Oval Definition:oval:org.mitre.oval:def:20604
Revision Date:2014-02-17Version:94
Title:RHSA-2013:1140: firefox security update (Critical)
Description:Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2013:1140
CVE-2013-1701
CVE-2013-1709
CVE-2013-1710
CVE-2013-1713
CVE-2013-1714
CVE-2013-1717
RHSA-2013:1140-01
Platform(s):CentOS Linux 5
CentOS Linux 6
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product(s):firefox
xulrunner
Definition Synopsis
  • Redhat 6 section
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • AND Packages section
  • firefox is earlier than 0:17.0.8-1.el6_4
  • OR xulrunner is earlier than 0:17.0.8-3.el6_4
  • OR xulrunner-devel is earlier than 0:17.0.8-3.el6_4
  • OR Centos 6 section
  • The operating system installed on the system is CentOS Linux 6.x
  • AND Packages section
  • firefox is earlier than 0:17.0.8-1.el6.centos
  • OR xulrunner is earlier than 0:17.0.8-3.el6.centos
  • OR xulrunner-devel is earlier than 0:17.0.8-3.el6.centos
  • OR Redhat 5 and Centos 5 section
  • Redhat 5 or Centos 5 release
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • AND Packages section
  • xulrunner is earlier than 0:17.0.8-3.el5_9
  • OR xulrunner-devel is earlier than 0:17.0.8-3.el5_9
  • OR Centos 5 section
  • The operating system installed on the system is CentOS Linux 5.x
  • AND firefox is earlier than 0:17.0.8-1.el5.centos
  • OR Redhat 5 section
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • AND firefox is earlier than 0:17.0.8-1.el5_9
    • BACK