remote code execution

Please Install the Updated Packages.

The Mozilla Firefox browser was updated to version 3.5.9 fixing lots of bugs and security issues. On openSUSE 11.0 and 11.1 the browser was updated from the 3.0 branch to 3.5.9 Also the Mozilla NSS libraries were updated to version 3.12.6 to fix the CVE-2009-3555 TLS renegotiation issue. Mozilla Thunderbird on openSUSE 11.2 was updated to 3.0.4 and Seamonkey 2 was updated to 2.0.4. Following security issues were fixed: MFSA 2010-16: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References Martijn Wargers, Josh Soref, and Jesse Ruderman reported crashes in the browser engine that affected Firefox 3.5 and Firefox 3.6. CVE-2010-0173 Jesse Ruderman and Ehsan Akhgari reported crashes that affected all supported versions of the browser engine. CVE-2010-0174 CVE-2010-0175: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a select event handler for XUL tree items could be called after the tree item was deleted. This results in the execution of previously freed memory which an attacker could use to crash a victim's browser and run arbitrary code on the victim's computer. CVE-2010-0176: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the way &lt option&gt elements are inserted into a XUL tree &lt optgroup&gt . In certain cases, the number of references to an &lt option&gt element is under-counted so that when the element is deleted, a live pointer to its old location is kept around and may later be used. An attacker could potentially use these conditions to run arbitrary code on a victim's computer. CVE-2010-0177: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the implementation of the window.navigator.plugins object. When a page reloads, the plugins array would reallocate all of its members without checking for existing references to each member. This could result in the deletion of objects for which valid pointers still exist. An attacker could use this vulnerability to crash a victim's browser and run arbitrary code on the victim's machine. CVE-2010-0178: Security researcher Paul Stone reported that a browser a ... Description truncated, for more information please check the Reference URL

MozillaFirefox,MozillaThunderbird,seamonkey,mozilla-nss on openSUSE 11.0, openSUSE 11.1, openSUSE 11.2

• http://www.novell.com/linux/security/advisories/2010_21_mozilla.html

---

Updated on 2015-03-25