OVAL Reference oval:org.mitre.oval:def:12939

Oval Definition:

oval:org.mitre.oval:def:12939

Revision Date:	2014-06-30	Version:	20
Title:	USN-920-1 -- firefox-3.0, xulrunner-1.9 vulnerabilities
Description:	Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discovered flaws in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that Firefox could be made to access previously freed memory. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Paul Stone discovered that Firefox could be made to change a mouse click into a drag and drop event. If the user could be tricked into performing this action twice on a crafted website, an attacker could execute arbitrary JavaScript with chrome privileges. It was discovered that the XMLHttpRequestSpy module as used by the Firebug add-on could be used to escalate privileges within the browser. If the user had the Firebug add-on installed and were tricked into viewing a malicious website, an attacker could potentially run arbitrary JavaScript
Family:	unix	Class:	patch
Status:	ACCEPTED	Reference(s):	CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-0178 CVE-2010-0179 USN-920-1 USN-920-1
Platform(s):	Ubuntu 8.04 Ubuntu 8.10 Ubuntu 9.04	Product(s):	firefox-3.0 xulrunner-1.9
Definition Synopsis
Release section Ubuntu 8.10 is installed AND Architecture section Architecture independet section Installed architecture is all AND Packages section abrowser DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-granparadiso-dev DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-granparadiso-dom-inspector DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-gnome-support DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-dev DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-granparadiso DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-trunk-gnome-support DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-trunk-dom-inspector DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR xulrunner-1.9-venkman DPKG is earlier than 1.9.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-granparadiso-gnome-support DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-trunk-venkman DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-3.0-dom-inspector DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR xulrunner-1.9-dom-inspector DPKG is earlier than 1.9.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-trunk DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-3.0-venkman DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-libthai DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-trunk-dev DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-dom-inspector DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR Architecture depended section Supported architectures section Installed architecture is amd64 OR Installed architecture is i386 OR Installed architecture is powerpc OR Installed architecture is sparc OR Installed architecture is lpia AND Packages section firefox-3.0 DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR xulrunner-1.9-dev DPKG is earlier than 1.9.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-3.0-branding DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR xulrunner-1.9-gnome-support DPKG is earlier than 1.9.0.19+nobinonly-0ubuntu0.8.10.1 OR xulrunner-1.9 DPKG is earlier than 1.9.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-3.0-gnome-support DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR abrowser-3.0-branding DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR firefox-3.0-dev DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.10.1 OR xulrunner-dev DPKG is earlier than 1.9.0.19+nobinonly-0ubuntu0.8.10.1 OR Release section Ubuntu 8.04 is installed AND Architecture section Architecture independet section Installed architecture is all AND Packages section firefox-trunk DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR firefox DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR firefox-granparadiso-dev DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR firefox-granparadiso-dom-inspector DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR firefox-gnome-support DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR firefox-dev DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR firefox-granparadiso DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR firefox-trunk-gnome-support DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR firefox-trunk-dom-inspector DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR xulrunner-1.9-venkman DPKG is earlier than 1.9.0.19+nobinonly-0ubuntu0.8.04.1 OR firefox-granparadiso-gnome-support DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR firefox-trunk-venkman DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR firefox-3.0-dom-inspector DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR xulrunner-1.9-dom-inspector DPKG is earlier than 1.9.0.19+nobinonly-0ubuntu0.8.04.1 OR firefox-3.0-venkman DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR firefox-libthai DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR firefox-trunk-dev DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR firefox-dom-inspector DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR Architecture depended section Supported architectures section Installed architecture is powerpc OR Installed architecture is amd64 OR Installed architecture is lpia OR Installed architecture is i386 AND Packages section firefox-3.0 DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR xulrunner-1.9-dev DPKG is earlier than 1.9.0.19+nobinonly-0ubuntu0.8.04.1 OR xulrunner-1.9-gnome-support DPKG is earlier than 1.9.0.19+nobinonly-0ubuntu0.8.04.1 OR xulrunner-1.9 DPKG is earlier than 1.9.0.19+nobinonly-0ubuntu0.8.04.1 OR firefox-3.0-gnome-support DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR firefox-3.0-dev DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.8.04.1 OR Release section Ubuntu 9.04 is installed AND Architecture section Architecture independet section Installed architecture is all AND Packages section abrowser DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-granparadiso-dev DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-granparadiso-dom-inspector DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-gnome-support DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-dev DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-granparadiso DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-trunk-gnome-support DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-trunk-dom-inspector DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR xulrunner-1.9-venkman DPKG is earlier than 1.9.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-granparadiso-gnome-support DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-trunk-venkman DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-3.0-dom-inspector DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR xulrunner-1.9-dom-inspector DPKG is earlier than 1.9.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-trunk DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-3.0-venkman DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-libthai DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-trunk-dev DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-dom-inspector DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR Architecture depended section Supported architectures section Installed architecture is amd64 OR Installed architecture is i386 OR Installed architecture is powerpc OR Installed architecture is sparc OR Installed architecture is lpia AND Packages section firefox-3.0 DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR xulrunner-1.9-dev DPKG is earlier than 1.9.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-3.0-branding DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR xulrunner-1.9-gnome-support DPKG is earlier than 1.9.0.19+nobinonly-0ubuntu0.9.04.1 OR xulrunner-1.9 DPKG is earlier than 1.9.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-3.0-gnome-support DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR abrowser-3.0-branding DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR firefox-3.0-dev DPKG is earlier than 3.0.19+nobinonly-0ubuntu0.9.04.1 OR xulrunner-dev DPKG is earlier than 1.9.0.19+nobinonly-0ubuntu0.9.04.1

BACK