SUSE update for MozillaFirefox - Advisories

Software Inspectors

	Scan Online

	Personal (PSI)

	Network (NSI 2.0) - NEW -

Solutions For

	Security Professionals

	Security Vendors

Free Solutions For

	Open Communities

	Journalists & Media

Secunia Advisories

	Search

	Historic Advisories

	Listed By Product

	Listed By Vendor

	Statistics / Graphs

	Secunia Research

	Report Vulnerability

	About Advisories

Virus Information

	Chronological List

	Last 10 Virus Alerts

	About Virus Information

Secunia Customers

	Customer Area

SUSE update for MozillaFirefox

Secunia Advisory:	SA29645
Release Date:	2008-04-04

Critical:	Highly critical
Impact:	Security Bypass Cross Site Scripting Spoofing Exposure of sensitive information System access
Where:	From remote
Solution Status:	Vendor Patch

OS:	openSUSE 10.2 openSUSE 10.3 SUSE Linux 10.1 SUSE Linux Enterprise Server 10


CVE reference:	CVE-2007-4879 (Secunia mirror) CVE-2008-1195 (Secunia mirror) CVE-2008-1233 (Secunia mirror) CVE-2008-1234 (Secunia mirror) CVE-2008-1235 (Secunia mirror) CVE-2008-1236 (Secunia mirror) CVE-2008-1237 (Secunia mirror) CVE-2008-1238 (Secunia mirror) CVE-2008-1240 (Secunia mirror) CVE-2008-1241 (Secunia mirror)

	Want to know the next time vulnerabilities are fixed in this product? - Companies can be alerted via email and SMS!

Description: SUSE has issued an update for MozillaFirefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system. For more information: SA29526 Solution: Apply updated packages. x86 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.../MozillaFirefox-2.0.0.13-0.1.i586.rpm 51d8a8c8edb273d218f953594c6ddf3c ftp://ftp.suse.com/pub/suse/update/10...ox-translations-2.0.0.13-0.1.i586.rpm 5e251d0f4081b0a85426c3980dfab1de SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.../MozillaFirefox-2.0.0.13-0.2.i586.rpm b499f3f8d9ba4256252061aab28f0c6a ftp://ftp.suse.com/pub/suse/update/10...ox-translations-2.0.0.13-0.2.i586.rpm 91503917ccefab19dbc15c1278b74e87 openSUSE 10.3: http://download.opensuse.org/pub/open.../MozillaFirefox-2.0.0.13-0.1.i586.rpm 69a8dea7a11bf49d2904ae6f9d97ae6b http://download.opensuse.org/pub/open...ox-translations-2.0.0.13-0.1.i586.rpm bb6cb21d18921ccbd5beeb3168f9534e Power PC Platform: openSUSE 10.3: http://download.opensuse.org/pub/open...c/MozillaFirefox-2.0.0.13-0.1.ppc.rpm c71b7bfc6208f1325d38709203b4b499 http://download.opensuse.org/pub/open...fox-translations-2.0.0.13-0.1.ppc.rpm e930fd3b905d3e4ffa8700a7fe640de3 openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10...c/MozillaFirefox-2.0.0.13-0.1.ppc.rpm 0a33a67ae69a50ffbadd8a048faff6b8 ftp://ftp.suse.com/pub/suse/update/10...fox-translations-2.0.0.13-0.1.ppc.rpm 3fdead7625dc869721a03253d3906792 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10...c/MozillaFirefox-2.0.0.13-0.2.ppc.rpm 9216457807f5d91115002460b9e5085f ftp://ftp.suse.com/pub/suse/update/10...fox-translations-2.0.0.13-0.2.ppc.rpm 6ac3fddcccee1effd9a50abb3a391a83 x86-64 Platform: openSUSE 10.3: http://download.opensuse.org/pub/open...ozillaFirefox-2.0.0.13-0.1.x86_64.rpm 5400995c1eb085079dbb9a4d481cc532 http://download.opensuse.org/pub/open...-translations-2.0.0.13-0.1.x86_64.rpm d6e6d70d5bc2be14bd3c855826a5a963 openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10...ozillaFirefox-2.0.0.13-0.1.x86_64.rpm 827cf91765f9b3e32642199902199e04 ftp://ftp.suse.com/pub/suse/update/10...-translations-2.0.0.13-0.1.x86_64.rpm 6f637200918e4ef723fe738294d506aa Sources: openSUSE 10.3: http://download.opensuse.org/pub/open...c/MozillaFirefox-2.0.0.13-0.1.src.rpm 1d730e60aeea0a130c4f5ffd938e987d openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10...c/MozillaFirefox-2.0.0.13-0.1.src.rpm fe6559ddb5339d0192bb1dc18e4ad3b7 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10...c/MozillaFirefox-2.0.0.13-0.2.src.rpm 3e764986a1f07439e43d58046333ab55 Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/ad3e48b131593041b00e35f46ab10b61.html SUSE Linux Enterprise Server 10 SP1 http://support.novell.com/techcenter/psdb/582b39035a906e2902717de1327b2cf2.html SUSE Linux Enterprise Desktop 10 SP1 http://support.novell.com/techcenter/psdb/582b39035a906e2902717de1327b2cf2.html Original Advisory: http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html Other References: SA29526: http://secunia.com/advisories/29526/



Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

192 Related Secunia Security Advisories, displaying 10

1. SUSE Update for Multiple Packages

2. SUSE Update for Multiple Packages

3. SUSE update for OpenOffice_org

4. SUSE update for IBM Java

5. SUSE update for clamav

6. SUSE update for flash-player

7. SUSE update for openssh and opera

8. SUSE update for cups

9. SUSE update for apache and apache2

10. SUSE Updates for Multiple Packages

Show all related advisories

Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Debian OpenSSL Predictable Random Number Generator and Update

2.	Microsoft Word Two Code Execution Vulnerabilities

3.	Microsoft Publisher Object Handler Validation Vulnerability

4.	Microsoft Malware Protection Engine File Parsing Denial of Service

5.	Microsoft Windows XP I2O Utility Filter Driver Privilege Escalation

6.	Ubuntu update for openssl

7.	Novell Client Login Long Username/Contex t Buffer Overflow

8.	Citrix Access Gateway Unspecified Authentication Bypass

9.	Gentoo update for aterm, eterm, rxvt, mrxvt, multi-aterm, wterm, and rxvt-unicode

10.	ZyXEL ZyWALL 100 "Referer" Cross-Site Scripting Vulnerability