SUSE 2013:0471-1 Critical: Firefox Security Fix for Code Exec
suse
March 15, 2013
An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata is ...
Summary
MozillaFirefox has been updated to the 17.0.4ESR release. Besides the major version update from the 10ESR stable release line to the 17ESR stable release line, this update brings critical security and bugfixes: * MFSA 2013-29 / CVE-2013-0787: VUPEN Security, via TippingPoint's Zero Day Initiative, reported a use-after-free within the HTML editor when content script is run by the document.execCommand() function while internal editor operations are occurring. This could allow for arbitrary code execution. The Firefox 17.0.3ESR release also contains lots of security fixes: * MFSA 2013-28: Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a series of use-after-free, out of bounds read, and buffer overflow
References
#804248 #808243
Cross- CVE-2013-0787
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
https://www.suse.com/security/cve/CVE-2013-0787.html
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2013:0471-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!