remote code execution
Please Install the Updated Packages.
The web browser Mozilla Firefox has been brought to security update version 18.104.22.168. The Firefox versions was upgraded to 22.214.171.124 on: - SUSE Linux 10.1, openSUSE 10.2 and 10.3 - SUSE Linux Enterprise Server and Desktop 10 All Firefox fixes were also back ported to the Firefox 126.96.36.199 version in Novell Linux Desktop 9. Also released were Mozilla Seamonkey Suite 188.8.131.52 packages for openSUSE 10.2 and 10.3. All Mozilla Seamonkey fixes were back ported to the SUSE Linux 10.1 seamonkey 1.8.0 version. Following security problems were fixed: - CVE-2008-0594 Web forgery overwrite with div overlay - CVE-2008-0593 URL token stealing via stylesheet redirect - CVE-2008-0592 Mishandling of locally-saved plain text files - CVE-2008-0591 File action dialog tampering - CVE-2008-0419 Web browsing history and forward navigation stealing - CVE-2008-0418 Directory traversal via chrome: URI - CVE-2008-0417 Stored password corruption - CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution - CVE-2008-0414 Multiple file input focus stealing vulnerabilities - CVE-2008-0413 Crashes with evidence of memory corruption (rv:184.108.40.206)
MozillaFirefox,seamonkey on SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, SUSE SLES 9, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9, SUSE Linux Enterprise Desktop 10 SP1, SUSE Linux Enterprise Server 10 SP1
Updated on 2015-03-25
CVE CVE-2008-0412, CVE-2008-0413, CVE-2008-0414, CVE-2008-0415, CVE-2008-0417, CVE-2008-0418, CVE-2008-0419, CVE-2008-0591, CVE-2008-0592, CVE-2008-0593, CVE-2008-0594
CVSS Base Score: 9.3