Vulnerability CVE-2009-0356

Vulnerability Name:

CVE-2009-0356 (CCN-48462)

Assigned:

2009-02-03

Published:

2009-02-03

Updated:

2023-02-13

Summary:

Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the (1) about:plugins and (2) about:config URIs from .desktop files, which allows user-assisted remote attackers to bypass the Same Origin Policy and execute arbitrary code with chrome privileges via vectors involving the URL field in a Desktop Entry section of a .desktop file, related to representation of about: URIs as jar:file:// URIs.
Note: this issue exists because of an incomplete fix for CVE-2008-4582.

CVSS v3 Severity:

5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
4.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
4.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

5.1 Medium (REDHAT CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
4.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2009-0356

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: RHSA-2009-0256
Critical: firefox security update

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: SA33799
Mozilla Firefox Multiple Vulnerabilities

Source: CCN
Type: SA33808
Mozilla SeaMonkey Multiple Vulnerabilities

Source: CCN
Type: SA33846
Avaya Products Mozilla Firefox Multiple Vulnerabilities

Source: CCN
Type: SECTRACK ID: 1021666
Mozilla Firefox '.desktop' Windows Files May Let Remote Users Execute Arbitrary Code with Chrome Privileges

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: ASA-2009-040
firefox security update (RHSA-2009-0256)

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: MFSA 2008-47
Information stealing via local shortcut files

Source: CCN
Type: MFSA 2009-04
Chrome privilege escalation via local .desktop files

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: CCN
Type: BID-33598
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -01 to -06 Multiple Remote Vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Bugzilla@Mozilla - Bug 460425
(CVE-2009-0356) [FIX].desktop allows remotely loading "about:config" & "about:plugins" with little user interaction

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: XF
Type: UNKNOWN
firefox-desktop-code-execution(48462)

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: SUSE
Type: SUSE-SA:2009:009
MozillaFirefox 3.0.6 security update

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*

AND

cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20090356	V	CVE-2009-0356	2022-06-30
oval:org.opensuse.security:def:42260	P	Security update for yaml-cpp (Moderate)	2022-04-01
oval:org.opensuse.security:def:111899	P	MozillaFirefox-92.0-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:31755	P	Security update for libvirt (Important)	2022-01-10
oval:org.opensuse.security:def:32252	P	Security update for chrony (Moderate)	2021-12-22
oval:org.opensuse.security:def:31321	P	Security update for glib-networking (Important)	2021-12-13
oval:org.opensuse.security:def:31320	P	Security update for MozillaFirefox (Important)	2021-12-12
oval:org.opensuse.security:def:26179	P	Security update for gmp (Moderate)	2021-12-02
oval:org.opensuse.security:def:31300	P	Security update for MozillaFirefox (Important)	2021-11-17
oval:org.opensuse.security:def:31698	P	Security update for transfig (Important)	2021-10-29
oval:org.opensuse.security:def:33034	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:31293	P	Security update for postgresql10 (Important)	2021-10-20
oval:org.opensuse.security:def:32203	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:105476	P	MozillaFirefox-92.0-1.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:31687	P	Security update for sqlite3 (Important)	2021-09-23
oval:org.opensuse.security:def:26135	P	Security update for hivex (Moderate)	2021-09-23
oval:org.opensuse.security:def:26121	P	Security update for ntfs-3g_ntfsprogs (Important)	2021-09-07
oval:org.opensuse.security:def:32995	P	Security update for file (Important)	2021-09-02
oval:org.opensuse.security:def:26115	P	Security update for libesmtp (Important)	2021-09-02
oval:org.opensuse.security:def:32147	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:32140	P	Security update for MozillaFirefox (Important)	2021-07-16
oval:org.opensuse.security:def:26082	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:31212	P	Security update for ovmf (Important)	2021-06-22
oval:org.opensuse.security:def:36071	P	MozillaFirefox-31.7.0esr-0.8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36362	P	MozillaFirefox-devel-31.7.0esr-0.8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42478	P	MozillaFirefox-31.7.0esr-0.8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31630	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:31623	P	Security update for libxml2 (Important)	2021-05-19
oval:org.opensuse.security:def:26046	P	Security update for libxml2 (Moderate)	2021-05-05
oval:org.opensuse.security:def:42065	P	Security update for permissions (Important)	2021-05-04
oval:org.opensuse.security:def:31168	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:32074	P	Security update for MozillaFirefox (Important)	2021-04-27
oval:org.opensuse.security:def:26033	P	Security update for ImageMagick (Moderate)	2021-04-20
oval:org.opensuse.security:def:31748	P	Security update for openssl (Moderate)	2021-03-24
oval:org.opensuse.security:def:31737	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:31350	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:31736	P	Security update for MozillaFirefox (Important)	2021-03-01
oval:org.opensuse.security:def:26197	P	Security update for postgresql13 (Moderate)	2021-02-22
oval:org.opensuse.security:def:26196	P	Security update for ImageMagick (Moderate)	2021-02-19
oval:org.opensuse.security:def:31344	P	Security update for java-1_7_1-ibm (Important)	2021-02-18
oval:org.opensuse.security:def:31332	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:31692	P	Security update for python3 (Important)	2021-02-08
oval:org.opensuse.security:def:31649	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:31201	P	Security update for ImageMagick (Important)	2021-01-22
oval:org.opensuse.security:def:32096	P	Security update for dnsmasq (Important)	2021-01-19
oval:org.opensuse.security:def:25985	P	Security update for gimp (Moderate)	2020-12-29
oval:org.opensuse.security:def:25980	P	Security update for MozillaFirefox (Critical)	2020-12-21
oval:org.opensuse.security:def:31083	P	Security update for python-cryptography (Moderate)	2020-12-04
oval:org.opensuse.security:def:35853	P	MozillaFirefox-17.0.4esr-0.10.42 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42021	P	mozilla-xulrunner190-1.9.0.19-0.1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35515	P	MozillaFirefox-3.5.9-0.1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35614	P	mozilla-xulrunner190-1.9.0.19-0.1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:31082	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:35658	P	MozillaFirefox-10.0-0.3.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41922	P	MozillaFirefox-3.5.9-0.1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25912	P	Security update for zziplib (Moderate)	2020-12-01
oval:org.opensuse.security:def:25824	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:26590	P	libmusicbrainz4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26687	P	e2fsprogs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31493	P	Security update for python	2020-12-01
oval:org.opensuse.security:def:31792	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31902	P	Security update for MozillaFirefox, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:32817	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25209	P	Security update for mutt (Important)	2020-12-01
oval:org.opensuse.security:def:25241	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:25507	P	Security update for git (Moderate)	2020-12-01
oval:org.opensuse.security:def:25795	P	Security update for kernel-source (Important)	2020-12-01
oval:org.opensuse.security:def:25897	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:26658	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25923	P	Security update for util-linux (Moderate)	2020-12-01
oval:org.opensuse.security:def:26629	P	perl-Tk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32441	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:31580	P	Security update for syslog-ng (Moderate)	2020-12-01
oval:org.opensuse.security:def:32035	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32357	P	Security update for squid3 (Important)	2020-12-01
oval:org.opensuse.security:def:25210	P	Security update for unzip (Moderate)	2020-12-01
oval:org.opensuse.security:def:25369	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25591	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:25888	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:30983	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:25987	P	Security update for the Linux Kernel (Critical)	2020-12-01
oval:org.opensuse.security:def:26253	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26541	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26643	P	systemtap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32480	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25221	P	Security update for sysstat (Moderate)	2020-12-01
oval:org.opensuse.security:def:25494	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25742	P	Security update for ceph (Important)	2020-12-01
oval:org.opensuse.security:def:25927	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26817	P	rsync on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30984	P	Security update for icu (Important)	2020-12-01
oval:org.opensuse.security:def:26337	P	Security update for freexl (Low)	2020-12-01
oval:org.opensuse.security:def:31803	P	Security update for amanda (Moderate)	2020-12-01
oval:org.opensuse.security:def:31537	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:31406	P	Security update for perl-PlRPC (Moderate)	2020-12-01
oval:org.opensuse.security:def:31986	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25403	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25285	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:25551	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:25839	P	Security update for gimp (Moderate)	2020-12-01
oval:org.opensuse.security:def:25941	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26852	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30995	P	Security update for jasper (Important)	2020-12-01
oval:org.opensuse.security:def:26488	P	Security update for cacti, cacti-spine (Moderate)	2020-12-01
oval:org.opensuse.security:def:32540	P	krb5-doc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31538	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:31774	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26480	P	Security update for okular (Moderate)	2020-12-01
oval:org.opensuse.security:def:25404	P	Security update for spice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25413	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:25635	P	Security update for tigervnc (Critical)	2020-12-01
oval:org.opensuse.security:def:31069	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31759	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:32579	P	mozilla-xulrunner190 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25066	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:31549	P	Security update for screen (Low)	2020-12-01
oval:org.opensuse.security:def:31847	P	Security update for clamav (Moderate)	2020-12-01
oval:org.opensuse.security:def:31930	P	Security update for glib2 (Important)	2020-12-01
oval:org.opensuse.security:def:32291	P	Security update for postgresql94 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26515	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25415	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:25688	P	Security update for systemd (Important)	2020-12-01
oval:org.opensuse.security:def:25786	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27034	P	stunnel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31437	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31797	P	Recommended update for NetworkManager-kde4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31946	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:25067	P	Security update for libjpeg-turbo (Important)	2020-12-01
oval:org.opensuse.security:def:31904	P	Security update for foomatic-filters (Moderate)	2020-12-01
oval:org.opensuse.security:def:32313	P	Security update for quagga (Important)	2020-12-01
oval:org.opensuse.security:def:25620	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:25479	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:25745	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:27069	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31094	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31392	P	Security update for pam-modules (Moderate)	2020-12-01
oval:org.opensuse.security:def:31593	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:31836	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:32584	P	ntp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25078	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:25351	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31991	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25784	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:26579	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25621	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:25607	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25829	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26299	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26396	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:31126	P	Security update for kvm (Moderate)	2020-12-01
oval:org.opensuse.security:def:31449	P	Security update for postgresql10 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31858	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:32623	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25165	P	Security update for squid (Important)	2020-12-01
oval:org.opensuse.security:def:25142	P	Security update for wget (Important)	2020-12-01
oval:org.opensuse.security:def:25408	P	Security update for sane-backends (Important)	2020-12-01
oval:org.opensuse.security:def:25798	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:26614	P	mozilla-xulrunner190 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25632	P	Security update for aspell (Moderate)	2020-12-01
oval:org.opensuse.security:def:25905	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26338	P	Security update for Chromium (Moderate)	2020-12-01
oval:org.opensuse.security:def:27325	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31127	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:31536	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:31841	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:25166	P	Security update for apache2 (Important)	2020-12-01
oval:org.opensuse.security:def:25270	P	Security update for libxslt (Moderate)	2020-12-01
oval:org.opensuse.security:def:25492	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:25844	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25842	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25911	P	Security update for gstreamer-plugins-base (Low)	2020-12-01
oval:org.opensuse.security:def:25696	P	Security update for sudo (Important)	2020-12-01
oval:org.opensuse.security:def:25962	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:26250	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26352	P	Security update for Mozilla Thunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:27360	P	MozillaFirefox-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31138	P	Security update for lcms	2020-12-01
oval:org.opensuse.security:def:31436	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31880	P	Security update for dhcpcd (Important)	2020-12-01
oval:org.opensuse.security:def:32778	P	pyxml on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25177	P	Security update for mariadb-connector-c (Important)	2020-12-01
oval:org.opensuse.security:def:25450	P	Security update for bluez (Moderate)	2020-12-01
oval:org.opensuse.security:def:25643	P	Security update for hunspell (Low)	2020-12-01
oval:org.opensuse.security:def:25883	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26623	P	pam on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:29045	P	RHSA-2009:0256 -- firefox security update (Critical)	2015-08-17
oval:org.mitre.oval:def:22773	P	ELSA-2009:0256: firefox security update (Critical)	2014-05-26
oval:org.mitre.oval:def:9922	V	Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the (1) about:plugins and (2) about:config URIs from .desktop files, which allows user-assisted remote attackers to bypass the Same Origin Policy and execute arbitrary code with chrome privileges via vectors involving the URL field in a Desktop Entry section of a .desktop file, related to representation of about: URIs as jar:file:// URIs. NOTE: this issue exists because of an incomplete fix for CVE-2008-4582.	2013-04-29
oval:com.redhat.rhsa:def:20090256	P	RHSA-2009:0256: firefox security update (Critical)	2009-02-04

BACK