OVAL Reference oval:com.ubuntu.precise:def:20131687000

Oval Definition:

oval:com.ubuntu.precise:def:20131687000

Revision Date:	2013-06-25	Version:	1
Title:	CVE-2013-1687 on Ubuntu 12.04 LTS (precise) - medium.
Description:	The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly restrict XBL user-defined functions, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges, or conduct cross-site scripting (XSS) attacks, via a crafted web site.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2013-1687
Platform(s):	Ubuntu 12.04 LTS	Product(s):
Definition Synopsis
Ubuntu 12.04 LTS (precise) is installed. AND Package Information The 'firefox' package in precise was vulnerable but has been fixed (note: '22.0+build1-0ubuntu0.12.04.1'). OR The 'thunderbird' package in precise was vulnerable but has been fixed (note: '17.0.7+build1-0ubuntu0.12.04.1').