Oval Definition:oval:org.mitre.oval:def:21341
Revision Date:2014-02-24Version:10
Title:RHSA-2012:1361: xulrunner security update (Critical)
Description:Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same Origin Policy and read the properties of a Location object, or execute arbitrary JavaScript code, via a crafted web site.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2012:1361
CVE-2012-4193
RHSA-2012:1361-01
Platform(s):CentOS Linux 5
CentOS Linux 6
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product(s):xulrunner
Definition Synopsis
  • Operation system section
  • Redhat 5 or Centos 5 release
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • AND Packages section
  • xulrunner-devel is earlier than 0:10.0.8-2.el5_8
  • OR xulrunner is earlier than 0:10.0.8-2.el5_8
  • OR Redhat 6 section
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • AND Packages section
  • xulrunner-devel is earlier than 0:10.0.8-2.el6_3
  • OR xulrunner is earlier than 0:10.0.8-2.el6_3
  • OR Centos 6 section
  • The operating system installed on the system is CentOS Linux 6.x
  • AND Packages section
  • xulrunner-devel is earlier than 0:10.0.8-2.el6.centos
  • OR xulrunner is earlier than 0:10.0.8-2.el6.centos
    • BACK