OVAL Definitions - Family: unix

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null charact... oval:org.mitre.oval:def:11090 Vulnerability unix
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) ... oval:org.mitre.oval:def:10227 Vulnerability unix
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remo... oval:org.mitre.oval:def:9730 Vulnerability unix
Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting conten... oval:org.mitre.oval:def:9543 Vulnerability unix
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface ... oval:org.mitre.oval:def:9419 Vulnerability unix
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect seque... oval:org.mitre.oval:def:9240 Vulnerability unix
Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an input type... oval:org.mitre.oval:def:11153 Vulnerability unix
Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to in... oval:org.mitre.oval:def:10838 Vulnerability unix
Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting conten... oval:org.mitre.oval:def:10117 Vulnerability unix
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensio... oval:org.mitre.oval:def:10032 Vulnerability unix
Mozilla CA Certificate DoS oval:org.mitre.oval:def:3134 Vulnerability unix
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of se... oval:org.mitre.oval:def:9972 Vulnerability unix
Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers ... oval:org.mitre.oval:def:9950 Vulnerability unix
Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the (1) about:plugins and (2) about:config URIs from .d... oval:org.mitre.oval:def:9922 Vulnerability unix
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate s... oval:org.mitre.oval:def:9911 Vulnerability unix
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an in... oval:org.mitre.oval:def:9900 Vulnerability unix
Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to exec... oval:org.mitre.oval:def:9897 Vulnerability unix
Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the e... oval:org.mitre.oval:def:9889 Vulnerability unix
Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remote attackers to bypass the security model and injec... oval:org.mitre.oval:def:9843 Vulnerability unix
Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, wh... oval:org.mitre.oval:def:9818 Vulnerability unix
Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate local documents with external domain names located a... oval:org.mitre.oval:def:9803 Vulnerability unix
Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Referer header to the window or frame in which scrip... oval:org.mitre.oval:def:9794 Vulnerability unix
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SS... oval:org.mitre.oval:def:9791 Vulnerability unix
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly ... oval:org.mitre.oval:def:9762 Vulnerability unix
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the Universal... oval:org.mitre.oval:def:9753 Vulnerability unix
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript... oval:org.mitre.oval:def:9745 Vulnerability unix
Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly co... oval:org.mitre.oval:def:9686 Vulnerability unix
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory lis... oval:org.mitre.oval:def:9668 Vulnerability unix
Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do not properly check when the Flash module has been... oval:org.mitre.oval:def:9660 Vulnerability unix
Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux u... oval:org.mitre.oval:def:9641 Vulnerability unix

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html