Oval Definition:oval:org.mitre.oval:def:14304
Revision Date:2014-10-06Version:34
Title:Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a (1) web page or (2) Firefox extension, related to improper enforcement of XPConnect security restrictions for frame scripts that call untrusted objects.
Description:Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a (1) web page or (2) Firefox extension, related to improper enforcement of XPConnect security restrictions for frame scripts that call untrusted objects.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2012-0446
Platform(s):Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Definition Synopsis
  • Determine if the version of Mozilla Firefox is equal to 4.0
  • Mozilla Firefox Mainline release is installed
  • AND Check for vulnerable version
  • Mozilla Firefox Mainline version is equal to 4.0
  • OR Determine if the version of Mozilla Firefox is equal to 6.0
  • Mozilla Firefox Mainline release is installed
  • AND Check for vulnerable version
  • Mozilla Firefox Mainline version is equal to 6.0
  • OR Determine if the version of Mozilla Firefox is equal to 7.0
  • Mozilla Firefox Mainline release is installed
  • AND Mozilla Firefox Mainline version is equal to 7.0
  • OR Determine if the version of Mozilla Firefox is equal to 5.0
  • Mozilla Firefox Mainline release is installed
  • AND Check for vulnerable version
  • Mozilla Firefox Mainline version is equal to 5.0
  • OR Determine if the version of Mozilla Firefox is equal to 8.0
  • Mozilla Firefox Mainline release is installed
  • AND Mozilla Firefox Mainline version is equal to 8.0
  • OR Determine if the version of Mozilla Firefox is equal to 9.0
  • Mozilla Firefox Mainline release is installed
  • AND Mozilla Firefox Mainline version is equal to 9.0
  • OR Determine if the version of Mozilla Thunderbird is equal to 5.0
  • Mozilla Thunderbird Mainline release is installed
  • AND Determine if the version of Mozilla Thunderbird is equal to 5.0
  • OR Determine if the version of Mozilla Thunderbird is less than or equal to 6.0.2 and is greater than or equal to 6.0.1
  • Mozilla Thunderbird Mainline release is installed
  • AND Determine if the version of Mozilla Thunderbird is less than or equal to 6.0.2
  • AND Determine if the version of Mozilla Thunderbird is greater than or equal to 6.0
  • OR Determine if the version of Mozilla Thunderbird is equal to 7.0
  • Mozilla Thunderbird Mainline release is installed
  • AND Determine if the version of Mozilla Thunderbird is equal to 7.0
  • OR Determine if the version of Mozilla Thunderbird is equal to 8.0
  • Mozilla Thunderbird Mainline release is installed
  • AND Determine if the version of Mozilla Thunderbird is equal to 8.0
  • OR Determine if the version of Mozilla Thunderbird is equal to 9.0
  • Mozilla Thunderbird Mainline release is installed
  • AND Determine if the version of Mozilla Thunderbird is equal to 9.0
  • OR Determine if the version of Mozilla Seamonkey is less than or equal to 2.7 and is greater than or equal to 2.0.1
  • Mozilla Seamonkey is installed
  • AND Determine if the version of Mozilla Seamonkey is less than or equal to 2.7
  • AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0.1
  • OR Determine if the version of Mozilla Seamonkey is less than or equal to 1.1.19 and is greater than or equal to 1.0.1
  • Mozilla Seamonkey is installed
  • AND Determine if the version of Mozilla Seamonkey is less than or equal to 1.1.19
  • AND Determine if the version of Mozilla Seamonkey is greater than or equal to 1.0.1
    • BACK