SUSE-SA:2009:063 -- SUSE MozillaFirefox remote code executionID: oval:org.secpod.oval:def:400098 | Date: (C)2012-01-31 (M)2021-06-02 |
Class: PATCH | Family: unix |
The Mozilla Firefox browsers and XUL engines were updated to the current stable releases fixing lots of bugs and various security issues. SUSE Linux Enterprise 10 SP2, SP3, SUSE Linux Enterprise 11 and openSUSE 11.2 were updated to Firefox 3.5.6. openSUSE 11.0 and 11.1 were updated to Firefox 3.0.16. The following security issues were fixed: * CVE-2009-3982 Crashes with evidence of memory corruption CVSS v2 Base Score: 9.3 * CVE-2009-3388 Memory safety fixes in liboggplay media library CVSS v2 Base Score: 9.3 * CVE-2009-3389 Integer overflow, crash in libtheora video library CVSS v2 Base Score: 9.3 * CVE-2009-3983 NTLM reflection vulnerability CVSS v2 Base Score: 6.8 * CVE-2009-3985 Location bar spoofing vulnerabilities CVSS v2 Base Score: 6.8 * CVE-2009-3986 Privilege escalation via chrome window.opener CVSS v2 Base Score: 7.6
Platform: |
openSUSE 11.1 |
openSUSE 11.0 |
openSUSE 11.2 |