openSUSE Security Update : MozillaFirefox (MozillaFirefox-5799)
High Nessus Plugin ID 75952
SynopsisThe remote openSUSE host is missing a security update.
DescriptionMozillaFirefox was updated to 10.0.1 to fix critical bugs and security issue.
Following security issue was fixed: CVE-2012-0452: Mozilla developers Andrew McCreight and Olli Pettay found that ReadPrototypeBindings will leave a XBL binding in a hash table even when the function fails. If this occurs, when the cycle collector reads this hash table and attempts to do a virtual method on this binding a crash will occur.
This crash may be potentially exploitable.
Firefox 9 and earlier are not affected by this vulnerability.
SolutionUpdate the affected MozillaFirefox packages.