Oval Definition:oval:org.mitre.oval:tst:30390
Comment:mozilla-nss is earlier than 37:1.4.2-3.0.2
Type:rpminfo_testNamespace:linux
Check_Existence:at_least_one_existsCheck:at least one
State Operator:AND
References
Object:oval:org.mitre.oval:obj:14069
State:oval:org.mitre.oval:ste:9634
Referencing Definitions
Definition IDClassTitleLast Modified
oval:org.mitre.oval:def:9826
V
Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
2013-04-29
oval:org.mitre.oval:def:10838
V
Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events.
2013-04-29
oval:org.mitre.oval:def:11462
V
Multiple vulnerabilities in multiple vendor implementations of the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an S/MIME email message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite.
2013-04-29
BACK