Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
35 additions
and
0 deletions.
There are no files selected for viewing
35 changes: 35 additions & 0 deletions
35
repository/definitions/vulnerability/oval_org.cisecurity_def_1828.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:1828" version="1"> | ||
<metadata> | ||
<title>Memory safety bugs fixed in Firefox 50.1 - CVE-2016-9080</title> | ||
<affected family="windows"> | ||
<platform>Microsoft Windows XP</platform> | ||
<platform>Microsoft Windows Server 2003</platform> | ||
<platform>Microsoft Windows Server 2008</platform> | ||
<platform>Microsoft Windows Server 2008 R2</platform> | ||
<platform>Microsoft Windows Vista</platform> | ||
<platform>Microsoft Windows 7</platform> | ||
<platform>Microsoft Windows 8</platform> | ||
<platform>Microsoft Windows 8.1</platform> | ||
<platform>Microsoft Windows 10</platform> | ||
<platform>Microsoft Windows Server 2012</platform> | ||
<platform>Microsoft Windows Server 2012 R2</platform> | ||
<platform>Microsoft Windows Server 2016</platform> | ||
<product>Mozilla Firefox</product> | ||
</affected> | ||
<reference ref_id="CVE-2016-9080" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9080" source="CVE" /> | ||
<description>Mozilla developers and community members Kan-Ru Chen, Christian Holler, and Tyson Smith reported memory safety bugs present in Firefox 50.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.</description> | ||
<oval_repository> | ||
<dates> | ||
<submitted date="2017-02-07T17:02:33+08:00"> | ||
<contributor organization="DTCC">Alexander Chua</contributor> | ||
</submitted> | ||
</dates> | ||
<status>INITIAL SUBMISSION</status> | ||
<min_schema_version>5.10</min_schema_version> | ||
</oval_repository> | ||
</metadata> | ||
<criteria comment="Mozilla Firefox Mainline release is installed + version" operator="AND"> | ||
<extend_definition comment="Mozilla Firefox Mainline release is installed" definition_ref="oval:org.mitre.oval:def:22259" /> | ||
<criterion comment="Check if Mozilla Firefox Mainline version less than 50.1.0" test_ref="oval:org.cisecurity:tst:2488" /> | ||
</criteria> | ||
</definition> |