Oval Definition:
oval:org.mitre.oval:def:6966
Revision Date
:
2014-06-23
Version
:
20
Title
:
DSA-1951 firefox-sage -- insufficient input sanitising
Description
:
It was discovered that firefox-sage, a lightweight RSS and Atom feed reader for Firefox, does not sanitise the RSS feed information correctly, which makes it prone to a cross-site scripting and a cross-domain scripting attack.
Family
:
unix
Class
:
patch
Status
:
ACCEPTED
Reference(s)
:
CVE-2009-4102
DSA-1951
Platform(s)
:
Debian GNU/Linux 4.0
Debian GNU/Linux 5.0
Product(s)
:
firefox-sage
Definition Synopsis
Release section
Debian GNU/Linux 5.0 is installed
AND
Installed architecture is all
AND
firefox-sage is earlier than 1.4.2-0.1+lenny1
OR
Release section
Debian GNU/Linux 4.0 is installed.
AND
Installed architecture is all
AND
firefox-sage is earlier than 1.3.6-4etch1
BACK