OVAL Reference oval:com.ubuntu.precise:def:20120474000

Oval Definition:

oval:com.ubuntu.precise:def:20120474000

Revision Date:	2012-04-25	Version:	1
Title:	CVE-2012-0474 on Ubuntu 12.04 LTS (precise) - medium.
Description:	Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via vectors related to short-circuited page loads, aka "Universal XSS (UXSS)."
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2012-0474
Platform(s):	Ubuntu 12.04 LTS	Product(s):
Definition Synopsis
Ubuntu 12.04 LTS (precise) is installed. AND Package Information The 'firefox' package in precise was vulnerable but has been fixed (note: '12.0+build1-0ubuntu0.12.04.1'). OR The 'thunderbird' package in precise was vulnerable but has been fixed (note: '12.0.1+build1-0ubuntu0.12.04.1').