Oval Definition:	oval:org.mitre.oval:def:23500
Revision Date: 2014-05-26 Version: 33 Title: ELSA-2011:1341: firefox security update (Critical) Description: Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2011-2372 CVE-2011-2995 CVE-2011-2998 CVE-2011-2999 CVE-2011-3000 ELSA-2011:1341-01 Platform(s): Oracle Linux 5 Oracle Linux 6 Product(s): firefox xulrunner Definition Synopsis rpm test Oracle Linux 5.x AND rpm test xulrunner-devel is earlier than 0:1.9.2.23-1.el5_7 OR xulrunner is earlier than 0:1.9.2.23-1.el5_7 OR firefox is earlier than 0:3.6.23-2.el5_7 OR rpm test Oracle Linux 6.x AND rpm test firefox is earlier than 0:3.6.23-2.el6_1 OR xulrunner-devel is earlier than 0:1.9.2.23-1.el6_1.1 OR xulrunner is earlier than 0:1.9.2.23-1.el6_1.1
BACK