MDVSA-2013:024 -- Mandriva firefoxID: oval:org.secpod.oval:def:1300171 | Date: (C)2013-03-22 (M)2023-12-07 |
Class: PATCH | Family: unix |
A security issue was identified and fixed in mozilla firefox: VUPEN Security, via TippingPoint's Zero Day Initiative, reported a use-after-free within the HTML editor when content script is run by the document.execCommand function while internal editor operations are occurring. This could allow for arbitrary code execution . The mozilla firefox packages has been upgraded to the latest ESR version which is unaffected by this security flaw.
Platform: |
Mandriva Enterprise Server 5.2 |