remote code execution in MozillaFirefox,MozillaThunderbird

ID SUSE-SA:2011:028
Type suse
Reporter Suse
Modified 2011-07-05T17:43:33


Mozilla Firefox and Thunderbird were updated to fix several security issues: * MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards * MFSA 2011-20/CVE-2011-2373 Use-after-free vulnerability when viewing XUL document with script disabled * MFSA 2011-21/CVE-2011-2377 Memory corruption due to multipart/x-mixed-replace images * MFSA 2011-22/CVE-2011-2371 Integer overflow and arbitrary code execution in Array.reduceRight() * MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 Multiple dangling pointer vulnerabilities * MFSA 2011-24/CVE-2011-2362 Cookie isolation error * MFSA 2011-25/CVE-2011-2366 Stealing of cross-domain images using WebGL textures * MFSA 2011-26/CVE-2011-2367 CVE-2011-2368 Multiple WebGL crashes * MFSA 2011-27/CVE-2011-2369 XSS encoding hazard with inline SVG * MFSA 2011-28/CVE-2011-2370 Non-whitelisted site can trigger xpinstall


There is no known workaround, please install the update packages.