Oval Definition:oval:org.mitre.oval:def:22773
Revision Date:2014-05-26Version:41
Title:ELSA-2009:0256: firefox security update (Critical)
Description:Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the (a) back button or (b) history list of the victim's browser, as demonstrated by reading the response page of an https POST request.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-0352
CVE-2009-0353
CVE-2009-0354
CVE-2009-0355
CVE-2009-0356
CVE-2009-0357
CVE-2009-0358
ELSA-2009:0256-01
Platform(s):Oracle Linux 5
Product(s):firefox
nss
xulrunner
Definition Synopsis
  • Oracle Linux 5.x
  • AND rpm test
  • xulrunner-devel-unstable is earlier than 0:1.9.0.6-1.el5
  • OR xulrunner is earlier than 0:1.9.0.6-1.el5
  • OR xulrunner-devel is earlier than 0:1.9.0.6-1.el5
  • OR firefox is earlier than 0:3.0.6-1.el5
  • OR nss is earlier than 0:3.12.2.0-4.el5
  • OR nss-tools is earlier than 0:3.12.2.0-4.el5
  • OR nss-devel is earlier than 0:3.12.2.0-4.el5
  • OR nss-pkcs11-devel is earlier than 0:3.12.2.0-4.el5
  • BACK