oval:org.mitre.oval:def:7898

Definition Id: oval:org.mitre.oval:def:7898

Oval ID:	oval:org.mitre.oval:def:7898
Title:	DSA-1756 xulrunner -- multiple vulnerabilities
Description:	Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: Security researcher Guido Landi discovered that a XSL stylesheet could be used to crash the browser during a XSL transformation. An attacker could potentially use this crash to run arbitrary code on a victim's computer. Security researcher Nils reported via TippingPoint's Zero Day Initiative that the XUL tree method _moveToEdgeShift was in some cases triggering garbage collection routines on objects which were still in use. In such cases, the browser would crash when attempting to access a previously destroyed object and this crash could be used by an attacker to run arbitrary code on a victim's computer. Note that after installing these updates, you will need to restart any packages using xulrunner, typically iceweasel or epiphany. As indicated in the Etch release notes, security support for the Mozilla products in the oldstable distribution needed to be stopped before the end of the regular Etch security maintenance life cycle. You are strongly encouraged to upgrade to stable or switch to a still supported browser.
Family:	unix	Class:	patch
Reference(s):	DSA-1756 CVE-2009-1169 CVE-2009-1044	Version:	3
Platform(s):	Debian GNU/Linux 5.0	Product(s):	xulrunner
Definition Synopsis:
Debian GNU/Linux 5.0 is installed Architecture section Architecture independent section Installed architecture is all AND libmozillainterfaces-java is earlier than 1.9.0.7-0lenny2 AND libmozjs-dev is earlier than 1.9.0.7-0lenny2 AND spidermonkey-bin is earlier than 1.9.0.7-0lenny2 AND xulrunner-1.9-gnome-support is earlier than 1.9.0.7-0lenny2 AND xulrunner-1.9 is earlier than 1.9.0.7-0lenny2 AND libmozjs1d-dbg is earlier than 1.9.0.7-0lenny2 AND libmozjs1d is earlier than 1.9.0.7-0lenny2 AND python-xpcom is earlier than 1.9.0.7-0lenny2 AND xulrunner-1.9-dbg is earlier than 1.9.0.7-0lenny2 AND xulrunner-dev is earlier than 1.9.0.7-0lenny2

Definition Id: oval:org.mitre.oval:def:6513

Oval ID:	oval:org.mitre.oval:def:6513
Title:	Debian GNU/Linux 5.0 is installed
Description:	Debian GNU/Linux 5.0 (lenny) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:5.0	Version:	7
Platform(s):	Debian GNU/Linux 5.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 5.0 is installed
Referenced By:
oval:org.mitre.oval:def:7898

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0254s

Facebook rss twitter linkedin mail