SuSE 10 Security Update : XULRunner (ZYPP Patch Number 6734)
High Nessus Plugin ID 49898
The remote SuSE 10 host is missing a security-related patch.
The Mozilla XULRunner engine was updated to version 220.127.116.11, fixing lots of bugs and various security issues. The following issues were fixed : - Crashes with evidence of memory corruption (18.104.22.168). (MFSA 2009-65 / CVE-2009-3979 / CVE-2009-3981) - (bmo#487872) NTLM reflection vulnerability. (MFSA 2009-68 / CVE-2009-3983) - (bmo#521461,bmo#514232) Location bar spoofing vulnerabilities. (MFSA 2009-69 / CVE-2009-3984 / CVE-2009-3985) - (bmo#522430) Privilege escalation via chrome window.opener. (MFSA 2009-70 / CVE-2009-3986)