OVAL Reference oval:org.opensuse.security:def:79923

Oval Definition:

oval:org.opensuse.security:def:79923

Revision Date:	2013-09-19	Version:	1
Title:	Security update for Mozilla Firefox
Description:	This update to Firefox 17.0.9esr (bnc#840485) addresses: * * MFSA 2013-91 User-defined properties on DOM proxies get the wrong 'this' object o (CVE-2013-1737) * MFSA 2013-90 Memory corruption involving scrolling o use-after-free in mozilla::layout::ScrollbarActivity (CVE-2013-1735) o Memory corruption in nsGfxScrollFrameInner::IsLTR() (CVE-2013-1736) * MFSA 2013-89 Buffer overflow with multi-column, lists, and floats o buffer overflow at nsFloatManager::GetFlowArea() with multicol, list, floats (CVE-2013-1732) * MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes o compartment mismatch in nsXBLBinding::DoInitJSClass (CVE-2013-1730) * MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification o MAR signature bypass in Updater could lead to downgrade (CVE-2013-1726) * MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption o ABORT: bad scope for new JSObjects: ReparentWrapper / document.open (CVE-2013-1725) * MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning o Heap-use-after-free in nsAnimationManager::BuildAnimations (CVE-2013-1722) * MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9) o Memory safety bugs fixed in Firefox 17.0.9 and Firefox 24.0 (CVE-2013-1718) * MFSA 2013-65 Buffer underflow when generating CRMF requests o ASAN heap-buffer-overflow (read 1) in cryptojs_interpret_key_gen_type (CVE-2013-1705) Security Issue references: * CVE-2013-1737 * CVE-2013-1735 * CVE-2013-1736 * CVE-2013-1732 * CVE-2013-1730 * CVE-2013-1726 * CVE-2013-1725 * CVE-2013-1722 * CVE-2013-1718 * CVE-2013-1705
Family:	unix	Class:	patch
Status:		Reference(s):	840485 CVE-2013-1705 CVE-2013-1718 CVE-2013-1722 CVE-2013-1725 CVE-2013-1726 CVE-2013-1730 CVE-2013-1732 CVE-2013-1735 CVE-2013-1736 CVE-2013-1737 SUSE-SU-2015:0446-1
Platform(s):	SUSE Linux Enterprise Desktop 11 SP3	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-17.0.9esr-0.7.1 is installed OR MozillaFirefox-translations-17.0.9esr-0.7.1 is installed

BACK