Oval Definition:	oval:org.mitre.oval:def:24118
Revision Date: 2014-05-26 Version: 45 Title: ELSA-2013:1476: firefox security update (Critical) Description: The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2013-5590 CVE-2013-5595 CVE-2013-5597 CVE-2013-5599 CVE-2013-5600 CVE-2013-5601 CVE-2013-5602 CVE-2013-5604 ELSA-2013:1476-00 Platform(s): Oracle Linux 5 Oracle Linux 6 Product(s): firefox xulrunner Definition Synopsis rpm test Oracle Linux 6.x AND rpm test xulrunner is earlier than 0:17.0.10-1.el6_4 OR xulrunner-devel is earlier than 0:17.0.10-1.el6_4 OR firefox is earlier than 0:17.0.10-1.el6_4 OR rpm test Oracle Linux 5.x AND rpm test xulrunner is earlier than 0:17.0.10-1.el5_10 OR xulrunner-devel is earlier than 0:17.0.10-1.el5_10 OR firefox is earlier than 0:17.0.10-1.el5_10
BACK