The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines.
Novell Linux Desktop 9 for x86 Novell Linux Desktop 9 for x86_64 Open Enterprise Server openSUSE 10.3 openSUSE 11.0 openSUSE 11.1 openSUSE Tumbleweed SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Linux Enterprise SDK 10 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Manager Proxy 4.0 SUSE Manager Retail Branch Server 4.0 SUSE Manager Server 4.0