OVAL Reference oval:com.ubuntu.precise:def:20131697000

Oval Definition:

oval:com.ubuntu.precise:def:20131697000

Revision Date:	2013-06-25	Version:	1
Title:	CVE-2013-1697 on Ubuntu 12.04 LTS (precise) - medium.
Description:	The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2013-1697
Platform(s):	Ubuntu 12.04 LTS	Product(s):
Definition Synopsis
Ubuntu 12.04 LTS (precise) is installed. AND Package Information The 'firefox' package in precise was vulnerable but has been fixed (note: '22.0+build1-0ubuntu0.12.04.1'). OR The 'thunderbird' package in precise was vulnerable but has been fixed (note: '17.0.7+build1-0ubuntu0.12.04.1').