VULNERABILITIES / FIXES - April 30, 2012

by Carol~ Moderator - 4/30/12 8:01 AM

SUSE update for MozillaFirefox, MozillaThunderbird, seamonkey, and xulrunner

Release Date : 2012-04-30

Criticality level : Highly critical
Impact : Security Bypass
Cross Site Scripting
Spoofing
Exposure of system information
Exposure of sensitive information
System access
Where : From remote
Solution Status : Vendor Patch

Operating System: openSUSE 11.4
openSUSE 12.1

Description:
SUSE has issued an update for MozillaFirefox, MozillaThunderbird, seamonkey, and xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose certain system and sensitive information, bypass certain security restrictions, and compromise a user's system.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2012:0567-1:
http://lists.opensuse.org/opensuse-updates/2012-04/msg00066.html

http://secunia.com/advisories/49055/