SUSE Linux 11 SP3 Security Advisory: Firefox Critical Update 2013:1152-1

suse

July 5, 2013

An update that fixes 9 vulnerabilities is now available

Summary

Mozilla Firefox has been updated to the 17.0.7 ESR version, which fixes bugs and security fixes. * MFSA 2013-49: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Gary Kwong, Jesse Ruderman, and Andrew McCreight reported memory safety problems and crashes that affect Firefox ESR 17, and Firefox 21. (CVE-2013-1682) * MFSA 2013-50: Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a series of use-after-free problems rated critical as security issues

Topics Covered

security advisory security update remote code execution important SUSE Linux memory safety Mozilla Firefox

References

#792432 #813026 #819204 #825935

Cross- CVE-2013-1682 CVE-2013-1684 CVE-2013-1685

CVE-2013-1686 CVE-2013-1687 CVE-2013-1690

CVE-2013-1692 CVE-2013-1693 CVE-2013-1697

Affected Products:

SUSE Linux Enterprise Software Development Kit 11 SP3

SUSE Linux Enterprise Server 11 SP3 for VMware

SUSE Linux Enterprise Server 11 SP3

SUSE Linux Enterprise Desktop 11 SP3

web content. - old MozillaMaintenance Service

registry entry not updated leading to Trusted Path

Privilege Escalation (CVE-2013-1673) - Possible Arbitrary

Code Execution by Update Service (CVE-2012-1942)

MFSA 2013-46 / CVE-2013-1674: Security researcher

Nils reported a use-after-free when resizing video while

playing. This could allow for arbitrary code execution.

MFSA 2013-47 / CVE-2013-1675: Mozilla community

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2013:1152-1

Rating: important

Topics Covered

security advisory security update remote code execution important SUSE Linux memory safety Mozilla Firefox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux 11 SP3 Security Advisory: Firefox Critical Update 2013:1152-1

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux 11 SP3 Security Advisory: Firefox Critical Update 2013:1152-1

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!