MozillaFirefox to 10.0.1 (critical)

ID OPENSUSE-SU-2012:0258-1
Type suse
Reporter Suse
Modified 2012-02-14T20:08:25


MozillaFirefox was updated to 10.0.1 to fix critical bugs and security issue.

Following security issue was fixed: CVE-2012-0452: Mozilla developers Andrew McCreight and Olli Pettay found that ReadPrototypeBindings will leave a XBL binding in a hash table even when the function fails. If this occurs, when the cycle collector reads this hash table and attempts to do a virtual method on this binding a crash will occur. This crash may be potentially exploitable.

Firefox 9 and earlier are not affected by this vulnerability.

<a rel="nofollow" href=""></a> tml