oval:org.mitre.oval:def:1493

Definition Id: oval:org.mitre.oval:def:1493

Oval ID:	oval:org.mitre.oval:def:1493
Title:	Mozilla XML Attribute Name Validation Vulnerability
Description:	The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user's localstore.rdf file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2006-0296	Version:	4
Platform(s):	Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003	Product(s):	mozilla
Definition Synopsis:
Mozilla Firefox pre-1.5 is installed Mozilla Firefox pre-1.5 AND Firefox pre-1.5 is installed OR Mozilla Firefox version 1.5 is installed and has NOT been patched with version 1.5.0.1 Mozilla Firefox version 1.5 is installed AND Firefox version 1.5 or earlier is installed AND NOT The version of Firefox.exe is greater than or equal to 1.8.20060.11112 OR Mozilla Suite version 1.7.12 or earlier is installed Mozilla Suite version 1.7.12 or earlier is installed AND Mozilla Suite version 1.7.12 or earlier is installed OR A pre-release of SeaMonkey 1.0 is installed A pre-release of SeaMonkey 1.0 is installed AND A pre-release of SeaMonkey 1.0 is installed