oval:org.mitre.oval:def:12665

Definition Id: oval:org.mitre.oval:def:12665

Oval ID:	oval:org.mitre.oval:def:12665
Title:	Information disclosure vulnerability in Mozilla Firefox before 3.6 through HREF attribute of a stylesheet LINK element
Description:	Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value, related to an IFRAME element.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0648	Version:	11
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP	Product(s):	Mozilla Firefox
Definition Synopsis:
Mozilla Firefox Mainline release is installed AND Check for vulnerable version Mozilla Firefox Mainline version is less than 3.6

Definition Id: oval:org.mitre.oval:def:22259

Oval ID:	oval:org.mitre.oval:def:22259
Title:	Mozilla Firefox Mainline release is installed
Description:	The browser installed on the system is Mozilla Firefox Mainline release
Family:	windows	Class:	inventory
Reference(s):	cpe:/a:mozilla:firefox	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox
Definition Synopsis:
Check if Firefox Mainline is installed on the system AND Check if HKLM\Software\Mozilla\Mozilla Firefox.*$!Install Directory exists AND Check if channel-prefs.js (Firefox Mainline file) exists
Referenced By:
oval:org.mitre.oval:def:12665