SUSE: 2017:2589-1 Important: MozillaFirefox Update for Web Threats

suse

September 28, 2017

An update that fixes 16 vulnerabilities is now available

Summary

This update for MozillaFirefox to ESR 52.3 fixes several issues. These security issues were fixed: - CVE-2017-7807 Domain hijacking through AppCache fallback (bsc#1052829) - CVE-2017-7791 Spoofing following page navigation with data: protocol and modal alerts (bsc#1052829) - CVE-2017-7792 Buffer overflow viewing certificates with an extremely long OID (bsc#1052829) - CVE-2017-7782 WindowsDllDetourPatcher allocates memory without DEP protections (bsc#1052829) - CVE-2017-7787 Same-origin policy bypass with iframes through page reloads (bsc#1052829) - CVE-2017-7786 Buffer overflow while painting non-displayable SVG (bsc#1052829) - CVE-2017-7785 Buffer overflow manipulating ARIA attributes in DOM (bsc#1052829) - CVE-2017-7784 Use-after-free with image observers (bsc#1052829)

Topics Covered

security advisory security issue update important SUSE web threat MozillaFirefox

References

#1052829

Cross- CVE-2017-7753 CVE-2017-7779 CVE-2017-7782

CVE-2017-7784 CVE-2017-7785 CVE-2017-7786

CVE-2017-7787 CVE-2017-7791 CVE-2017-7792

CVE-2017-7798 CVE-2017-7800 CVE-2017-7801

CVE-2017-7802 CVE-2017-7803 CVE-2017-7804

CVE-2017-7807

Affected Products:

SUSE OpenStack Cloud 6

SUSE Linux Enterprise Software Development Kit 12-SP3

SUSE Linux Enterprise Software Development Kit 12-SP2

SUSE Linux Enterprise Server for SAP 12-SP1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2

SUSE Linux Enterprise Server 12-SP3

SUSE Linux Enterprise Server 12-SP2

SUSE Linux Enterprise Server 12-SP1-LTSS

SUSE Linux Enterprise Server 12-LTSS

SUSE Linux Enterprise Desktop 12-SP3

SUSE Linu...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2017:2589-1

Rating: important

Topics Covered

security advisory security issue update important SUSE web threat MozillaFirefox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2017:2589-1 Important: MozillaFirefox Update for Web Threats

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2017:2589-1 Important: MozillaFirefox Update for Web Threats

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!