Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2012-1407

Опубликовано: 26 окт. 2012
Источник: oracle-oval
Платформа: Oracle Linux 5
Платформа: Oracle Linux 6

Описание

ELSA-2012-1407: firefox security update (CRITICAL)

firefox [10.0.10-1.0.1.el6_3]

  • Replaced firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js

[10.0.10-1]

  • Update to 10.0.10 ESR

[10.0.8-2]

  • Fixed rhbz#865284 - add the storage.nfs_filesystem config key to property list
  • disable OOP for wrapped plugins (nspluginwrapper)

xulrunner [10.0.10-1.0.1.el6_3]

  • Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js

[10.0.10-1]

  • Added patches from 10.0.10 ESR

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

firefox

10.0.10-1.0.1.el5_8

xulrunner

10.0.10-1.0.1.el5_8

xulrunner-devel

10.0.10-1.0.1.el5_8

Oracle Linux x86_64

firefox

10.0.10-1.0.1.el5_8

xulrunner

10.0.10-1.0.1.el5_8

xulrunner-devel

10.0.10-1.0.1.el5_8

Oracle Linux i386

firefox

10.0.10-1.0.1.el5_8

xulrunner

10.0.10-1.0.1.el5_8

xulrunner-devel

10.0.10-1.0.1.el5_8

Oracle Linux 6

Oracle Linux x86_64

firefox

10.0.10-1.0.1.el6_3

xulrunner

10.0.10-1.0.1.el6_3

xulrunner-devel

10.0.10-1.0.1.el6_3

Oracle Linux i686

firefox

10.0.10-1.0.1.el6_3

xulrunner

10.0.10-1.0.1.el6_3

xulrunner-devel

10.0.10-1.0.1.el6_3

Связанные CVE

CVE-2012-4195
CVE-2012-4196
CVE-2012-4194

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2012-1413

oracle-oval
почти 13 лет назад

ELSA-2012-1413: thunderbird security update (IMPORTANT)

ubuntu логотип

CVE-2012-4195

ubuntu
почти 13 лет назад

The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior.

redhat логотип

CVE-2012-4195

redhat
почти 13 лет назад

The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior.

nvd логотип

CVE-2012-4195

nvd
почти 13 лет назад

The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior.

debian логотип

CVE-2012-4195

debian
почти 13 лет назад

The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Fi ...