Oval Definition:oval:org.mitre.oval:def:22437
Revision Date:2014-05-26Version:56
Title:ELSA-2008:0103: firefox security update (Critical)
Description:Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2008-0412
CVE-2008-0413
CVE-2008-0415
CVE-2008-0416
CVE-2008-0417
CVE-2008-0418
CVE-2008-0419
CVE-2008-0420
CVE-2008-0591
CVE-2008-0592
CVE-2008-0593
ELSA-2008:0103-01
Platform(s):Oracle Linux 5
Product(s):firefox
Definition Synopsis
  • Oracle Linux 5.x
  • AND rpm test
  • firefox-devel is earlier than 0:1.5.0.12-9.el5
  • OR firefox is earlier than 0:1.5.0.12-9.el5
  • BACK