Oval Definition:oval:org.mitre.oval:def:29230
Revision Date:2015-08-17Version:4
Title:RHSA-2009:1530 -- firefox security update (Critical)
Description:Updated firefox packages that fix several security issues are now availablefor Red Hat Enterprise Linux 4 and 5.This update has been rated as having critical security impact by the RedHat Security Response Team.Mozilla Firefox is an open source Web browser. XULRunner provides the XULRuntime environment for Mozilla Firefox. nspr provides the NetscapePortable Runtime (NSPR).A flaw was found in the way Firefox handles form history. A malicious webpage could steal saved form data by synthesizing input events, causing thebrowser to auto-fill form fields (which could then be read by an attacker).(CVE-2009-3370)
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-0689
CVE-2009-1563
CVE-2009-3274
CVE-2009-3370
CVE-2009-3372
CVE-2009-3373
CVE-2009-3374
CVE-2009-3375
CVE-2009-3376
CVE-2009-3380
CVE-2009-3382
CVE-2009-3384
RHSA-2009:1530
Platform(s):Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Product(s):firefox
nspr
xulrunner
Definition Synopsis
  • Red Hat Enterprise Linux 5 release section
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • AND Packages match section
  • nspr-devel is earlier than 0:4.7.6-1.el5_4
  • OR xulrunner-devel is earlier than 0:1.9.0.15-3.el5_4
  • OR xulrunner-devel-unstable is earlier than 0:1.9.0.15-3.el5_4
  • OR firefox is earlier than 0:3.0.15-3.el5_4
  • OR nspr is earlier than 0:4.7.6-1.el5_4
  • OR xulrunner is earlier than 0:1.9.0.15-3.el5_4
  • Red Hat Enterprise Linux 4 release section
  • The operating system installed on the system is Red Hat Enterprise Linux 4
  • AND Packages match section
  • firefox is earlier than 0:3.0.15-3.el4
  • OR nspr is earlier than 0:4.7.6-1.el4_8
  • OR nspr-devel is earlier than 0:4.7.6-1.el4_8
    • BACK