SuSE Update For MozillaFirefox OpenSUSE-SU-2012:0258-1 (MozillaFirefox) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

MozillaFirefox was updated to 10.0.1 to fix critical bugs and security issue. Following security issue was fixed: CVE-2012-0452: Mozilla developers Andrew McCreight and Olli Pettay found that ReadPrototypeBindings will leave a XBL binding in a hash table even when the function fails. If this occurs, when the cycle collector reads this hash table and attempts to do a virtual method on this binding a crash will occur. This crash may be potentially exploitable. Firefox 9 and earlier are not affected by this vulnerability.

Affected

MozillaFirefox on openSUSE 11.4

Severity

Classification

CVE CVE-2012-0452
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

SLES10: Security update for MozillaFirefox
SLES10: Security update for festival
SLES10: Security update for libxml2
SLES10: Security update for IBM Java 1.4.2
SLES10: Security update for Java Struts

SuSE Update for MozillaFirefox openSUSE-SU-2012:0258-1 (MozillaFirefox)

Take action and discover your vulnerabilities