oval:org.mitre.oval:def:7969

Definition Id: oval:org.mitre.oval:def:7969

Oval ID:	oval:org.mitre.oval:def:7969
Title:	Mozilla Firefox WOFF Processing Integer Overflow Vulnerability
Description:	Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 before 3.6.2 and 3.7 before 3.7 alpha 3 allows remote attackers to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as demonstrated by the vd_ff module in VulnDisco 9.0.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-1028	Version:	12
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7	Product(s):	Mozilla Firefox
Definition Synopsis:
Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is 3.6.x to 3.6.1

Definition Id: oval:org.mitre.oval:def:22259

Oval ID:	oval:org.mitre.oval:def:22259
Title:	Mozilla Firefox Mainline release is installed
Description:	The browser installed on the system is Mozilla Firefox Mainline release
Family:	windows	Class:	inventory
Reference(s):	cpe:/a:mozilla:firefox	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox
Definition Synopsis:
Check if Firefox Mainline is installed on the system AND Check if HKLM\Software\Mozilla\Mozilla Firefox.*$!Install Directory exists AND Check if channel-prefs.js (Firefox Mainline file) exists
Referenced By:
oval:org.mitre.oval:def:7969