SuSE Update For MozillaFirefox OpenSUSE-SU-2012:0258-1 (MozillaFirefox) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

MozillaFirefox was updated to 10.0.1 to fix critical bugs and security issue. Following security issue was fixed: CVE-2012-0452: Mozilla developers Andrew McCreight and Olli Pettay found that ReadPrototypeBindings will leave a XBL binding in a hash table even when the function fails. If this occurs, when the cycle collector reads this hash table and attempts to do a virtual method on this binding a crash will occur. This crash may be potentially exploitable. Firefox 9 and earlier are not affected by this vulnerability.

Affected

MozillaFirefox on openSUSE 11.4

Severity

Classification

CVE CVE-2012-0452

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

SLES10: Security update for ipsec-tools
SLES10: Security update for nagios
SLES10: Security update for id3lib
SLES10: Security update for CUPS
SLES10: Security update for librpcsecgss

SuSE Update for MozillaFirefox openSUSE-SU-2012:0258-1 (MozillaFirefox)

Take action and discover your vulnerabilities