SuSE 10 Security Update : XULRunner (ZYPP Patch Number 6736)
High Nessus Plugin ID 43399
The remote SuSE 10 host is missing a security-related patch.
The Mozilla XULRunner engine was updated to version 184.108.40.206, fixing lots of bugs and various security issues. The following issues were fixed : - Crashes with evidence of memory corruption (220.127.116.11). (MFSA 2009-65 / CVE-2009-3979 / CVE-2009-3981) - (bmo#487872) NTLM reflection vulnerability. (MFSA 2009-68 / CVE-2009-3983) - (bmo#521461, bmo#514232) Location bar spoofing vulnerabilities. (MFSA 2009-69 / CVE-2009-3984 / CVE-2009-3985) - (bmo#522430) Privilege escalation via chrome window.opener. (MFSA 2009-70 / CVE-2009-3986)