Oval Definition:	oval:org.mitre.oval:def:22144
Revision Date: 2014-02-24 Version: 82 Title: RHSA-2010:0332: firefox security update (Critical) Description: Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-0178 CVE-2010-0179 RHSA-2010:0332-01 Platform(s): Red Hat Enterprise Linux 5 Product(s): firefox xulrunner Definition Synopsis The operating system installed on the system is Red Hat Enterprise Linux 5 AND Packages section xulrunner-devel-unstable is earlier than 0:1.9.0.19-1.el5_5 OR xulrunner is earlier than 0:1.9.0.19-1.el5_5 OR xulrunner-devel is earlier than 0:1.9.0.19-1.el5_5 OR firefox is earlier than 0:3.0.19-1.el5_5
BACK