oval:org.mitre.oval:def:16931
Definition Id: oval:org.mitre.oval:def:16931 | |||
Oval ID: | oval:org.mitre.oval:def:16931 | ||
Title: | DEPRECATED: Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page. | ||
Description: | The SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can perform TLS encryption of compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a "CRIME" attack. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4930 | Version: | 6 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Firefox ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22414 | |||
Oval ID: | oval:org.mitre.oval:def:22414 | ||
Title: | Mozilla Firefox ESR is installed | ||
Description: | The browser installed on the system is Mozilla Firefox ESR | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/a:mozilla:firefox_esr | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox ESR |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:16931 |
Definition Id: oval:org.mitre.oval:def:22259 | |||
Oval ID: | oval:org.mitre.oval:def:22259 | ||
Title: | Mozilla Firefox Mainline release is installed | ||
Description: | The browser installed on the system is Mozilla Firefox Mainline release | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/a:mozilla:firefox | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:16931 |