Oval Definition:oval:org.mitre.oval:def:13364
Revision Date:2014-07-07Version:19
Title:USN-764-1 -- firefox-3.0, xulrunner-1.9 vulnerabilities
Description:Several flaws were discovered in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that Firefox displayed certain Unicode characters which could be visually confused with punctuation in valid web addresses in the location bar. An attacker could exploit this to spoof the location bar, such as in a phishing attack. Several flaws were discovered in the way Firefox processed malformed URI schemes. If a user were tricked into viewing a malicious website, a remote attacker could execute arbitrary JavaScript or steal private data. Cefn Hoile discovered Firefox did not adequately protect against embedded third-party stylesheets. An attacker could exploit this to perform script injection attacks using XBL bindings. Paolo Amadini discovered that Firefox would submit POST data when reloading an inner frame of a web page. If a user were tricked into viewing a malicious website, a remote attacker could steal private data
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-0652
CVE-2009-1302
CVE-2009-1303
CVE-2009-1304
CVE-2009-1305
CVE-2009-1306
CVE-2009-1307
CVE-2009-1308
CVE-2009-1309
CVE-2009-1310
CVE-2009-1311
CVE-2009-1312
USN-764-1
USN-764-1
Platform(s):Ubuntu 8.04
Ubuntu 8.10
Ubuntu 9.04
Product(s):firefox-3.0
xulrunner-1.9
Definition Synopsis
  • Release section
  • Ubuntu 8.10 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • abrowser DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-granparadiso-dev DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-granparadiso-dom-inspector DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-gnome-support DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-dev DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-granparadiso DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-trunk-gnome-support DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-trunk-dom-inspector DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR xulrunner-1.9-venkman DPKG is earlier than 1.9.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-granparadiso-gnome-support DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-trunk-venkman DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-3.0-dom-inspector DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR xulrunner-1.9-dom-inspector DPKG is earlier than 1.9.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-trunk DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-3.0-venkman DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-libthai DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-trunk-dev DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-dom-inspector DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is lpia
  • AND Packages section
  • firefox-3.0 DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR xulrunner-1.9-dev DPKG is earlier than 1.9.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-3.0-branding DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR xulrunner-1.9-gnome-support DPKG is earlier than 1.9.0.9+nobinonly-0ubuntu0.8.10.1
  • OR xulrunner-1.9 DPKG is earlier than 1.9.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-3.0-gnome-support DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR abrowser-3.0-branding DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR firefox-3.0-dev DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.10.1
  • OR xulrunner-dev DPKG is earlier than 1.9.0.9+nobinonly-0ubuntu0.8.10.1
  • OR Release section
  • Ubuntu 8.04 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • firefox-trunk DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR firefox DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR firefox-granparadiso-dev DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR firefox-granparadiso-dom-inspector DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR firefox-gnome-support DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR firefox-dev DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR firefox-granparadiso DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR firefox-trunk-gnome-support DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR firefox-trunk-dom-inspector DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR xulrunner-1.9-venkman DPKG is earlier than 1.9.0.9+nobinonly-0ubuntu0.8.04.1
  • OR firefox-granparadiso-gnome-support DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR firefox-trunk-venkman DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR firefox-3.0-dom-inspector DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR xulrunner-1.9-dom-inspector DPKG is earlier than 1.9.0.9+nobinonly-0ubuntu0.8.04.1
  • OR firefox-3.0-venkman DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR firefox-libthai DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR firefox-trunk-dev DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR firefox-dom-inspector DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is powerpc
  • OR Installed architecture is amd64
  • OR Installed architecture is lpia
  • OR Installed architecture is i386
  • AND Packages section
  • firefox-3.0 DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR xulrunner-1.9-dev DPKG is earlier than 1.9.0.9+nobinonly-0ubuntu0.8.04.1
  • OR xulrunner-1.9-gnome-support DPKG is earlier than 1.9.0.9+nobinonly-0ubuntu0.8.04.1
  • OR xulrunner-1.9 DPKG is earlier than 1.9.0.9+nobinonly-0ubuntu0.8.04.1
  • OR firefox-3.0-gnome-support DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR firefox-3.0-dev DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.8.04.1
  • OR Release section
  • Ubuntu 9.04 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • abrowser DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-granparadiso-dev DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-granparadiso-dom-inspector DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-gnome-support DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-dev DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-granparadiso DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-trunk-gnome-support DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-trunk-dom-inspector DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR xulrunner-1.9-venkman DPKG is earlier than 1.9.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-granparadiso-gnome-support DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-trunk-venkman DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-3.0-dom-inspector DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR xulrunner-1.9-dom-inspector DPKG is earlier than 1.9.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-trunk DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-3.0-venkman DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-libthai DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-trunk-dev DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-dom-inspector DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is lpia
  • AND Packages section
  • firefox-3.0 DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR xulrunner-1.9-dev DPKG is earlier than 1.9.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-3.0-branding DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR xulrunner-1.9-gnome-support DPKG is earlier than 1.9.0.9+nobinonly-0ubuntu0.9.04.1
  • OR xulrunner-1.9 DPKG is earlier than 1.9.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-3.0-gnome-support DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR abrowser-3.0-branding DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR firefox-3.0-dev DPKG is earlier than 3.0.9+nobinonly-0ubuntu0.9.04.1
  • OR xulrunner-dev DPKG is earlier than 1.9.0.9+nobinonly-0ubuntu0.9.04.1
    • BACK