Oval Definition:oval:org.mitre.oval:def:26273
Revision Date:2014-11-10Version:5
Title:SUSE-SU-2014:1112-2 -- Security update for MozillaFirefox
Description:Mozilla Firefox was updated to the 24.8.0ESR release, fixing securityissues and bugs.Only some of the published security advisories affect the Mozilla Firefox24ESR codestream: * MFSA 2014-72 / CVE-2014-1567: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free during text layout when interacting with the setting of text direction. This results in a use-after-free which can lead to arbitrary code execution. * MFSA 2014-67: Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence ofmemory corruption under certain circumstances, and we presume that withenough effort at least some of these could be exploited to run arbitrarycode. * Jan de Mooij reported a memory safety problem that affects Firefox ESR 24.7, ESR 31 and Firefox 31. (CVE-2014-1562)More information is referenced on:https://www.mozilla.org/security/announce/ .Security Issues: * CVE-2014-1562 * CVE-2014-1567
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2014-1562
CVE-2014-1567
SUSE-SU-2014:1112-2
Platform(s):SUSE Linux Enterprise Server 11
Product(s):MozillaFirefox
Definition Synopsis
  • SUSE Linux Enterprise Server 11.x is installed
  • AND Packages match section
  • MozillaFirefox RPM is earlier than 0:24.8.0esr-0.3.1
  • OR MozillaFirefox-translations RPM is earlier than 0:24.8.0esr-0.3.1
  • OR libfreebl3 RPM is earlier than 0:3.16.4-0.3.1
  • OR mozilla-nspr RPM is earlier than 0:4.10.7-0.3.1
  • OR mozilla-nss RPM is earlier than 0:3.16.4-0.3.1
  • OR mozilla-nss-tools RPM is earlier than 0:3.16.4-0.3.1
  • OR libfreebl3-32bit RPM is earlier than 0:3.16.4-0.3.1
  • OR mozilla-nspr-32bit RPM is earlier than 0:4.10.7-0.3.1
  • OR mozilla-nss-32bit RPM is earlier than 0:3.16.4-0.3.1
  • BACK