SuseSUSE-SU-2012:0261-1Security update for Mozilla Firefox (critical)
0.13 Low
EPSS
Percentile
95.5%
MozillaFirefox was updated to 10.0.1 to fix critical bugs
and security issue.
The following security issue has been fixed:
CVE-2012-0452: Mozilla developers Andrew McCreight and Olli
Pettay found that ReadPrototypeBindings will leave a XBL
binding in a hash table even when the function fails. If
this occurs, when the cycle collector reads this hash
table and attempts to do a virtual method on this binding a
crash will occur. This crash may be potentially
exploitable.
Firefox 9 and earlier are not affected by this
vulnerability.
<a href=“https://www.mozilla.org/security/announce/2012/mfsa2012-10.h”>https://www.mozilla.org/security/announce/2012/mfsa2012-10.h</a>
tml
<<a href=“https://www.mozilla.org/security/announce/2012/mfsa2012-10”>https://www.mozilla.org/security/announce/2012/mfsa2012-10</a>.
html>
Security Issues:
- CVE-2012-0452
<<a href=“http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0452”>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0452</a>
>
Related
