oval:org.mitre.oval:def:16992

Definition Id: oval:org.mitre.oval:def:16992

Oval ID:	oval:org.mitre.oval:def:16992
Title:	Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses
Description:	Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1696	Version:	8
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox
Definition Synopsis:
Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is greater than or equal to 19.0 AND Mozilla Firefox Mainline version is less than 22.0

Definition Id: oval:org.mitre.oval:def:22259

Oval ID:	oval:org.mitre.oval:def:22259
Title:	Mozilla Firefox Mainline release is installed
Description:	The browser installed on the system is Mozilla Firefox Mainline release
Family:	windows	Class:	inventory
Reference(s):	cpe:/a:mozilla:firefox	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox
Definition Synopsis:
Check if Firefox Mainline is installed on the system AND Check if HKLM\Software\Mozilla\Mozilla Firefox.*$!Install Directory exists AND Check if channel-prefs.js (Firefox Mainline file) exists
Referenced By:
oval:org.mitre.oval:def:16992