New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 5.9
Synopsis
The remote openSUSE host is missing a security update.
Description
MozillaFirefox was updated to Firefox 21.0 (bnc#819204)
- MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards
- MFSA 2013-42/CVE-2013-1670 (bmo#853709) Privileged access for content level constructor
- MFSA 2013-43/CVE-2013-1671 (bmo#842255) File input control has access to full path
- MFSA 2013-46/CVE-2013-1674 (bmo#860971) Use-after-free with video and onresize event
- MFSA 2013-47/CVE-2013-1675 (bmo#866825) Uninitialized functions in DOMSVGZoomEvent
- MFSA 2013-48/CVE-2013-1676/CVE-2013-1677/CVE-2013-1678/ CVE-2013-1679/CVE-2013-1680/CVE-2013-1681 Memory corruption found using Address Sanitizer
Changes in MozillaFirefox-branding-openSUSE :
- modified file locations for Firefox 21 and above
- added DuckDuckGo as search option (bnc#801121)
Solution
Update the affected MozillaFirefox packages.