oval:org.mitre.oval:def:22596

Definition Id: oval:org.mitre.oval:def:22596

Oval ID:	oval:org.mitre.oval:def:22596
Title:	ELSA-2007:1082: firefox security update (Critical)
Description:	Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Referer header to the window or frame in which script is running, instead of the address of the content that initiated the script, which allows remote attackers to spoof HTTP Referer headers and bypass Referer-based CSRF protection schemes by setting window.location and using a modal alert dialog that causes the wrong Referer to be sent.
Family:	unix	Class:	patch
Reference(s):	ELSA-2007:1082-01 CVE-2007-5947 CVE-2007-5959 CVE-2007-5960	Version:	17
Platform(s):	Oracle Linux 5	Product(s):	firefox
Definition Synopsis:
Oracle Linux 5.x rpm test firefox-devel is earlier than 0:1.5.0.12-7.el5 AND firefox is earlier than 0:1.5.0.12-7.el5

Definition Id: oval:org.mitre.oval:def:15459

Oval ID:	oval:org.mitre.oval:def:15459
Title:	Oracle Linux 5.x
Description:	The operating system installed on the system is Oracle Linux 5.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:oracle:linux:5	Version:	7
Platform(s):	Oracle Linux 5	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND Oracle Linux 5.x is installed
Referenced By:
oval:org.mitre.oval:def:22596