OVAL Definitions for Firefox/Seamonkey
|
|
prabhu-4
|
Some javascript/style in this post has been disabled (why?)
Submitting OVAL Definition for Multiple Vulnerabilities in Firefox and
Seamonkey.Inventories for : Mozilla Firefox, Seamonkey, and Thunderbird Thanks & Regards, Prabhu.S.A www.secpod.comTo unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email]. <?xml version="1.0" encoding="UTF-8"?> <oval_definitions xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows windows-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#independent independent-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5"> <generator> <oval:product_name>The OVAL Repository</oval:product_name> <oval:schema_version>5.6</oval:schema_version> <oval:timestamp>2009-10-30T09:06:03.558-04:00</oval:timestamp> </generator> <definitions> <definition id="oval:org.secpod.oval:def:91021" version="0" class="vulnerability"> <metadata> <title>Mozilla Firefox Floating Point Memory Allocation Vulnerability</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Firefox</product> </affected> <reference source="CVE" ref_id="CVE-2009-1563" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1563"/> <description>Array index error in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows remote attackers to execute arbitrary code via a long string that triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number</description> <oval_repository> <dates> <submitted date="2009-11-04T12:10:11"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <extend_definition comment="Mozilla Firefox is installed" definition_ref="oval:org.secpod.oval:def:91023"/> <criterion comment="Mozilla Firefox version 3.0.x to 3.0.14 and 3.5.x to 3.5.3" test_ref="oval:org.secpod.oval:tst:91021"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:91022" version="0" class="vulnerability"> <metadata> <title>Multiple vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.4</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Firefox</product> </affected> <reference source="CVE" ref_id="CVE-2009-3383" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3383"/> <description>Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.</description> <oval_repository> <dates> <submitted date="2009-11-04T12:10:11"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <extend_definition comment="Mozilla Firefox is installed" definition_ref="oval:org.secpod.oval:def:91023"/> <criterion comment="Mozilla Firefox version 3.5.x to 3.5.3" test_ref="oval:org.secpod.oval:tst:91022"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:91024" version="0" class="vulnerability"> <metadata> <title>Mozilla Firefox 3.0.x before 3.0.15 cause a denial of service in layout/base/nsCSSFrameConstructor.cpp</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Firefox</product> </affected> <reference source="CVE" ref_id="CVE-2009-3382" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3382"/> <description>layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 does not properly handle first-letter frames, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.</description> <oval_repository> <dates> <submitted date="2009-11-04T12:10:11"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <extend_definition comment="Mozilla Firefox is installed" definition_ref="oval:org.secpod.oval:def:91023"/> <criterion comment="Mozilla Firefox version 3.0.x to 3.0.14" test_ref="oval:org.secpod.oval:tst:91024"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:91025" version="0" class="vulnerability"> <metadata> <title>Multiple vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.4 to cause a denial of service.</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Firefox</product> </affected> <reference source="CVE" ref_id="CVE-2009-3381" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3381"/> <description>Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.</description> <oval_repository> <dates> <submitted date="2009-11-04T12:10:11"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <extend_definition comment="Mozilla Firefox is installed" definition_ref="oval:org.secpod.oval:def:91023"/> <criterion comment="Mozilla Firefox version 3.5.x to 3.5.3" test_ref="oval:org.secpod.oval:tst:91022"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:91026" version="0" class="vulnerability"> <metadata> <title>Multiple vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 to cause a denial of service</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Firefox</product> </affected> <reference source="CVE" ref_id="CVE-2009-3380" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3380"/> <description>Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.</description> <oval_repository> <dates> <submitted date="2009-11-04T12:10:11"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <extend_definition comment="Mozilla Firefox is installed" definition_ref="oval:org.secpod.oval:def:91023"/> <criterion comment="Mozilla Firefox version 3.0.x to 3.0.14 and 3.5.x to 3.5.3" test_ref="oval:org.secpod.oval:tst:91021"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:91027" version="0" class="vulnerability"> <metadata> <title>Vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4 to cause a denial of service</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Firefox</product> </affected> <reference source="CVE" ref_id="CVE-2009-3379" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379"/> <description>Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE-2009-2663.</description> <oval_repository> <dates> <submitted date="2009-11-04T12:10:11"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <extend_definition comment="Mozilla Firefox is installed" definition_ref="oval:org.secpod.oval:def:91023"/> <criterion comment="Mozilla Firefox version 3.5.x to 3.5.3" test_ref="oval:org.secpod.oval:tst:91022"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:91028" version="0" class="vulnerability"> <metadata> <title>The oggplay_data_handle_theora_frame in liboggplay in Mozilla Firefox 3.5.x before 3.5.4 to cuase denial of service</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Firefox</product> </affected> <reference source="CVE" ref_id="CVE-2009-3378" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3378"/> <description>The oggplay_data_handle_theora_frame function in media/liboggplay/src/liboggplay/oggplay_data.c in liboggplay, as used in Mozilla Firefox 3.5.x before 3.5.4, attempts to reuse an earlier frame data structure upon encountering a decoding error for the first frame, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a crafted .ogg video file.</description> <oval_repository> <dates> <submitted date="2009-11-04T12:10:11"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <extend_definition comment="Mozilla Firefox is installed" definition_ref="oval:org.secpod.oval:def:91023"/> <criterion comment="Mozilla Firefox version 3.5.x to 3.5.3" test_ref="oval:org.secpod.oval:tst:91022"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:91029" version="0" class="vulnerability"> <metadata> <title>vulnerabilities in liboggz, as used in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Firefox</product> </affected> <reference source="CVE" ref_id="CVE-2009-3377" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3377"/> <description>Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.</description> <oval_repository> <dates> <submitted date="2009-11-04T12:10:11"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <extend_definition comment="Mozilla Firefox is installed" definition_ref="oval:org.secpod.oval:def:91023"/> <criterion comment="Mozilla Firefox version 3.5.x to 3.5.3" test_ref="oval:org.secpod.oval:tst:91022"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:91030" version="0" class="vulnerability"> <metadata> <title>Remote bypass vulnerability in content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 via the document.getSelection function</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Firefox</product> </affected> <reference source="CVE" ref_id="CVE-2009-3375" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3375"/> <description>content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function.</description> <oval_repository> <dates> <submitted date="2009-11-04T12:10:11"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <extend_definition comment="Mozilla Firefox is installed" definition_ref="oval:org.secpod.oval:def:91023"/> <criterion comment="Mozilla Firefox version 3.0.x to 3.0.14 and 3.5.x to 3.5.3" test_ref="oval:org.secpod.oval:tst:91021"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:91031" version="0" class="vulnerability"> <metadata> <title>Vulnerability in the XPCVariant::VariantDataToJS function in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Firefox</product> </affected> <reference source="CVE" ref_id="CVE-2009-3374" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3374"/> <description>content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function.</description> <oval_repository> <dates> <submitted date="2009-11-04T12:10:11"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <extend_definition comment="Mozilla Firefox is installed" definition_ref="oval:org.secpod.oval:def:91023"/> <criterion comment="Mozilla Firefox version 3.0.x to 3.0.14 and 3.5.x to 3.5.3" test_ref="oval:org.secpod.oval:tst:91021"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:91032" version="0" class="vulnerability"> <metadata> <title>Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 allows remote attackers to cause a denial of service</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Firefox</product> </affected> <reference source="CVE" ref_id="CVE-2009-3371" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3371"/> <description>Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by creating JavaScript web-workers recursively.</description> <oval_repository> <dates> <submitted date="2009-11-04T12:10:11"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <extend_definition comment="Mozilla Firefox is installed" definition_ref="oval:org.secpod.oval:def:91023"/> <criterion comment="Mozilla Firefox version 3.5.x to 3.5.3" test_ref="oval:org.secpod.oval:tst:91022"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:91033" version="0" class="vulnerability"> <metadata> <title>Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Firefox</product> </affected> <reference source="CVE" ref_id="CVE-2009-3370" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3370"/> <description>Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries.</description> <oval_repository> <dates> <submitted date="2009-11-04T12:10:11"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <extend_definition comment="Mozilla Firefox is installed" definition_ref="oval:org.secpod.oval:def:91023"/> <criterion comment="Mozilla Firefox version 3.0.x to 3.0.14 and 3.5.x to 3.5.3" test_ref="oval:org.secpod.oval:tst:91021"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:91034" version="0" class="inventory"> <metadata> <title>Mozilla Seamonkey is installed</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Seamonkey</product> </affected> <reference source="CPE" ref_id="cpe:/a:mozilla:seamonkey"/> <description>The installed browser on the system is Mozilla Seamonkey.</description> <oval_repository> <dates> <submitted date="2009-11-04T15:11:12"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <criteria operator="OR"> <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/> <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/> <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/> <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/> <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/> <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/> <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/> <extend_definition comment="Microsoft Windows 7 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:6165"/> </criteria> <criterion comment="Mozilla Seamonkey is installed" test_ref="oval:org.secpod.oval:tst:91026"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:91035" version="0" class="vulnerability"> <metadata> <title>Arbitrary code execution in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0 ia a crafted regular expression in a Proxy Auto-configuration (PAC) file. </title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Firefox</product> <product>Mozilla Seamonkey</product> </affected> <reference source="CVE" ref_id="CVE-2009-3372" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3372"/> <description>Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file.</description> <oval_repository> <dates> <submitted date="2009-11-04T12:10:11"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <extend_definition comment="Mozilla Firefox is installed" definition_ref="oval:org.secpod.oval:def:91023"/> <criterion comment="Mozilla Firefox less than 3.0.15 and 3.5.x to 3.5.3" test_ref="oval:org.secpod.oval:tst:91025"/> </criteria> <criteria operator="AND"> <extend_definition comment="Mozilla Seamonkey is installed" definition_ref="oval:org.secpod.oval:def:91034"/> <criterion comment="Mozilla Seamonkey version less than 2.0" test_ref="oval:org.secpod.oval:tst:91026"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:91036" version="0" class="vulnerability"> <metadata> <title>Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0 via unspecified vectors.</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Firefox</product> <product>Mozilla Seamonkey</product> </affected> <reference source="CVE" ref_id="CVE-2009-3373" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3373"/> <description>Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.</description> <oval_repository> <dates> <submitted date="2009-11-04T12:10:11"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <extend_definition comment="Mozilla Firefox is installed" definition_ref="oval:org.secpod.oval:def:91023"/> <criterion comment="Mozilla Firefox less than 3.0.15 and 3.5.x to 3.5.3" test_ref="oval:org.secpod.oval:tst:91025"/> </criteria> <criteria operator="AND"> <extend_definition comment="Mozilla Seamonkey is installed" definition_ref="oval:org.secpod.oval:def:91034"/> <criterion comment="Mozilla Seamonkey version less than 2.0" test_ref="oval:org.secpod.oval:tst:91026"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:91037" version="0" class="vulnerability"> <metadata> <title>Spoofed file extensions via a crafted filename containing Unicode character in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Firefox</product> <product>Mozilla Seamonkey</product> </affected> <reference source="CVE" ref_id="CVE-2009-3376" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3376"/> <description>Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file.</description> <oval_repository> <dates> <submitted date="2009-11-04T12:10:11"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <extend_definition comment="Mozilla Firefox is installed" definition_ref="oval:org.secpod.oval:def:91023"/> <criterion comment="Mozilla Firefox less than 3.0.15 and 3.5.x to 3.5.3" test_ref="oval:org.secpod.oval:tst:91025"/> </criteria> <criteria operator="AND"> <extend_definition comment="Mozilla Seamonkey is installed" definition_ref="oval:org.secpod.oval:def:91034"/> <criterion comment="Mozilla Seamonkey version less than 2.0" test_ref="oval:org.secpod.oval:tst:91027"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:91038" version="1" class="inventory"> <metadata> <title>Mozilla Thunderbird is installed</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Thunderbird</product> </affected> <reference source="CPE" ref_id="cpe:/a:mozilla:thunderbird"/> <description>The installed e-mail and news client on the system is Mozilla Thunderbird.</description> <oval_repository> <dates> <submitted date="2009-11-04T15:11:12"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <criteria operator="OR"> <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/> <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/> <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/> <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/> <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/> <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/> <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/> <extend_definition comment="Microsoft Windows 7 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:6165"/> </criteria> <criterion comment="Mozilla Thunderbird is installed" test_ref="oval:org.secpod.oval:tst:91028"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:91023" version="0" class="inventory"> <metadata> <title>Mozilla Firefox is installed</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows 7</platform> <product>Mozilla Firefox</product> </affected> <reference source="CPE" ref_id="cpe:/a:mozilla:firefox"/> <description>The browser installed on the system is Mozilla Firefox</description> <oval_repository> <dates> <submitted date="2009-11-04T12:10:11"> <contributor organization="SecPod Technologies">Prabhu S A</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND"> <criteria operator="OR"> <extend_definition comment="Microsoft Windows 2000 SP4 or later is installed" definition_ref="oval:org.mitre.oval:def:229"/> <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/> <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/> <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/> <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/> <extend_definition comment="Microsoft Windows Server 2003 SP1 (x86) is installed" definition_ref="oval:org.mitre.oval:def:565"/> <extend_definition comment="Microsoft Windows Server 2003 SP2 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1935"/> <extend_definition comment="Microsoft Windows 7 (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:6165"/> </criteria> <criterion comment="Mozilla Firefox is installed" test_ref="oval:org.secpod.oval:tst:91023"/> </criteria> </criteria> </definition> <definition id="oval:org.mitre.oval:def:754" version="2" class="inventory"> <metadata> <title>Microsoft Windows XP (x86) SP2 is installed</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="CPE" ref_id="cpe:/o:microsoft:windows_xp::sp2:x86"/> <description>A version of Microsoft Windows XP (x86) Service Pack 2 is installed.</description> <oval_repository> <dates> <submitted date="2007-03-05T09:00:00"> <contributor organization="The MITRE Corporation">Andrew Buttner</contributor> </submitted> <status_change date="2007-03-05T09:00:00">DRAFT</status_change> <status_change date="2007-03-21T16:17:26.869-04:00">INTERIM</status_change> <status_change date="2007-04-10T13:44:28.583-04:00">ACCEPTED</status_change> <modified comment="Changed the CPE reference" date="2008-04-04T11:17:00.434-04:00"> <contributor organization="The MITRE Corporation">Andrew Buttner</contributor> </modified> <status_change date="2008-04-04T11:29:22.458-04:00">INTERIM</status_change> <status_change date="2008-04-21T04:00:24.359-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria operator="AND"> <criterion comment="the installed operating system is part of the Microsoft Windows family" test_ref="oval:org.mitre.oval:tst:99"/> <criterion comment="a version of Microsoft Windows XP is installed" test_ref="oval:org.mitre.oval:tst:3"/> <criterion comment="a version of Windows for the x86 architecture is installed" test_ref="oval:org.mitre.oval:tst:3823"/> <criterion comment="Win2K/XP/2003 service pack 2 is installed" test_ref="oval:org.mitre.oval:tst:3019"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:565" version="2" class="inventory"> <metadata> <title>Microsoft Windows Server 2003 SP1 (x86) is installed</title> <affected family="windows"> <platform>Microsoft Windows Server 2003</platform> </affected> <reference source="CPE" ref_id="cpe:/o:microsoft:windows_2003::sp1:x86"/> <description>A version of Microsoft Windows Server 2003 Service Pack 1 (x86) is installed.</description> <oval_repository> <dates> <submitted date="2006-07-25T12:05:33"> <contributor organization="ThreatGuard, Inc.">Robert L. Hollis</contributor> </submitted> <status_change date="2006-07-27T20:15:00.000-04:00">DRAFT</status_change> <status_change date="2006-09-27T12:29:31.197-04:00">INTERIM</status_change> <status_change date="2006-10-16T15:58:44.696-04:00">ACCEPTED</status_change> <modified comment="Changed the CPE reference" date="2008-04-04T11:17:00.371-04:00"> <contributor organization="The MITRE Corporation">Andrew Buttner</contributor> </modified> <status_change date="2008-04-04T11:28:41.395-04:00">INTERIM</status_change> <status_change date="2008-04-21T04:00:23.334-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria operator="AND"> <criterion comment="the installed operating system is part of the Microsoft Windows family" test_ref="oval:org.mitre.oval:tst:99"/> <criterion comment="a version of Microsoft Windows Server 2003 is installed" test_ref="oval:org.mitre.oval:tst:4"/> <criterion comment="a version of Windows for the x86 architecture is installed" test_ref="oval:org.mitre.oval:tst:3823"/> <criterion comment="Win2K/XP/2003/Vista service pack 1 is installed" test_ref="oval:org.mitre.oval:tst:2843"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:5631" version="1" class="inventory"> <metadata> <title>Microsoft Windows XP (x86) SP3 is installed</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="CPE" ref_id="cpe:/o:microsoft:windows_xp::sp3:x86"/> <description>A version of Microsoft Windows XP (x86) Service Pack 3 is installed.</description> <oval_repository> <dates> <submitted date="2008-06-10T14:50:00"> <contributor organization="Secure Elements, Inc.">Sudhir Gandhe</contributor> </submitted> <status_change date="2008-06-12T13:58:47.155-04:00">DRAFT</status_change> <status_change date="2008-06-30T04:00:18.370-04:00">INTERIM</status_change> <status_change date="2008-07-21T04:00:18.901-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria operator="AND"> <criterion comment="the installed operating system is part of the Microsoft Windows family" test_ref="oval:org.mitre.oval:tst:99"/> <criterion comment="a version of Microsoft Windows XP is installed" test_ref="oval:org.mitre.oval:tst:3"/> <criterion comment="a version of Windows for the x86 architecture is installed" test_ref="oval:org.mitre.oval:tst:3823"/> <criterion comment="Win2K/XP/2003 service pack 3 is installed" test_ref="oval:org.mitre.oval:tst:7814"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:4873" version="1" class="inventory"> <metadata> <title>Microsoft Windows Vista (32-bit) Service Pack 1 is installed</title> <affected family="windows"> <platform>Microsoft Windows Vista</platform> </affected> <reference source="CPE" ref_id="cpe:/o:microsoft:windows_vista::sp1:x86"/> <description>The operating system installed on the system is Microsoft Windows Vista (32-bit) Service Pack 1</description> <oval_repository> <dates> <submitted date="2008-03-26T10:44:02"> <contributor organization="Secure Elements, Inc.">Sudhir Gandhe</contributor> </submitted> <status_change date="2008-03-26T16:27:29.495-04:00">DRAFT</status_change> <modified comment="Changed the CPE reference" date="2008-04-04T11:17:00.108-04:00"> <contributor organization="The MITRE Corporation">Andrew Buttner</contributor> </modified> <status_change date="2008-04-21T04:00:20.428-04:00">INTERIM</status_change> <status_change date="2008-05-12T04:00:14.497-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria> <criterion comment="the installed operating system is part of the Microsoft Windows family" test_ref="oval:org.mitre.oval:tst:99"/> <criterion comment="Windows Vista is installed" test_ref="oval:org.mitre.oval:tst:7914"/> <criterion negate="true" comment="a version of Windows for the x64 architecture is installed" test_ref="oval:org.mitre.oval:tst:3653"/> <criterion comment="Win2K/XP/2003/Vista service pack 1 is installed" test_ref="oval:org.mitre.oval:tst:2843"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:1935" version="2" class="inventory"> <metadata> <title>Microsoft Windows Server 2003 SP2 (x86) is installed</title> <affected family="windows"> <platform>Microsoft Windows Server 2003</platform> </affected> <reference source="CPE" ref_id="cpe:/o:microsoft:windows_2003::sp2:x86"/> <description>A version of Microsoft Windows Server 2003 Service Pack 2 (x86) is installed.</description> <oval_repository> <dates> <submitted date="2007-04-09T09:49:32"> <contributor organization="Secure Elements, Inc.">Sudhir Gandhe</contributor> </submitted> <status_change date="2007-04-09T11:20:00.000-05:00">DRAFT</status_change> <status_change date="2007-04-25T19:52:21.584-04:00">INTERIM</status_change> <modified comment="Dropped tst:4078 in favor of existing tst:3019." date="2007-04-26T13:47:00.955-04:00"> <contributor organization="ThreatGuard, Inc.">Robert L. Hollis</contributor> </modified> <status_change date="2007-05-23T15:05:34.661-04:00">ACCEPTED</status_change> <modified comment="Changed the CPE reference" date="2008-04-04T11:17:00.742-04:00"> <contributor organization="The MITRE Corporation">Andrew Buttner</contributor> </modified> <status_change date="2008-04-04T11:25:17.766-04:00">INTERIM</status_change> <status_change date="2008-04-21T04:00:15.390-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria operator="AND"> <criterion comment="the installed operating system is part of the Microsoft Windows family" test_ref="oval:org.mitre.oval:tst:99"/> <criterion comment="a version of Microsoft Windows Server 2003 is installed" test_ref="oval:org.mitre.oval:tst:4"/> <criterion comment="a version of Windows for the x86 architecture is installed" test_ref="oval:org.mitre.oval:tst:3823"/> <criterion comment="Win2K/XP/2003 service pack 2 is installed" test_ref="oval:org.mitre.oval:tst:3019"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:1282" version="2" class="inventory"> <metadata> <title>Microsoft Windows Vista (32-bit) is installed</title> <affected family="windows"> <platform>Microsoft Windows Vista</platform> </affected> <reference source="CPE" ref_id="cpe:/o:microsoft:windows_vista:::x86"/> <description>The operating system installed on the system is Microsoft Windows Vista (32-bit)</description> <oval_repository> <dates> <submitted date="2007-04-11T11:27:37.975-04:00"> <contributor organization="The MITRE Corporation">Jonathan Baker</contributor> </submitted> <status_change date="2007-04-11T12:15:00.000-04:00">DRAFT</status_change> <status_change date="2007-04-30T08:18:46.566-04:00">INTERIM</status_change> <status_change date="2007-05-23T15:05:26.800-04:00">ACCEPTED</status_change> <modified comment="Vista test Updated because of the conflictions with Server 2008" date="2008-03-26T10:51:02.210-04:00"> <contributor organization="Secure Elements, Inc.">Sudhir Gandhe</contributor> </modified> <status_change date="2008-03-31T04:00:20.410-04:00">INTERIM</status_change> <modified comment="Changed the CPE reference" date="2008-04-04T11:17:00.749-04:00"> <contributor organization="The MITRE Corporation">Andrew Buttner</contributor> </modified> <status_change date="2008-04-21T04:00:11.683-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria> <criterion comment="the installed operating system is part of the Microsoft Windows family" test_ref="oval:org.mitre.oval:tst:99"/> <criterion comment="Windows Vista is installed" test_ref="oval:org.mitre.oval:tst:7914"/> <criterion negate="true" comment="a version of Windows for the x64 architecture is installed" test_ref="oval:org.mitre.oval:tst:3653"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:229" version="2" class="inventory"> <metadata> <title>Microsoft Windows 2000 SP4 or later is installed</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> </affected> <description>The operating system installed on the system is Microsoft Windows 2000 SP4.</description> <oval_repository> <dates> <submitted date="2006-07-25T12:05:33"> <contributor organization="ThreatGuard, Inc.">Robert L. Hollis</contributor> </submitted> <status_change date="2006-07-27T20:15:00.000-04:00">DRAFT</status_change> <status_change date="2006-09-27T12:29:16.978-04:00">INTERIM</status_change> <status_change date="2006-10-16T15:58:35.885-04:00">ACCEPTED</status_change> <modified comment="Added CPE reference." date="2007-04-30T07:48:00.915-04:00"> <contributor organization="The MITRE Corporation">Jonathan Baker</contributor> </modified> <status_change date="2007-04-30T08:11:20.008-04:00">INTERIM</status_change> <status_change date="2007-05-23T15:05:40.599-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria operator="AND"> <criterion comment="the installed operating system is part of the Microsoft Windows family" test_ref="oval:org.mitre.oval:tst:99"/> <criterion comment="Windows 2000 is installed" test_ref="oval:org.mitre.oval:tst:2"/> <criterion comment="SP4 or later Installed" test_ref="oval:org.mitre.oval:tst:3073"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:6165" version="1" class="inventory"> <metadata> <title>Microsoft Windows 7 (32-bit) is installed</title> <affected family="windows"> <platform>Microsoft Windows 7</platform> </affected> <reference source="CPE" ref_id="cpe:/o:microsoft:windows_7:::x86"/> <description>The operating system installed on the system is Microsoft Windows 7 (32-bit)</description> <oval_repository> <dates> <submitted date="2009-09-08T11:27:37.975-04:00"> <contributor organization="Hewlett-Packard">Pai Peng</contributor> </submitted> <status_change date="2009-09-08T20:49:38.394-04:00">DRAFT</status_change> <status_change date="2009-09-28T04:00:16.403-04:00">INTERIM</status_change> <status_change date="2009-10-26T04:00:04.727-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria> <criterion comment="the installed operating system is part of the Microsoft Windows family" test_ref="oval:org.mitre.oval:tst:99"/> <criterion comment="Windows 7 is installed" test_ref="oval:org.mitre.oval:tst:10792"/> <criterion negate="true" comment="a version of Windows for the x64 architecture is installed" test_ref="oval:org.mitre.oval:tst:3653"/> </criteria> </definition> </definitions> <tests> <registry_test id="oval:org.mitre.oval:tst:7814" version="1" comment="Win2K/XP/2003 service pack 3 is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:717"/> <state state_ref="oval:org.mitre.oval:ste:3794"/> </registry_test> <registry_test id="oval:org.mitre.oval:tst:3" version="1" comment="a version of Microsoft Windows XP is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:123"/> <state state_ref="oval:org.mitre.oval:ste:3"/> </registry_test> <registry_test id="oval:org.mitre.oval:tst:2843" version="1" comment="Win2K/XP/2003/Vista service pack 1 is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:717"/> <state state_ref="oval:org.mitre.oval:ste:2662"/> </registry_test> <registry_test id="oval:org.mitre.oval:tst:4" version="1" comment="a version of Microsoft Windows Server 2003 is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:123"/> <state state_ref="oval:org.mitre.oval:ste:4"/> </registry_test> <registry_test id="oval:org.mitre.oval:tst:3823" version="1" comment="a version of Windows for the x86 architecture is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:1576"/> <state state_ref="oval:org.mitre.oval:ste:3649"/> </registry_test> <registry_test id="oval:org.mitre.oval:tst:3019" version="1" comment="Win2K/XP/2003 service pack 2 is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:717"/> <state state_ref="oval:org.mitre.oval:ste:2827"/> </registry_test> <family_test id="oval:org.mitre.oval:tst:99" version="1" comment="the installed operating system is part of the Microsoft Windows family" check_existence="at_least_one_exists" check="only one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent"> <object object_ref="oval:org.mitre.oval:obj:99"/> <state state_ref="oval:org.mitre.oval:ste:99"/> </family_test> <registry_test id="oval:org.mitre.oval:tst:7914" version="1" comment="Windows Vista is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:5590"/> <state state_ref="oval:org.mitre.oval:ste:3828"/> </registry_test> <registry_test id="oval:org.mitre.oval:tst:3653" version="2" comment="a version of Windows for the x64 architecture is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:1576"/> <state state_ref="oval:org.mitre.oval:ste:3180"/> </registry_test> <registry_test id="oval:org.mitre.oval:tst:2" version="1" comment="Windows 2000 is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:123"/> <state state_ref="oval:org.mitre.oval:ste:2"/> </registry_test> <registry_test id="oval:org.mitre.oval:tst:3073" version="1" comment="SP4 or later Installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:717"/> <state state_ref="oval:org.mitre.oval:ste:2878"/> </registry_test> <registry_test id="oval:org.mitre.oval:tst:10792" version="1" comment="Windows 7 is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:5590"/> <state state_ref="oval:org.mitre.oval:ste:5027"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:91023" version="1" comment="Mozilla Firefox is installed" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:6886"/> <state state_ref="oval:org.secpod.oval:ste:91023"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:91021" version="1" comment="Mozilla Firefox version 3.0.x to 3.0.14 and 3.5.x to 3.5.3" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:6886"/> <state state_ref="oval:org.secpod.oval:ste:91021"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:91022" version="1" comment="Mozilla Firefox version 3.5.x to 3.5.3" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:6886"/> <state state_ref="oval:org.secpod.oval:ste:91022"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:91024" version="1" comment="Mozilla Firefox version 3.0.x to 3.0.14" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:6886"/> <state state_ref="oval:org.secpod.oval:ste:91024"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:91026" version="1" comment="Mozilla Seamonkey is installed" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:6012"/> <state state_ref="oval:org.secpod.oval:ste:91023"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:91025" version="1" comment="Mozilla Firefox less than 3.0.15 and 3.5.x to 3.5.3" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:6886"/> <state state_ref="oval:org.secpod.oval:ste:91025"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:91027" version="1" comment="Mozilla Seamonkey version less than 2.0" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:6012"/> <state state_ref="oval:org.secpod.oval:ste:91026"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:91028" version="1" comment="Mozilla Thunderbird is installed" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:6768"/> <state state_ref="oval:org.secpod.oval:ste:91023"/> </registry_test> </tests> <objects> <registry_object id="oval:org.mitre.oval:obj:123" version="1" comment="Registry key that hold the current windows os version" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SOFTWARE\Microsoft\Windows NT\CurrentVersion</key> <name>CurrentVersion</name> </registry_object> <registry_object id="oval:org.mitre.oval:obj:717" version="1" comment="This registry key holds the service pack installed on the host if one is present." xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SOFTWARE\Microsoft\Windows NT\CurrentVersion</key> <name>CSDVersion</name> </registry_object> <family_object id="oval:org.mitre.oval:obj:99" version="1" comment="This is the default family object. Only one family object should exist." xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent"/> <registry_object id="oval:org.mitre.oval:obj:5590" version="1" comment="This registry key identifies the Windows ProductName" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SOFTWARE\Microsoft\Windows NT\CurrentVersion</key> <name>ProductName</name> </registry_object> <registry_object id="oval:org.mitre.oval:obj:1576" version="1" comment="This registry key identifies the architecture on the system" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SYSTEM\CurrentControlSet\Control\Session Manager\Environment</key> <name>PROCESSOR_ARCHITECTURE</name> </registry_object> <registry_object id="oval:org.mitre.oval:obj:6886" version="1" comment="The registry key that holds the version of the Firefox" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SOFTWARE\Mozilla\Mozilla Firefox</key> <name>CurrentVersion</name> </registry_object> <registry_object id="oval:org.mitre.oval:obj:6012" version="1" comment="The registry key that holds the version of the Seamonkey" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SOFTWARE\mozilla.org\Seamonkey</key> <name>CurrentVersion</name> </registry_object> <registry_object id="oval:org.mitre.oval:obj:6768" version="1" comment="The registry key that holds the version of the Thunderbird" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SOFTWARE\Mozilla\Mozilla Thunderbird</key> <name>CurrentVersion</name> </registry_object> </objects> <states> <registry_state id="oval:org.mitre.oval:ste:2" version="1" comment="Registry key has a value of 5.0" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value>5.0</value> </registry_state> <registry_state id="oval:org.mitre.oval:ste:2878" version="1" comment="Regex that matches Service pack is 4 or later" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value operation="pattern match">^Service Pack [4-9]|\d{2,}$</value> </registry_state> <registry_state id="oval:org.mitre.oval:ste:3794" version="1" comment="The registry key has a value of Service Pack 3" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value>Service Pack 3</value> </registry_state> <registry_state id="oval:org.mitre.oval:ste:3" version="1" comment="The registry key has a value of 5.1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value>5.1</value> </registry_state> <registry_state id="oval:org.mitre.oval:ste:2662" version="1" comment="The registry key has a value of Service Pack 1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value>Service Pack 1</value> </registry_state> <registry_state id="oval:org.mitre.oval:ste:4" version="1" comment="The registry key has a value of 5.2" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value>5.2</value> </registry_state> <registry_state id="oval:org.mitre.oval:ste:3649" version="1" comment="x86 architecture" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value>x86</value> </registry_state> <registry_state id="oval:org.mitre.oval:ste:2827" version="1" comment="The registry key has a value of Service Pack 2" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value>Service Pack 2</value> </registry_state> <family_state id="oval:org.mitre.oval:ste:99" version="1" comment="Microsoft Windows family" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent"> <family>windows</family> </family_state> <registry_state id="oval:org.mitre.oval:ste:3828" version="1" comment="The registry key matches with Vista" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value operation="pattern match">.*[Vv]ista.*</value> </registry_state> <registry_state id="oval:org.mitre.oval:ste:3180" version="2" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value>amd64</value> </registry_state> <registry_state id="oval:org.mitre.oval:ste:5027" version="1" comment="The registry key matches with Windows 7" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value operation="pattern match">Windows 7</value> </registry_state> <registry_state id="oval:org.secpod.oval:ste:91023" version="1" comment="The registry key matches with Mozilla Firefox, Mozilla SeaMonkey and Mozilla Thunderbird installed" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value operation="pattern match">^[0-9]\..*</value> </registry_state> <registry_state id="oval:org.secpod.oval:ste:91021" version="1" comment="The registry key matches with Mozilla Firefox version 3.0.x to before 3.0.15 and 3.5.x before 3.5.4" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value operation="pattern match">^(3\.0(\.1[0-4]|\.[0-9])?|3\.5(\.[0-3])?) .*</value> </registry_state> <registry_state id="oval:org.secpod.oval:ste:91022" version="1" comment="The registry key matches with Mozilla Firefox version 3.5.x before 3.5.4" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value operation="pattern match">^3\.5(\.[0-3])? .*</value> </registry_state> <registry_state id="oval:org.secpod.oval:ste:91024" version="1" comment="The registry key matches with Mozilla Firefox version 3.0.x before 3.0.15" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value operation="pattern match">^3\.0(\.1[0-4]|\.[0-9])? .*</value> </registry_state> <registry_state id="oval:org.secpod.oval:ste:91025" version="1" comment="The registry key matches with Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value operation="pattern match">^([0-2]\..*|3\.0(\.1[0-4]|\.[0-9])?|3\.5(\.[0-3])?) .*</value> </registry_state> <registry_state id="oval:org.secpod.oval:ste:91026" version="1" comment="Seamonkey versions less than 2.0" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value operation="pattern match">^[01]\..* .*</value> </registry_state> </states> </oval_definitions> |
||||||||||||||||
Lah, Mike M.
|
Some javascript/style in this post has been disabled (why?)
Prabhu, Thank you for the definitions. The OVAL Repository
has been updated and the definitions are available for further community
review. Thanks, Mike ==================================================== Mike Lah G022 - Information Assurance Industry Collaboration The MITRE Corporation From: prabhu
[mailto:[hidden email]] Submitting OVAL Definition
for Multiple Vulnerabilities in Firefox and Seamonkey. Thanks & Regards, Prabhu.S.A www.secpod.com To
unsubscribe, send an email message to [hidden email] with SIGNOFF
OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties,
write to [hidden email]. |
||||||||||||||||
| Free Embeddable Forum Powered by Nabble | Help |
