oval:org.mitre.oval:def:7038

Definition Id: oval:org.mitre.oval:def:7038
 
Oval ID: oval:org.mitre.oval:def:7038
Title: DSA-1956 xulrunner -- several vulnerabilities
Description: Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: David James discovered that the window.opener property allows Chrome privilege escalation. Jordi Chanel discovered a spoofing vulnerability of the URL location bar using the document.location property. Jonathan Morgan discovered that the icon indicating a secure connection could be spoofed through the document.location property. Takehiro Takahashi discovered that the NTLM implementation is vulnerable to reflection attacks. Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel and Olli Pettay discovered crashes in the layout engine, which might allow the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-1956
CVE-2009-3986
CVE-2009-3985
CVE-2009-3984
CVE-2009-3983
CVE-2009-3981
CVE-2009-3979
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6513
 
Oval ID: oval:org.mitre.oval:def:6513
Title: Debian GNU/Linux 5.0 is installed
Description: Debian GNU/Linux 5.0 (lenny) is installed
Family: unix Class: inventory
Reference(s): cpe:/o:debian:debian_gnu/linux:5.0
Version: 7
Platform(s): Debian GNU/Linux 5.0
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7038