openSUSE Security Update : firefox / thunderbird (openSUSE-2011-9)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

Mozilla Firefox and Thunderbird were updated to version 8.0 which
fixes several security vulnerabilities :

- MFSA 2011-52 - Code execution via NoWaiverWrapper
(CVE-2011-3655)

- MFSA 2011-51 - Cross-origin image theft on Mac with
integrated Intel GPU (CVE-2011-3653)

- MFSA 2011-50 - Cross-origin data theft using canvas and
Windows D2D (CVE-2011-3649)

- MFSA 2011-49 - Memory corruption while profiling using
Firebug (CVE-2011-3650)

- MFSA 2011-48 - Miscellaneous memory safety hazards
(rv:8.0) (CVE-2011-3651, CVE-2011-3652, CVE-2011-3654)

- MFSA 2011-47 - Potential XSS against sites using
Shift-JIS (CVE-2011-3648)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=707628
https://bugzilla.novell.com/show_bug.cgi?id=726758
https://bugzilla.novell.com/show_bug.cgi?id=728520

Solution :

Update the affected firefox / thunderbird packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now