Oval Definition:oval:org.mitre.oval:def:20691
Revision Date:2014-02-17Version:150
Title:RHSA-2013:0981: firefox security update (Critical)
Description:The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2013:0981
CVE-2013-1682
CVE-2013-1684
CVE-2013-1685
CVE-2013-1686
CVE-2013-1687
CVE-2013-1690
CVE-2013-1692
CVE-2013-1693
CVE-2013-1694
CVE-2013-1697
RHSA-2013:0981-00
Platform(s):CentOS Linux 5
CentOS Linux 6
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product(s):firefox
xulrunner
Definition Synopsis
  • Redhat 6 section
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • AND Packages section
  • xulrunner-devel is earlier than 0:17.0.7-1.el6_4
  • OR xulrunner is earlier than 0:17.0.7-1.el6_4
  • OR firefox is earlier than 0:17.0.7-1.el6_4
  • OR Centos 6 section
  • The operating system installed on the system is CentOS Linux 6.x
  • AND Packages section
  • xulrunner-devel is earlier than 0:17.0.7-1.el6.centos
  • OR xulrunner is earlier than 0:17.0.7-1.el6.centos
  • OR firefox is earlier than 0:17.0.7-1.el6.centos
  • OR Redhat 5 and Centos 5 section
  • Redhat 5 or Centos 5 release
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • AND Packages section
  • xulrunner-devel is earlier than 0:17.0.7-1.el5_9
  • OR xulrunner is earlier than 0:17.0.7-1.el5_9
  • OR Centos 5 section
  • The operating system installed on the system is CentOS Linux 5.x
  • AND firefox is earlier than 0:17.0.7-1.el5.centos
  • OR Redhat 5 section
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • AND firefox is earlier than 0:17.0.7-1.el5_9
  • BACK