Oval Definition:	oval:org.mitre.oval:def:22767
Revision Date: 2014-05-26 Version: 37 Title: ELSA-2010:0332: firefox security update (Critical) Description: Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-0178 CVE-2010-0179 ELSA-2010:0332-01 Platform(s): Oracle Linux 5 Product(s): firefox xulrunner Definition Synopsis Oracle Linux 5.x AND rpm test xulrunner-devel-unstable is earlier than 0:1.9.0.19-1.el5_5 OR xulrunner is earlier than 0:1.9.0.19-1.el5_5 OR xulrunner-devel is earlier than 0:1.9.0.19-1.el5_5 OR firefox is earlier than 0:3.0.19-1.el5_5
BACK