Oval Definition:	oval:org.mitre.oval:tst:121233
Comment: Mozilla Firefox ESR version is less than 17.0.5 and greater than or equal to 17.x Type: file_test Namespace: windows Check_Existence: at_least_one_exists Check: all State Operator: AND References Object: oval:org.mitre.oval:obj:30347 State: oval:org.mitre.oval:ste:33095 State: oval:org.mitre.oval:ste:33393 Referencing Definitions Definition ID Class Title Last Modified oval:org.mitre.oval:def:17062 V Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation. 2014-10-06 oval:org.mitre.oval:def:17155 V Buffer overflow in the Mozilla Maintenance Service in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, and Thunderbird ESR 17.x before 17.0.5 on Windows allows local users to gain privileges via crafted arguments. 2014-10-06
BACK