical Cyber Security Alert
4	TA10-238A	http://www.us-cert.gov/cas/techalerts/TA10-238A.html
VUPEN Security
5	VUPEN/ADV-2010-2726	http://www.vupen.com/english/advisories/2010/2726

Change Log

No	Changed Details	Date of change
0	[2010年11月11日] 掲載 [2010年12月07日] 影響を受けるシステム：レッドハット (RHSA-2010:0861) の情報を追加影響を受けるシステム：レッドハット (RHSA-2010:0896) の情報を追加ベンダ情報：レッドハット (RHSA-2010:0861) を追加ベンダ情報：レッドハット (RHSA-2010:0896) を追加 [2011年01月27日] 影響を受けるシステム：オラクル (multiple_vulnerabilities_in_mozilla_firefox) の情報を追加ベンダ情報：オラクル (multiple_vulnerabilities_in_mozilla_firefox) を追加	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2010-3182

Summary	A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Publication Date	Oct. 22, 2010, 4 a.m.
Registration Date	Jan. 29, 2021, 11:05 a.m.
Last Update	Nov. 21, 2024, 10:18 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:3.6.2:::::::*
cpe:2.3:a:mozilla:firefox:3.6.3:::::::*
cpe:2.3:a:mozilla:firefox:3.6.8:::::::*
cpe:2.3:a:mozilla:firefox:3.6.9:::::::*
cpe:2.3:a:mozilla:firefox:3.6.6:::::::*
cpe:2.3:a:mozilla:firefox:3.6.10:::::::*
cpe:2.3:a:mozilla:firefox:3.6.7:::::::*
cpe:2.3:a:mozilla:firefox:3.6.4:::::::*
cpe:2.3:a:mozilla:firefox:3.6:::::::*

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:mozilla:seamonkey:1.1.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.17:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2::::::
cpe:2.3:a:mozilla:seamonkey:1.1.5:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:beta::::::
cpe:2.3:a:mozilla:seamonkey:1.1:alpha::::::
cpe:2.3:a:mozilla:seamonkey:2.0:rc2::::::
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3::::::
cpe:2.3:a:mozilla:seamonkey:1.0:alpha::::::
cpe:2.3:a:mozilla:seamonkey:1.1.12:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.14:::::::*
cpe:2.3:a:mozilla:seamonkey::::::::		2.0.8
cpe:2.3:a:mozilla:seamonkey:1.1.2:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_2::::::
cpe:2.3:a:mozilla:seamonkey:1.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.11:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1::::::
cpe:2.3:a:mozilla:seamonkey:1.5.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1:beta::::::
cpe:2.3:a:mozilla:seamonkey:1.1.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.15:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.16:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_1::::::
cpe:2.3:a:mozilla:seamonkey:1.1.19:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:rc1::::::
cpe:2.3:a:mozilla:seamonkey:1.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.13:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.18:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.4:::::::*

Configuration3	or higher	or less	more than	less than
cpe:2.3:a:mozilla:thunderbird:3.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.21:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.18:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.16:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.10:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:beta2::::::
cpe:2.3:a:mozilla:thunderbird:2.0.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.0:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.13:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.12:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.22:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.14:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.17:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.23:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.11:::::::*
cpe:2.3:a:mozilla:thunderbird:0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.12:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.3:::::::*
cpe:2.3:a:mozilla:thunderbird:0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.1:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.14:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:0.1:::::::*
cpe:2.3:a:mozilla:thunderbird::::::::		3.0.8
cpe:2.3:a:mozilla:thunderbird:0.7.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.19:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.4:::::::*

Configuration4	or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:2.0.0.12:::::::*
cpe:2.3:a:mozilla:firefox:1.5:beta2::::::
cpe:2.3:a:mozilla:firefox:3.0.17:::::::*
cpe:2.3:a:mozilla:firefox:3.5.3:::::::*
cpe:2.3:a:mozilla:firefox:3.0.7:::::::*
cpe:2.3:a:mozilla:firefox:1.5.2:::::::*
cpe:2.3:a:mozilla:firefox:3.0.9:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.6:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.10:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.5.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5.4:::::::*
cpe:2.3:a:mozilla:firefox:1.0.2:::::::*
cpe:2.3:a:mozilla:firefox:3.5:::::::*
cpe:2.3:a:mozilla:firefox:3.5.5:::::::*
cpe:2.3:a:mozilla:firefox:3.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5:beta1::::::
cpe:2.3:a:mozilla:firefox:3.5.9:::::::*
cpe:2.3:a:mozilla:firefox:3.5.4:::::::*
cpe:2.3:a:mozilla:firefox::::::::		3.5.13
cpe:2.3:a:mozilla:firefox:3.5.7:::::::*
cpe:2.3:a:mozilla:firefox:3.0.5:::::::*
cpe:2.3:a:mozilla:firefox:3.5.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5:::::::*
cpe:2.3:a:mozilla:firefox:1.0.4:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.7:::::::*
cpe:2.3:a:mozilla:firefox:1.0.7:::::::*
cpe:2.3:a:mozilla:firefox:3.5.10:::::::*
cpe:2.3:a:mozilla:firefox:3.5.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.9:::::::*
cpe:2.3:a:mozilla:firefox:3.0.14:::::::*
cpe:2.3:a:mozilla:firefox:3.5.2:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.16:::::::*
cpe:2.3:a:mozilla:firefox:1.5.6:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.17:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.15:::::::*
cpe:2.3:a:mozilla:firefox:3.0.10:::::::*
cpe:2.3:a:mozilla:firefox:3.0.12:::::::*
cpe:2.3:a:mozilla:firefox:1.0:::::::*
cpe:2.3:a:mozilla:firefox:3.0.3:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.7:::::::*
cpe:2.3:a:mozilla:firefox:2.0:::::::*
cpe:2.3:a:mozilla:firefox:1.0.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.14:::::::*
cpe:2.3:a:mozilla:firefox:3.0.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0.15:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.8:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.5.12:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.9:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.5:::::::*
cpe:2.3:a:mozilla:firefox:1.5.7:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.12:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.0.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.13:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.18:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.1:::::::*
cpe:2.3:a:mozilla:firefox:3.0.2:::::::*
cpe:2.3:a:mozilla:firefox:3.5.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.5:::::::*
cpe:2.3:a:mozilla:firefox:1.0:preview_release::::::
cpe:2.3:a:mozilla:firefox:2.0.0.20:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.8:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.19:::::::*
cpe:2.3:a:mozilla:firefox:1.5.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.3:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::*
cpe:2.3:a:mozilla:firefox:3.0.13:::::::*
cpe:2.3:a:mozilla:firefox:1.0.5:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.5:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.10:::::::*
cpe:2.3:a:mozilla:firefox:3.0.16:::::::*
cpe:2.3:a:mozilla:firefox:1.0.6:::::::*
cpe:2.3:a:mozilla:firefox:1.0.8:::::::*
cpe:2.3:a:mozilla:firefox:3.0.11:::::::*

Configuration5	or higher	or less	more than	less than
cpe:2.3:a:mozilla:thunderbird:3.1.2:::::::*
cpe:2.3:a:mozilla:thunderbird:3.1.1:::::::*
cpe:2.3:a:mozilla:thunderbird:3.1.4:::::::*
cpe:2.3:a:mozilla:thunderbird:3.1:::::::*
cpe:2.3:a:mozilla:thunderbird:3.1.3:::::::*

Related information, measures and tools

No	URL	タグ
1	http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
2	http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
3	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html
4	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html
5	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html
6	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html
7	http://secunia.com/advisories/42867
8	http://secunia.com/advisories/42867
9	http://support.avaya.com/css/P8/documents/100114250
10	http://support.avaya.com/css/P8/documents/100114250
11	http://support.avaya.com/css/P8/documents/100120156
12	http://support.avaya.com/css/P8/documents/100120156
13	http://www.mandriva.com/security/advisories?name=MDVSA-2010:210
14	http://www.mandriva.com/security/advisories?name=MDVSA-2010:210
15	http://www.mandriva.com/security/advisories?name=MDVSA-2010:211
16	http://www.mandriva.com/security/advisories?name=MDVSA-2010:211
17	http://www.mozilla.org/security/announce/2010/mfsa2010-71.html	Vendor Advisory
18	http://www.mozilla.org/security/announce/2010/mfsa2010-71.html	Vendor Advisory
19	http://www.redhat.com/support/errata/RHSA-2010-0780.html
20	http://www.redhat.com/support/errata/RHSA-2010-0780.html
21	http://www.redhat.com/support/errata/RHSA-2010-0781.html
22	http://www.redhat.com/support/errata/RHSA-2010-0781.html
23	http://www.redhat.com/support/errata/RHSA-2010-0782.html
24	http://www.redhat.com/support/errata/RHSA-2010-0782.html
25	http://www.redhat.com/support/errata/RHSA-2010-0861.html
26	http://www.redhat.com/support/errata/RHSA-2010-0861.html
27	http://www.redhat.com/support/errata/RHSA-2010-0896.html
28	http://www.redhat.com/support/errata/RHSA-2010-0896.html
29	http://www.securityfocus.com/bid/44251
30	http://www.securityfocus.com/bid/44251
31	http://www.ubuntu.com/usn/USN-997-1
32	http://www.ubuntu.com/usn/USN-997-1
33	http://www.ubuntu.com/usn/USN-998-1
34	http://www.ubuntu.com/usn/USN-998-1
35	http://www.vupen.com/english/advisories/2011/0061
36	http://www.vupen.com/english/advisories/2011/0061
37	https://bugzilla.mozilla.org/show_bug.cgi?id=590753
38	https://bugzilla.mozilla.org/show_bug.cgi?id=590753
39	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13844
40	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13844

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:3.6.2:::::::*
cpe:2.3:a:mozilla:firefox:3.6.3:::::::*
cpe:2.3:a:mozilla:firefox:3.6.8:::::::*
cpe:2.3:a:mozilla:firefox:3.6.9:::::::*
cpe:2.3:a:mozilla:firefox:3.6.6:::::::*
cpe:2.3:a:mozilla:firefox:3.6.10:::::::*
cpe:2.3:a:mozilla:firefox:3.6.7:::::::*
cpe:2.3:a:mozilla:firefox:3.6.4:::::::*
cpe:2.3:a:mozilla:firefox:3.6:::::::*

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:mozilla:seamonkey:1.1.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.17:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2::::::
cpe:2.3:a:mozilla:seamonkey:1.1.5:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:beta::::::
cpe:2.3:a:mozilla:seamonkey:1.1:alpha::::::
cpe:2.3:a:mozilla:seamonkey:2.0:rc2::::::
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3::::::
cpe:2.3:a:mozilla:seamonkey:1.0:alpha::::::
cpe:2.3:a:mozilla:seamonkey:1.1.12:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.14:::::::*
cpe:2.3:a:mozilla:seamonkey::::::::		2.0.8
cpe:2.3:a:mozilla:seamonkey:1.1.2:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_2::::::
cpe:2.3:a:mozilla:seamonkey:1.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.11:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1::::::
cpe:2.3:a:mozilla:seamonkey:1.5.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1:beta::::::
cpe:2.3:a:mozilla:seamonkey:1.1.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.15:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.16:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_1::::::
cpe:2.3:a:mozilla:seamonkey:1.1.19:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:rc1::::::
cpe:2.3:a:mozilla:seamonkey:1.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.13:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.18:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.4:::::::*

Configuration3	or higher	or less	more than	less than
cpe:2.3:a:mozilla:thunderbird:3.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.21:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.18:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.16:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.10:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:beta2::::::
cpe:2.3:a:mozilla:thunderbird:2.0.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.0:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.13:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.12:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.22:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.14:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.17:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.23:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.11:::::::*
cpe:2.3:a:mozilla:thunderbird:0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.12:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.3:::::::*
cpe:2.3:a:mozilla:thunderbird:0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.1:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.14:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:0.1:::::::*
cpe:2.3:a:mozilla:thunderbird::::::::		3.0.8
cpe:2.3:a:mozilla:thunderbird:0.7.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.19:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.4:::::::*

Configuration4	or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:2.0.0.12:::::::*
cpe:2.3:a:mozilla:firefox:1.5:beta2::::::
cpe:2.3:a:mozilla:firefox:3.0.17:::::::*
cpe:2.3:a:mozilla:firefox:3.5.3:::::::*
cpe:2.3:a:mozilla:firefox:3.0.7:::::::*
cpe:2.3:a:mozilla:firefox:1.5.2:::::::*
cpe:2.3:a:mozilla:firefox:3.0.9:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.6:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.10:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.5.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5.4:::::::*
cpe:2.3:a:mozilla:firefox:1.0.2:::::::*
cpe:2.3:a:mozilla:firefox:3.5:::::::*
cpe:2.3:a:mozilla:firefox:3.5.5:::::::*
cpe:2.3:a:mozilla:firefox:3.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5:beta1::::::
cpe:2.3:a:mozilla:firefox:3.5.9:::::::*
cpe:2.3:a:mozilla:firefox:3.5.4:::::::*
cpe:2.3:a:mozilla:firefox::::::::		3.5.13
cpe:2.3:a:mozilla:firefox:3.5.7:::::::*
cpe:2.3:a:mozilla:firefox:3.0.5:::::::*
cpe:2.3:a:mozilla:firefox:3.5.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5:::::::*
cpe:2.3:a:mozilla:firefox:1.0.4:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.7:::::::*
cpe:2.3:a:mozilla:firefox:1.0.7:::::::*
cpe:2.3:a:mozilla:firefox:3.5.10:::::::*
cpe:2.3:a:mozilla:firefox:3.5.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.9:::::::*
cpe:2.3:a:mozilla:firefox:3.0.14:::::::*
cpe:2.3:a:mozilla:firefox:3.5.2:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.16:::::::*
cpe:2.3:a:mozilla:firefox:1.5.6:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.17:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.15:::::::*
cpe:2.3:a:mozilla:firefox:3.0.10:::::::*
cpe:2.3:a:mozilla:firefox:3.0.12:::::::*
cpe:2.3:a:mozilla:firefox:1.0:::::::*
cpe:2.3:a:mozilla:firefox:3.0.3:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.7:::::::*
cpe:2.3:a:mozilla:firefox:2.0:::::::*
cpe:2.3:a:mozilla:firefox:1.0.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.14:::::::*
cpe:2.3:a:mozilla:firefox:3.0.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0.15:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.8:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.5.12:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.9:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.5:::::::*
cpe:2.3:a:mozilla:firefox:1.5.7:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.12:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.0.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.13:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.18:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.1:::::::*
cpe:2.3:a:mozilla:firefox:3.0.2:::::::*
cpe:2.3:a:mozilla:firefox:3.5.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.5:::::::*
cpe:2.3:a:mozilla:firefox:1.0:preview_release::::::
cpe:2.3:a:mozilla:firefox:2.0.0.20:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.8:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.19:::::::*
cpe:2.3:a:mozilla:firefox:1.5.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.3:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::*
cpe:2.3:a:mozilla:firefox:3.0.13:::::::*
cpe:2.3:a:mozilla:firefox:1.0.5:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.5:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.10:::::::*
cpe:2.3:a:mozilla:firefox:3.0.16:::::::*
cpe:2.3:a:mozilla:firefox:1.0.6:::::::*
cpe:2.3:a:mozilla:firefox:1.0.8:::::::*
cpe:2.3:a:mozilla:firefox:3.0.11:::::::*