SUSE-SA:2009:034 -- SUSE MozillaFirefox remote code executionID: oval:org.secpod.oval:def:400085 | Date: (C)2012-01-31 (M)2024-02-08 |
Class: PATCH | Family: unix |
The Mozilla Firefox browser was updated to version 3.0.11, fixing various bugs and security issues: * CVE-2009-1833 Crashes with evidence of memory corruption * CVE-2009-1834 URL spoofing with invalid unicode characters * CVE-2009-1835 Arbitrary domain cookie access by local file: resources * CVE-2009-1836 SSL tampering via non-200 responses to proxy CONNECT requests * CVE-2009-1837 Race condition while accessing the private data of a NPObject JS wrapper class object * CVE-2009-1838 Arbitrary code execution using event listeners attached to an element whose owner document is null * CVE-2009-1839 Incorrect principal set for file: resources loaded via location bar * CVE-2009-1840 XUL scripts bypass content-policy checks * CVE-2009-1841 JavaScript chrome privilege escalation
Platform: |
openSUSE 11.1 |
openSUSE 11.0 |