oval:org.mitre.oval:def:7945

Definition Id: oval:org.mitre.oval:def:7945

Oval ID:	oval:org.mitre.oval:def:7945
Title:	DSA-1922 xulrunner -- several vulnerabilities
Description:	Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: Vladimir Vukicevic, Jesse Ruderman, Martijn Wargers, Daniel Banchero, David Keeler and Boris Zbarsky reported crashes in layout engine, which might allow the execution of arbitrary code. Carsten Book reported a crash in the layout engine, which might allow the execution of arbitrary code. Jesse Ruderman and Sid Stamm discovered spoofing vulnerability in the file download dialog. Gregory Fleischer discovered a bypass of the same-origin policy using the document.getSelection() function. "moz_bug_r_a4" discovered a privilege escalation to Chrome status in the XPCOM utility XPCVariant::VariantDataToJS. "regenrecht" discovered a buffer overflow in the GIF parser, which might lead to the execution of arbitrary code. Marco C. discovered that a programming error in the proxy auto configuration code might lead to denial of service or the execution of arbitrary code. Jeremy Brown discovered that the filename of a downloaded file which is opened by the user is predictable, which might lead to tricking the user into a malicious file if the attacker has local access to the system. Paul Stone discovered that history information from web forms could be stolen.
Family:	unix	Class:	patch
Reference(s):	DSA-1922 CVE-2009-3274 CVE-2009-3370 CVE-2009-3372 CVE-2009-3373 CVE-2009-3374 CVE-2009-3375 CVE-2009-3376 CVE-2009-3380 CVE-2009-3382	Version:	3
Platform(s):	Debian GNU/Linux 5.0	Product(s):	xulrunner
Definition Synopsis:
Debian GNU/Linux 5.0 is installed Architecture section Architecture independent section Installed architecture is all AND libmozillainterfaces-java is earlier than 1.9.0.15-0lenny1 AND libmozjs-dev is earlier than 1.9.0.15-0lenny1 AND spidermonkey-bin is earlier than 1.9.0.15-0lenny1 AND xulrunner-1.9-gnome-support is earlier than 1.9.0.15-0lenny1 AND xulrunner-1.9 is earlier than 1.9.0.15-0lenny1 AND libmozjs1d-dbg is earlier than 1.9.0.15-0lenny1 AND libmozjs1d is earlier than 1.9.0.15-0lenny1 AND python-xpcom is earlier than 1.9.0.15-0lenny1 AND xulrunner-1.9-dbg is earlier than 1.9.0.15-0lenny1 AND xulrunner-dev is earlier than 1.9.0.15-0lenny1

Definition Id: oval:org.mitre.oval:def:6513

Oval ID:	oval:org.mitre.oval:def:6513
Title:	Debian GNU/Linux 5.0 is installed
Description:	Debian GNU/Linux 5.0 (lenny) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:5.0	Version:	7
Platform(s):	Debian GNU/Linux 5.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 5.0 is installed
Referenced By:
oval:org.mitre.oval:def:7945

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0277s

Facebook rss twitter linkedin mail