Oval Definition:oval:org.mitre.oval:def:22193
Revision Date:2014-02-24Version:74
Title:RHSA-2011:1341: firefox security update (Critical)
Description:Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2011:1341
CVE-2011-2372
CVE-2011-2995
CVE-2011-2998
CVE-2011-2999
CVE-2011-3000
RHSA-2011:1341-01
Platform(s):CentOS Linux 5
CentOS Linux 6
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product(s):firefox
xulrunner
Definition Synopsis
  • Operation system section
  • Redhat 5 or Centos 5 release
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • AND Packages section
  • xulrunner-devel is earlier than 0:1.9.2.23-1.el5_7
  • OR xulrunner is earlier than 0:1.9.2.23-1.el5_7
  • OR firefox is earlier than 0:3.6.23-2.el5_7
  • Operation system section
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • AND Packages section
  • firefox is earlier than 0:3.6.23-2.el6_1
  • OR xulrunner-devel is earlier than 0:1.9.2.23-1.el6_1.1
  • OR xulrunner is earlier than 0:1.9.2.23-1.el6_1.1
    • BACK