Oval Definition:oval:org.mitre.oval:def:11803
Revision Date:2013-04-29Version:12
Title:The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user's localstore.rdf file.
Description:The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user's localstore.rdf file.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2006-0296
Platform(s):CentOS Linux 3
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Product(s):
Definition Synopsis
  • OS Section: RHEL3, CentOS3
  • RHEL3 or CentOS3
  • The operating system installed on the system is Red Hat Enterprise Linux 3
  • OR CentOS Linux 3.x
  • AND Configuration section
  • mozilla-js-debugger is earlier than 37:1.7.12-1.1.3.4
  • OR mozilla is earlier than 37:1.7.12-1.1.3.4
  • OR mozilla-chat is earlier than 37:1.7.12-1.1.3.4
  • OR mozilla-mail is earlier than 37:1.7.12-1.1.3.4
  • OR mozilla-dom-inspector is earlier than 37:1.7.12-1.1.3.4
  • OR mozilla-devel is earlier than 37:1.7.12-1.1.3.4
  • OR mozilla-nss is earlier than 37:1.7.12-1.1.3.4
  • OR mozilla-nss-devel is earlier than 37:1.7.12-1.1.3.4
  • OR mozilla-nspr is earlier than 37:1.7.12-1.1.3.4
  • OR mozilla-nspr-devel is earlier than 37:1.7.12-1.1.3.4
  • OR OS Section: RHEL4, CentOS4, Oracle Linux 4
  • RHEL4, CentOS4 or Oracle Linux 4
  • The operating system installed on the system is Red Hat Enterprise Linux 4
  • OR CentOS Linux 4.x
  • OR Oracle Linux 4.x
  • AND Configuration section
  • mozilla-js-debugger is earlier than 37:1.7.12-1.4.2
  • OR mozilla is earlier than 37:1.7.12-1.4.2
  • OR thunderbird is earlier than 0:1.0.8-1.4.1
  • OR mozilla-chat is earlier than 37:1.7.12-1.4.2
  • OR mozilla-mail is earlier than 37:1.7.12-1.4.2
  • OR mozilla-dom-inspector is earlier than 37:1.7.12-1.4.2
  • OR mozilla-nss is earlier than 37:1.7.12-1.4.2
  • OR mozilla-devel is earlier than 37:1.7.12-1.4.2
  • OR mozilla-nss-devel is earlier than 37:1.7.12-1.4.2
  • OR firefox is earlier than 0:1.0.7-1.4.3
  • OR mozilla-nspr is earlier than 37:1.7.12-1.4.2
  • OR mozilla-nspr-devel is earlier than 37:1.7.12-1.4.2
    • BACK