Oval Definition:	oval:org.mitre.oval:def:12512
Revision Date: 2014-10-06 Version: 27 Title: SSL spoofing vulnerability using a crafted web site in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13 and SeaMonkey before 2.0.11 Description: The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle (1) about:neterror and (2) about:certerror pages, which allows remote attackers to spoof the location bar via a crafted web site. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2010-3774 Platform(s): Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows XP Product(s): Mozilla Firefox Mozilla SeaMonkey Definition Synopsis Related to Mozilla Firefox Mozilla Firefox Mainline release is installed AND Check for vulnerable version Mozilla Firefox Mainline version is before 3.5.16 OR Mozilla Firefox Mainline version is 3.6.x before 3.6.13 OR Related to Mozilla SeaMonkey Mozilla Seamonkey is installed AND Check if the version of Mozilla Seamonkey is before 2.0.11
BACK