Oval Definition:	oval:org.mitre.oval:def:23937
Revision Date: 2014-05-26 Version: 81 Title: ELSA-2012:1088: firefox security update (Critical) Description: Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper privileges via a javascript: URL. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2012-1948 CVE-2012-1950 CVE-2012-1951 CVE-2012-1952 CVE-2012-1953 CVE-2012-1954 CVE-2012-1955 CVE-2012-1957 CVE-2012-1958 CVE-2012-1959 CVE-2012-1961 CVE-2012-1962 CVE-2012-1963 CVE-2012-1964 CVE-2012-1965 CVE-2012-1966 CVE-2012-1967 ELSA-2012:1088-01 Platform(s): Oracle Linux 5 Oracle Linux 6 Product(s): firefox xulrunner Definition Synopsis rpm test Oracle Linux 5.x AND rpm test xulrunner-devel is earlier than 0:10.0.6-2.el5_8 OR xulrunner is earlier than 0:10.0.6-2.el5_8 OR firefox is earlier than 0:10.0.6-1.el5_8 OR rpm test Oracle Linux 6.x AND rpm test xulrunner-devel is earlier than 0:10.0.6-1.el6_3 OR xulrunner is earlier than 0:10.0.6-1.el6_3 OR firefox is earlier than 0:10.0.6-1.el6_3
BACK