OVAL Reference oval:org.mitre.oval:def:23099

Oval Definition:

oval:org.mitre.oval:def:23099

Revision Date:	2014-05-26	Version:	13
Title:	ELSA-2012:1361: xulrunner security update (Critical)
Description:	Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same Origin Policy and read the properties of a Location object, or execute arbitrary JavaScript code, via a crafted web site.
Family:	unix	Class:	patch
Status:	ACCEPTED	Reference(s):	CVE-2012-4193 ELSA-2012:1361-01
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	xulrunner
Definition Synopsis
rpm test Oracle Linux 5.x AND rpm test xulrunner-devel is earlier than 0:10.0.8-2.el5_8 OR xulrunner is earlier than 0:10.0.8-2.el5_8 OR rpm test Oracle Linux 6.x AND rpm test xulrunner-devel is earlier than 0:10.0.8-2.el6_3 OR xulrunner is earlier than 0:10.0.8-2.el6_3