oval:org.mitre.oval:def:12717
Definition Id: oval:org.mitre.oval:def:12717 | |||
Oval ID: | oval:org.mitre.oval:def:12717 | ||
Title: | DSA-2106-2 xulrunner -- several | ||
Description: | DSA-2106-1 introduced a regression that could lead to an application crash. This update fixes this problem. For reference, the text of the original advisory is provided below. Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems: - - Implementation errors in XUL processing allow the execution of arbitrary code - - An implementation error in the XPCSafeJSObjectWrapper wrapper allows the bypass of the same origin policy - - An integer overflow in frame handling allows the execution of arbitrary code - - An implementation error in DOM handling allows the execution of arbitrary code - - Incorrect pointer handling in the plugin code allow the execution of arbitrary code - - Incorrect handling of an object tag may lead to the bypass of cross site scripting filters - - Incorrect copy and paste handling could lead to cross site scripting - - Crashes in the layout engine may lead to the execution of arbitrary code For the stable distribution, the problem has been fixed in version 1.9.0.19-5. The packages for the mips architecture are not included in this update. They will be released as soon as they become available. We recommend that you upgrade your xulrunner packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2106-2 CVE-2010-2760 CVE-2010-2763 CVE-2010-2765 CVE-2010-2766 CVE-2010-2767 CVE-2010-2768 CVE-2010-2769 CVE-2010-3167 CVE-2010-3168 CVE-2010-3169 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6513 | |||
Oval ID: | oval:org.mitre.oval:def:6513 | ||
Title: | Debian GNU/Linux 5.0 is installed | ||
Description: | Debian GNU/Linux 5.0 (lenny) is installed | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:debian:debian_gnu/linux:5.0 | Version: | 7 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:12717 |