Oval Definition:oval:org.mitre.oval:def:14473
Revision Date:2014-10-06Version:26
Title:Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugin and received a 307 redirect to a page on a different web site.
Description:Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugin and received a 307 redirect to a page on a different web site.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2011-0059
Platform(s):Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Mozilla Firefox
Mozilla Seamonkey
Definition Synopsis
  • Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.11 and is greater than or equal to 2.0.1
  • Mozilla Seamonkey is installed
  • AND Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.11
  • AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0.1
  • OR Determine if the version of Mozilla Firefox is less than or equal to 1.5.8 and is greater than or equal to 1.0
  • Mozilla Firefox Mainline release is installed
  • AND Mozilla Firefox Mainline version is less than or equal to 1.5.8
  • AND Check for vulnerable version
  • Mozilla Firefox Mainline version is greater than or equal to 1.0
  • OR Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 and is greater than or equal to 1.0
  • Mozilla Seamonkey is installed
  • AND Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10
  • AND Determine if the version of Mozilla Seamonkey is greater than or equal to 1.0
  • OR Determine if the version of Mozilla Firefox is less than or equal to 2.0.0.20 and is greater than or equal to 2.0.0.1
  • Mozilla Firefox Mainline release is installed
  • AND Check for vulnerable version
  • Mozilla Firefox Mainline version is less than or equal to 2.0.0.20
  • AND Check for vulnerable version
  • Mozilla Firefox Mainline version is greater than or equal to 2.0.0.1
  • OR Determine if the version of Mozilla Firefox is less than or equal to 3.6.13 and is greater than or equal to 3.0
  • Mozilla Firefox Mainline release is installed
  • AND Mozilla Firefox Mainline version is less than or equal to 3.6.13
  • AND Mozilla Firefox Mainline version is greater than or equal to 3.0
    • BACK