oval:org.mitre.oval:def:8140

Definition Id: oval:org.mitre.oval:def:8140

Oval ID:	oval:org.mitre.oval:def:8140
Title:	DSA-1671 iceweasel -- several vulnerabilities
Description:	Several remote vulnerabilities have been discovered in the Iceweasel webbrowser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems: Justin Schuh discovered that a buffer overflow in the http-index-format parser could lead to arbitrary code execution. Liu Die Yu discovered an information leak through local shortcut files. Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions. It was discovered that insufficient checks in the Flash plugin glue code could lead to arbitrary code execution. Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution. It was discovered that crashes in the layout engine could lead to arbitrary code execution. It was discovered that crashes in the Javascript engine could lead to arbitrary code execution. It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code. moz_bug_r_a4 discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners() could be bypassed. Collin Jackson discovered that the -moz-binding property bypasses security checks on codebase principals. Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents.
Family:	unix	Class:	patch
Reference(s):	DSA-1671 CVE-2008-0017 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5017 CVE-2008-5018 CVE-2008-5021 CVE-2008-5022 CVE-2008-5023 CVE-2008-5024	Version:	3
Platform(s):	Debian GNU/Linux 4.0	Product(s):	iceweasel
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Architecture section Architecture independent section Installed architecture is all AND Packages section mozilla-firefox is earlier than 2.0.0.18-0etch1 AND firefox is earlier than 2.0.0.18-0etch1 AND firefox-dom-inspector is earlier than 2.0.0.18-0etch1 AND iceweasel-dom-inspector is earlier than 2.0.0.18-0etch1 AND mozilla-firefox-gnome-support is earlier than 2.0.0.18-0etch1 AND mozilla-firefox-dom-inspector is earlier than 2.0.0.18-0etch1 AND firefox-gnome-support is earlier than 2.0.0.18-0etch1 OR Architecture dependent section Supported architectures section Installed architecture is s390 AND Installed architecture is amd64 AND Installed architecture is sparc AND Installed architecture is powerpc AND Installed architecture is i386 AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is mipsel AND Installed architecture is hppa AND Packages section iceweasel-gnome-support is earlier than 2.0.0.18-0etch1 AND iceweasel-dbg is earlier than 2.0.0.18-0etch1 AND iceweasel is earlier than 2.0.0.18-0etch1

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:8140

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0270s

Facebook rss twitter linkedin mail