OVAL Reference oval:com.ubuntu.precise:def:20112605000

Oval Definition:

oval:com.ubuntu.precise:def:20112605000

Revision Date:	2011-06-30	Version:	1
Title:	CVE-2011-2605 on Ubuntu 12.04 LTS (precise) - medium.
Description:	CRLF injection vulnerability in the nsCookieService::SetCookieStringInternal function in netwerk/cookie/nsCookieService.cpp in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allows remote attackers to bypass intended access restrictions via a string containing a \n (newline) character, which is not properly handled in a JavaScript "document.cookie =" expression, a different vulnerability than CVE-2011-2374.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2011-2605
Platform(s):	Ubuntu 12.04 LTS	Product(s):
Definition Synopsis
Ubuntu 12.04 LTS (precise) is installed. AND Package Information NOT While related to the CVE in some way, the 'firefox' package in precise is not affected. OR NOT While related to the CVE in some way, the 'thunderbird' package in precise is not affected.