OVAL Reference oval:org.opensuse.security:def:20090356

Oval Definition:

oval:org.opensuse.security:def:20090356

Revision Date:	2022-06-30	Version:	1
Title:	CVE-2009-0356
Description:	Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the (1) about:plugins and (2) about:config URIs from .desktop files, which allows user-assisted remote attackers to bypass the Same Origin Policy and execute arbitrary code with chrome privileges via vectors involving the URL field in a Desktop Entry section of a .desktop file, related to representation of about: URIs as jar:file:// URIs. NOTE: this issue exists because of an incomplete fix for CVE-2008-4582.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2009-0356 Mitre CVE-2009-0356 SUSE CVE-2009-0356 SUSE-SA:2009:009 SUSE-SA:2009:009
Platform(s):	openSUSE 11.0 openSUSE 11.1 openSUSE Tumbleweed SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Manager Proxy 4.0 SUSE Manager Retail Branch Server 4.0 SUSE Manager Server 4.0	Product(s):
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information MozillaFirefox-17.0.4esr-0.10 is installed OR MozillaFirefox-translations-17.0.4esr-0.10 is installed
Definition Synopsis
suse110 is installed AND Package Information MozillaFirefox-translations less than 3.0.6-0.1 OR MozillaFirefox less than 3.0.6-0.1 OR mozilla-xulrunner190-32bit less than 1.9.0.6-0.1 OR mozilla-xulrunner190-64bit less than 1.9.0.6-0.1 OR mozilla-xulrunner190-devel less than 1.9.0.6-0.1 OR mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.6-0.1 OR mozilla-xulrunner190-gnomevfs-64bit less than 1.9.0.6-0.1 OR mozilla-xulrunner190-gnomevfs less than 1.9.0.6-0.1 OR mozilla-xulrunner190-translations-32bit less than 1.9.0.6-0.1 OR mozilla-xulrunner190-translations-64bit less than 1.9.0.6-0.1 OR mozilla-xulrunner190-translations less than 1.9.0.6-0.1 OR mozilla-xulrunner190 less than 1.9.0.6-0.1
Definition Synopsis
suse111 is installed AND Package Information MozillaFirefox-branding-upstream less than 3.0.6-0.1.2 OR MozillaFirefox-translations less than 3.0.6-0.1.2 OR MozillaFirefox less than 3.0.6-0.1.2 OR mozilla-xulrunner190-32bit less than 1.9.0.6-0.1.1 OR mozilla-xulrunner190-devel less than 1.9.0.6-0.1.1 OR mozilla-xulrunner190-gnomevfs-32bit less than 1.9.0.6-0.1.1 OR mozilla-xulrunner190-gnomevfs less than 1.9.0.6-0.1.1 OR mozilla-xulrunner190-translations-32bit less than 1.9.0.6-0.1.1 OR mozilla-xulrunner190-translations less than 1.9.0.6-0.1.1 OR mozilla-xulrunner190 less than 1.9.0.6-0.1.1 OR python-xpcom190 less than 1.9.0.6-0.1.1
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND MozillaFirefox-10.0-0.3.2 is installed OR MozillaFirefox-translations-10.0-0.3.2 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3 is installed AND MozillaFirefox-17.0.4esr-0.10.42 is installed OR MozillaFirefox-translations-17.0.4esr-0.10.42 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND MozillaFirefox-31.7.0esr-0.8.1 is installed OR MozillaFirefox-translations-31.7.0esr-0.8.1 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND MozillaFirefox-devel-31.7.0esr-0.8.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND MozillaFirefox-10.0-0.3.2 is installed OR MozillaFirefox-translations-10.0-0.3.2 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3 is installed AND MozillaFirefox-17.0.4esr-0.10.42 is installed OR MozillaFirefox-translations-17.0.4esr-0.10.42 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND MozillaFirefox-31.7.0esr-0.8.1 is installed OR MozillaFirefox-translations-31.7.0esr-0.8.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND MozillaFirefox-17.0.4esr-0.10.42 is installed OR MozillaFirefox-translations-17.0.4esr-0.10.42 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND MozillaFirefox-31.7.0esr-0.8.1 is installed OR MozillaFirefox-translations-31.7.0esr-0.8.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND MozillaFirefox-devel-31.7.0esr-0.8 is installed OR Package Information SUSE Linux Enterprise Server 11 SP1 is installed AND MozillaFirefox-3.5.9-0.1 is installed OR MozillaFirefox-translations-3.5.9-0.1 is installed OR mozilla-xulrunner190-1.9.0.19-0.1 is installed OR mozilla-xulrunner190-32bit-1.9.0.19-0.1 is installed OR mozilla-xulrunner190-gnomevfs-1.9.0.19-0.1 is installed OR mozilla-xulrunner190-translations-1.9.0.19-0.1 is installed OR mozilla-xulrunner190-x86-1.9.0.19-0.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP2 is installed AND MozillaFirefox-10.0-0.3 is installed OR MozillaFirefox-translations-10.0-0.3 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3 is installed AND MozillaFirefox-17.0.4esr-0.10 is installed OR MozillaFirefox-translations-17.0.4esr-0.10 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND MozillaFirefox-31.7.0esr-0.8 is installed OR MozillaFirefox-translations-31.7.0esr-0.8 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP1 is installed AND MozillaFirefox-3.5.9-0.1.1 is installed OR MozillaFirefox-translations-3.5.9-0.1.1 is installed OR mozilla-xulrunner190-1.9.0.19-0.1.1 is installed OR mozilla-xulrunner190-32bit-1.9.0.19-0.1.1 is installed OR mozilla-xulrunner190-gnomevfs-1.9.0.19-0.1.1 is installed OR mozilla-xulrunner190-translations-1.9.0.19-0.1.1 is installed OR mozilla-xulrunner190-x86-1.9.0.19-0.1.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP2 is installed AND MozillaFirefox-10.0-0.3.2 is installed OR MozillaFirefox-translations-10.0-0.3.2 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND MozillaFirefox-31.7.0esr-0.8.1 is installed OR MozillaFirefox-translations-31.7.0esr-0.8.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3 is installed AND MozillaFirefox-17.0.4esr-0.10.42 is installed OR MozillaFirefox-translations-17.0.4esr-0.10.42 is installed
Definition Synopsis
openSUSE Tumbleweed is installed AND Package Information MozillaFirefox-92.0-1.2 is installed OR MozillaFirefox-branding-upstream-92.0-1.2 is installed OR MozillaFirefox-devel-92.0-1.2 is installed OR MozillaFirefox-translations-common-92.0-1.2 is installed OR MozillaFirefox-translations-other-92.0-1.2 is installed
Definition Synopsis
Release Information SUSE CaaS Platform 4.0 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed AND Package Information MozillaFirefox is affected OR MozillaFirefox-devel is affected OR MozillaFirefox-translations-common is affected OR MozillaFirefox-translations-other is affected
Definition Synopsis
Release Information SUSE Manager Proxy 4.0 is installed OR SUSE Manager Retail Branch Server 4.0 is installed OR SUSE Manager Server 4.0 is installed AND MozillaFirefox is affected OR Package Information SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed AND MozillaFirefox is affected OR MozillaFirefox-devel is affected OR MozillaFirefox-translations-common is affected OR MozillaFirefox-translations-other is affected
Definition Synopsis
Release Information SUSE Enterprise Storage 6 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed AND Package Information MozillaFirefox is affected OR MozillaFirefox-devel is affected OR MozillaFirefox-translations-common is affected OR MozillaFirefox-translations-other is affected

BACK