Oval Definition:oval:org.opensuse.security:def:65162
Revision Date:2020-12-01Version:1
Title:Security update for MozillaFirefox (Important)
Description:

This update for MozillaFirefox fixes the following issues:

- Mozilla Firefox Firefox 60.7.2 MFSA 2019-19 (bsc#1138872)

- CVE-2019-11708: Fix sandbox escape using Prompt:Open. * Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes could result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer.

Family:unixClass:patch
Status:Reference(s):1138872
1160305
1160498
CVE-2019-11708
CVE-2019-17015
CVE-2019-17016
CVE-2019-17017
CVE-2019-17021
CVE-2019-17022
CVE-2019-17024
CVE-2019-17026
SUSE-SU-2019:1682-1
SUSE-SU-2020:0078-1
Platform(s):SUSE Linux Enterprise Module for Desktop Applications 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • MozillaFirefox-60.7.2-3.48 is installed
  • OR MozillaFirefox-devel-60.7.2-3.48 is installed
  • OR MozillaFirefox-translations-common-60.7.2-3.48 is installed
  • OR MozillaFirefox-translations-other-60.7.2-3.48 is installed
    • BACK