Upstream information
Description
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
| National Vulnerability Database | |
|---|---|
| Base Score | 9.3 |
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
| Access Vector | Network |
| Access Complexity | Medium |
| Authentication | None |
| Confidentiality Impact | Complete |
| Integrity Impact | Complete |
| Availability Impact | Complete |
- SUSE-SA:2010:049, published Tue, 12 Oct 2010 13:00:00 +0000
- SUSE-SA:2010:056, published Mon, 08 Nov 2010 09:00:00 +0000
- openSUSE-SU-2014:1100-1, published Tue, 9 Sep 2014 18:04:16 +0200 (CEST)
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| SUSE Linux Enterprise Desktop 12 |
| Patchnames: SUSE Linux Enterprise Desktop 12 GA MozillaFirefox |
| SUSE Linux Enterprise Desktop 12 SP1 |
| Patchnames: SUSE Linux Enterprise Desktop 12 SP1 GA MozillaFirefox |
| SUSE Linux Enterprise Desktop 12 SP2 |
| Patchnames: SUSE Linux Enterprise Desktop 12 SP2 GA MozillaFirefox |
| SUSE Linux Enterprise Desktop 12 SP3 |
| Patchnames: SUSE Linux Enterprise Desktop 12 SP3 GA MozillaFirefox |
| SUSE Linux Enterprise Desktop 12 SP4 |
| Patchnames: SUSE Linux Enterprise Desktop 12 SP4 GA MozillaFirefox |
| SUSE Linux Enterprise Module for Desktop Applications 15 |
| Patchnames: SUSE Linux Enterprise Module for Desktop Applications 15 GA MozillaFirefox |
| SUSE Linux Enterprise Server 11 |
| Patchnames: slessp0-MozillaFirefox |
| SUSE Linux Enterprise Server 11 SP1 |
| Patchnames: slessp1-MozillaFirefox |
| SUSE Linux Enterprise Server 11 SP2 |
| Patchnames: SUSE Linux Enterprise Server 11 SP2 GA MozillaFirefox SUSE Linux Enterprise Server 11 SP2 GA mozilla-xulrunner192 |
| SUSE Linux Enterprise Server 11 SP3 |
| Patchnames: SUSE Linux Enterprise Server 11 SP3 GA MozillaFirefox SUSE Linux Enterprise Server 11 SP3 GA mozilla-xulrunner192 |
| SUSE Linux Enterprise Server 11 SP4 |
| Patchnames: SUSE Linux Enterprise Server 11 SP4 GA MozillaFirefox SUSE Linux Enterprise Server 11 SP4 GA mozilla-xulrunner192 |
| SUSE Linux Enterprise Server 12 |
| Patchnames: SUSE Linux Enterprise Server 12 GA MozillaFirefox |
| SUSE Linux Enterprise Server 12 SP1 |
| Patchnames: SUSE Linux Enterprise Server 12 SP1 GA MozillaFirefox |
| SUSE Linux Enterprise Server 12 SP2 |
| Patchnames: SUSE Linux Enterprise Server 12 SP2 GA MozillaFirefox |
| SUSE Linux Enterprise Server 12 SP3 |
| Patchnames: SUSE Linux Enterprise Server 12 SP3 GA MozillaFirefox |
| SUSE Linux Enterprise Server 12 SP4 |
| Patchnames: SUSE Linux Enterprise Server 12 SP4 GA MozillaFirefox |
| SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 |
| Patchnames: SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA MozillaFirefox |
| SUSE Linux Enterprise Server for SAP Applications 11 |
| Patchnames: slessp0-MozillaFirefox |
| SUSE Linux Enterprise Software Development Kit 11 SP4 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 11 SP4 GA MozillaFirefox-devel SUSE Linux Enterprise Software Development Kit 11 SP4 GA mozilla-xulrunner192-devel |
| SUSE Linux Enterprise Software Development Kit 12 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 12 GA MozillaFirefox-devel |
| SUSE Linux Enterprise Software Development Kit 12 SP1 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP1 GA MozillaFirefox-devel |
| SUSE Linux Enterprise Software Development Kit 12 SP2 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP2 GA MozillaFirefox-devel |
| SUSE Linux Enterprise Software Development Kit 12 SP3 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP3 GA MozillaFirefox-devel |
| SUSE Linux Enterprise Software Development Kit 12 SP4 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP4 GA MozillaFirefox-devel |
| SUSE Linux Enterprise Workstation Extension 15 |
| Patchnames: SUSE Linux Enterprise Workstation Extension 15 GA MozillaThunderbird |
| SUSE Linux Enterprise Workstation Extension 15 SP1 |
| Patchnames: SUSE Linux Enterprise Workstation Extension 15 SP1 GA MozillaThunderbird |
| openSUSE 11.1 |
| |
| openSUSE 11.1 |
| |
| openSUSE 11.2 openSUSE 11.3 |
| |
| openSUSE 11.2 |
| |
| openSUSE 11.3 |
| |
| SUSE Linux Enterprise SDK 11 GA |
|
sled11.x86-64 sles11.x86-64 sle11-sdk.x86-64 sles11.ppc sle11-sdk.x86 sles11.ia64 sle11-sdk.ppc sled11.x86 sles11.x86 sles11.s390x sle11-sdk.s390x sle11-sdk.ia64 SAT Patch Nr: 3159 |
| SUSE Linux Enterprise SDK 11 GA |
|
sled11.x86-64 sles11.x86-64 sle11-sdk.x86-64 sles11.ppc sle11-sdk.x86 sles11.ia64 sle11-sdk.ppc sled11.x86 sles11.x86 sles11.s390x sle11-sdk.s390x sle11-sdk.ia64 SAT Patch Nr: 3159 |
| SUSE Linux Enterprise SDK 11 GA |
|
sled11.x86-64 sles11.x86-64 sle11-sdk.x86-64 sles11.ppc sle11-sdk.x86 sles11.ia64 sle11-sdk.ppc sled11.x86 sles11.x86 sles11.s390x sle11-sdk.s390x sle11-sdk.ia64 SAT Patch Nr: 3159 |
| SUSE Linux Enterprise Desktop 11 GA SUSE Linux Enterprise Server 11 GA |
|
sled11.x86-64 sles11.x86-64 sle11-sdk.x86-64 sles11.ppc sle11-sdk.x86 sles11.ia64 sle11-sdk.ppc sled11.x86 sles11.x86 sles11.s390x sle11-sdk.s390x sle11-sdk.ia64 SAT Patch Nr: 3159 |
| SUSE Linux Enterprise Desktop 11 GA |
|
sled11.x86-64 sles11.x86-64 sle11-sdk.x86-64 sles11.ppc sle11-sdk.x86 sles11.ia64 sle11-sdk.ppc sled11.x86 sles11.x86 sles11.s390x sle11-sdk.s390x sle11-sdk.ia64 SAT Patch Nr: 3159 |
| SUSE Linux Enterprise Server 11 GA |
|
sled11.x86-64 sles11.x86-64 sle11-sdk.x86-64 sles11.ppc sle11-sdk.x86 sles11.ia64 sle11-sdk.ppc sled11.x86 sles11.x86 sles11.s390x sle11-sdk.s390x sle11-sdk.ia64 SAT Patch Nr: 3159 |
| SUSE Linux Enterprise Server 11 GA |
|
sled11.x86-64 sles11.x86-64 sle11-sdk.x86-64 sles11.ppc sle11-sdk.x86 sles11.ia64 sle11-sdk.ppc sled11.x86 sles11.x86 sles11.s390x sle11-sdk.s390x sle11-sdk.ia64 SAT Patch Nr: 3159 |
| SUSE Linux Enterprise Software Development Kit 11 SP1 |
|
sles11-sp1-vmware.x86 sles11-sp1-vmware.x86-64 sle11-sp1-sdk.ia64 sles11-sp1.x86-64 sled11-sp1.x86 sles11-sp1.ppc sles11-sp1.s390x sle11-sp1-sdk.ppc sles11-sp1.ia64 sle11-sp1-sdk.x86 sle11-sp1-sdk.s390x sled11-sp1.x86-64 sle11-sp1-sdk.x86-64 sles11-sp1.x86 SAT Patch Nr: 3419 |
| SUSE Linux Enterprise Software Development Kit 11 SP1 |
|
sles11-sp1-vmware.x86 sles11-sp1-vmware.x86-64 sle11-sp1-sdk.ia64 sles11-sp1.x86-64 sled11-sp1.x86 sles11-sp1.ppc sles11-sp1.s390x sle11-sp1-sdk.ppc sles11-sp1.ia64 sle11-sp1-sdk.x86 sle11-sp1-sdk.s390x sled11-sp1.x86-64 sle11-sp1-sdk.x86-64 sles11-sp1.x86 SAT Patch Nr: 3419 |
| SUSE Linux Enterprise Software Development Kit 11 SP1 |
|
sles11-sp1-vmware.x86 sles11-sp1-vmware.x86-64 sle11-sp1-sdk.ia64 sles11-sp1.x86-64 sled11-sp1.x86 sles11-sp1.ppc sles11-sp1.s390x sle11-sp1-sdk.ppc sles11-sp1.ia64 sle11-sp1-sdk.x86 sle11-sp1-sdk.s390x sled11-sp1.x86-64 sle11-sp1-sdk.x86-64 sles11-sp1.x86 SAT Patch Nr: 3419 |
| SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware |
|
sles11-sp1-vmware.x86 sles11-sp1-vmware.x86-64 sle11-sp1-sdk.ia64 sles11-sp1.x86-64 sled11-sp1.x86 sles11-sp1.ppc sles11-sp1.s390x sle11-sp1-sdk.ppc sles11-sp1.ia64 sle11-sp1-sdk.x86 sle11-sp1-sdk.s390x sled11-sp1.x86-64 sle11-sp1-sdk.x86-64 sles11-sp1.x86 SAT Patch Nr: 3419 |
| SUSE Linux Enterprise Desktop 11 SP1 |
|
sles11-sp1-vmware.x86 sles11-sp1-vmware.x86-64 sle11-sp1-sdk.ia64 sles11-sp1.x86-64 sled11-sp1.x86 sles11-sp1.ppc sles11-sp1.s390x sle11-sp1-sdk.ppc sles11-sp1.ia64 sle11-sp1-sdk.x86 sle11-sp1-sdk.s390x sled11-sp1.x86-64 sle11-sp1-sdk.x86-64 sles11-sp1.x86 SAT Patch Nr: 3419 |
| SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware |
|
sles11-sp1-vmware.x86 sles11-sp1-vmware.x86-64 sle11-sp1-sdk.ia64 sles11-sp1.x86-64 sled11-sp1.x86 sles11-sp1.ppc sles11-sp1.s390x sle11-sp1-sdk.ppc sles11-sp1.ia64 sle11-sp1-sdk.x86 sle11-sp1-sdk.s390x sled11-sp1.x86-64 sle11-sp1-sdk.x86-64 sles11-sp1.x86 SAT Patch Nr: 3419 |
| SUSE Linux Enterprise Server 11 SP1 |
|
sles11-sp1-vmware.x86 sles11-sp1-vmware.x86-64 sle11-sp1-sdk.ia64 sles11-sp1.x86-64 sled11-sp1.x86 sles11-sp1.ppc sles11-sp1.s390x sle11-sp1-sdk.ppc sles11-sp1.ia64 sle11-sp1-sdk.x86 sle11-sp1-sdk.s390x sled11-sp1.x86-64 sle11-sp1-sdk.x86-64 sles11-sp1.x86 SAT Patch Nr: 3419 |
| SUSE Linux Enterprise 11 Moblin 2.1 |
| SAT Patch Nr: 3420 |
| openSUSE 11.1 |
| |
| openSUSE 11.1 openSUSE 11.2 openSUSE 11.3 |
| |
| openSUSE 11.2 openSUSE 11.3 |
| |
| openSUSE 11.1 |
| |
| openSUSE 11.1 |
| |
| openSUSE 11.2 |
| |
| openSUSE 11.2 |
| |
| openSUSE 11.3 |
| |
| openSUSE 11.3 |
| |
| openSUSE 11.1 |
| |
| openSUSE 11.1 openSUSE 11.2 openSUSE 11.3 |
| |
| openSUSE 11.2 openSUSE 11.3 |
| |
| SUSE Linux Enterprise Software Development Kit 11 SP1 |
|
sled11-sp1.x86-64 sles11-sp1-vmware.x86-64 sles11-sp1.x86-64 sles11-sp1-vmware.x86 sle11-sp1-sdk.x86 sles11-sp1.ia64 sles11-sp1.x86 sle11-sp1-sdk.ppc sle11-sp1-sdk.ia64 sles11-sp1-vmware.x86 sles11-sp1.s390x sles11-sp1.ppc sle11-sp1-sdk.s390x sle11-sp1-sdk.x86-64 sled11-sp1.x86 SAT Patch Nr: 3160 |
| SUSE Linux Enterprise Software Development Kit 11 SP1 |
|
sled11-sp1.x86-64 sles11-sp1-vmware.x86-64 sles11-sp1.x86-64 sles11-sp1-vmware.x86 sle11-sp1-sdk.x86 sles11-sp1.ia64 sles11-sp1.x86 sle11-sp1-sdk.ppc sle11-sp1-sdk.ia64 sles11-sp1-vmware.x86 sles11-sp1.s390x sles11-sp1.ppc sle11-sp1-sdk.s390x sle11-sp1-sdk.x86-64 sled11-sp1.x86 SAT Patch Nr: 3160 |
| SUSE Linux Enterprise Software Development Kit 11 SP1 |
|
sled11-sp1.x86-64 sles11-sp1-vmware.x86-64 sles11-sp1.x86-64 sles11-sp1-vmware.x86 sle11-sp1-sdk.x86 sles11-sp1.ia64 sles11-sp1.x86 sle11-sp1-sdk.ppc sle11-sp1-sdk.ia64 sles11-sp1-vmware.x86 sles11-sp1.s390x sles11-sp1.ppc sle11-sp1-sdk.s390x sle11-sp1-sdk.x86-64 sled11-sp1.x86 SAT Patch Nr: 3160 |
| SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware |
|
sled11-sp1.x86-64 sles11-sp1-vmware.x86-64 sles11-sp1.x86-64 sles11-sp1-vmware.x86 sle11-sp1-sdk.x86 sles11-sp1.ia64 sles11-sp1.x86 sle11-sp1-sdk.ppc sle11-sp1-sdk.ia64 sles11-sp1-vmware.x86 sles11-sp1.s390x sles11-sp1.ppc sle11-sp1-sdk.s390x sle11-sp1-sdk.x86-64 sled11-sp1.x86 SAT Patch Nr: 3160 |
| SUSE Linux Enterprise Desktop 11 SP1 |
|
sled11-sp1.x86-64 sles11-sp1-vmware.x86-64 sles11-sp1.x86-64 sles11-sp1-vmware.x86 sle11-sp1-sdk.x86 sles11-sp1.ia64 sles11-sp1.x86 sle11-sp1-sdk.ppc sle11-sp1-sdk.ia64 sles11-sp1-vmware.x86 sles11-sp1.s390x sles11-sp1.ppc sle11-sp1-sdk.s390x sle11-sp1-sdk.x86-64 sled11-sp1.x86 SAT Patch Nr: 3160 |
| SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware |
|
sled11-sp1.x86-64 sles11-sp1-vmware.x86-64 sles11-sp1.x86-64 sles11-sp1-vmware.x86 sle11-sp1-sdk.x86 sles11-sp1.ia64 sles11-sp1.x86 sle11-sp1-sdk.ppc sle11-sp1-sdk.ia64 sles11-sp1-vmware.x86 sles11-sp1.s390x sles11-sp1.ppc sle11-sp1-sdk.s390x sle11-sp1-sdk.x86-64 sled11-sp1.x86 SAT Patch Nr: 3160 |
| SUSE Linux Enterprise Server 11 SP1 |
|
sled11-sp1.x86-64 sles11-sp1-vmware.x86-64 sles11-sp1.x86-64 sles11-sp1-vmware.x86 sle11-sp1-sdk.x86 sles11-sp1.ia64 sles11-sp1.x86 sle11-sp1-sdk.ppc sle11-sp1-sdk.ia64 sles11-sp1-vmware.x86 sles11-sp1.s390x sles11-sp1.ppc sle11-sp1-sdk.s390x sle11-sp1-sdk.x86-64 sled11-sp1.x86 SAT Patch Nr: 3160 |
| SUSE Linux Enterprise SDK 11 GA |
|
sles11.ia64 sled11.x86-64 sled11.x86 sle11-sdk.ppc sles11.s390x sle11-sdk.ia64 sle11-sdk.x86-64 sle11-sdk.x86 sles11.x86 sles11.ppc sles11.x86-64 sle11-sdk.s390x SAT Patch Nr: 3417 |
| SUSE Linux Enterprise SDK 11 GA |
|
sles11.ia64 sled11.x86-64 sled11.x86 sle11-sdk.ppc sles11.s390x sle11-sdk.ia64 sle11-sdk.x86-64 sle11-sdk.x86 sles11.x86 sles11.ppc sles11.x86-64 sle11-sdk.s390x SAT Patch Nr: 3417 |
| SUSE Linux Enterprise SDK 11 GA |
|
sles11.ia64 sled11.x86-64 sled11.x86 sle11-sdk.ppc sles11.s390x sle11-sdk.ia64 sle11-sdk.x86-64 sle11-sdk.x86 sles11.x86 sles11.ppc sles11.x86-64 sle11-sdk.s390x SAT Patch Nr: 3417 |
| SUSE Linux Enterprise Desktop 11 GA SUSE Linux Enterprise Server 11 GA |
|
sles11.ia64 sled11.x86-64 sled11.x86 sle11-sdk.ppc sles11.s390x sle11-sdk.ia64 sle11-sdk.x86-64 sle11-sdk.x86 sles11.x86 sles11.ppc sles11.x86-64 sle11-sdk.s390x SAT Patch Nr: 3417 |
| SUSE Linux Enterprise Desktop 11 GA |
|
sles11.ia64 sled11.x86-64 sled11.x86 sle11-sdk.ppc sles11.s390x sle11-sdk.ia64 sle11-sdk.x86-64 sle11-sdk.x86 sles11.x86 sles11.ppc sles11.x86-64 sle11-sdk.s390x SAT Patch Nr: 3417 |
| SUSE Linux Enterprise Server 11 GA |
|
sles11.ia64 sled11.x86-64 sled11.x86 sle11-sdk.ppc sles11.s390x sle11-sdk.ia64 sle11-sdk.x86-64 sle11-sdk.x86 sles11.x86 sles11.ppc sles11.x86-64 sle11-sdk.s390x SAT Patch Nr: 3417 |
| SUSE Linux Enterprise Server 11 GA |
|
sles11.ia64 sled11.x86-64 sled11.x86 sle11-sdk.ppc sles11.s390x sle11-sdk.ia64 sle11-sdk.x86-64 sle11-sdk.x86 sles11.x86 sles11.ppc sles11.x86-64 sle11-sdk.s390x SAT Patch Nr: 3417 |
| SUSE Linux Enterprise Desktop 10 SP3 for x86 SUSE Linux Enterprise Server 10 SP3 |
|
sles10-sp3.ia64 sle10-sp3-sdk.s390x sle10-sp3-sdk.ia64 sles10-sp3.x86 sles10-sp3-debuginfo.s390x sle10-sp3-sdk.x86-64 sles10-sp3-debuginfo.ia64 sled10-sp3.x86-64 sles10-sp3-debuginfo.x86 sle10-sp3-sdk.x86 sles10-sp3.ppc sled10-sp3.x86 sle10-sp3-sdk.ppc sles10-sp3-debuginfo.ppc sles10-sp3-debuginfo.x86-64 sles10-sp3.x86-64 sles10-sp3.s390x ZYPP Patch Nr: 7208 |
| SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T SUSE Linux Enterprise SDK 10 SP3 SUSE Linux Enterprise Server 10 SP3 SUSE Linux Enterprise Server for SAP 10 SP3 |
|
sles10-sp3.ia64 sle10-sp3-sdk.s390x sle10-sp3-sdk.ia64 sles10-sp3.x86 sles10-sp3-debuginfo.s390x sle10-sp3-sdk.x86-64 sles10-sp3-debuginfo.ia64 sled10-sp3.x86-64 sles10-sp3-debuginfo.x86 sle10-sp3-sdk.x86 sles10-sp3.ppc sled10-sp3.x86 sle10-sp3-sdk.ppc sles10-sp3-debuginfo.ppc sles10-sp3-debuginfo.x86-64 sles10-sp3.x86-64 sles10-sp3.s390x ZYPP Patch Nr: 7208 |
| SUSE Linux Enterprise SDK 10 SP3 |
|
sles10-sp3.ia64 sle10-sp3-sdk.s390x sle10-sp3-sdk.ia64 sles10-sp3.x86 sles10-sp3-debuginfo.s390x sle10-sp3-sdk.x86-64 sles10-sp3-debuginfo.ia64 sled10-sp3.x86-64 sles10-sp3-debuginfo.x86 sle10-sp3-sdk.x86 sles10-sp3.ppc sled10-sp3.x86 sle10-sp3-sdk.ppc sles10-sp3-debuginfo.ppc sles10-sp3-debuginfo.x86-64 sles10-sp3.x86-64 sles10-sp3.s390x ZYPP Patch Nr: 7208 |
| openSUSE 11.1 |
| |
| openSUSE 11.1 |
| |
| openSUSE 11.2 openSUSE 11.3 |
| |
| openSUSE 11.2 openSUSE 11.3 |
| |
| openSUSE 11.1 |
| |
| openSUSE 11.1 |
| |
| openSUSE 11.2 |
| |
| openSUSE 11.2 |
| |
| openSUSE 11.3 |
| |
| openSUSE 11.3 |
| |
| openSUSE 11.1 openSUSE 11.2 openSUSE 11.3 |
| |
| openSUSE 11.1 openSUSE 11.2 |
| |
| openSUSE 11.3 |
| |
| openSUSE Leap 15.0 |
| Patchnames: openSUSE Leap 15.0 GA MozillaFirefox openSUSE Leap 15.0 GA MozillaThunderbird |
| openSUSE Leap 42.1 |
| Patchnames: openSUSE Leap 42.1 GA MozillaFirefox openSUSE Leap 42.1 GA MozillaThunderbird |
| openSUSE Leap 42.2 |
| Patchnames: openSUSE Leap 42.2 GA MozillaFirefox openSUSE Leap 42.2 GA MozillaThunderbird |
| openSUSE Leap 42.3 |
| Patchnames: openSUSE Leap 42.3 GA MozillaFirefox openSUSE Leap 42.3 GA MozillaThunderbird |
| openSUSE Tumbleweed |
| Patchnames: openSUSE Tumbleweed GA MozillaFirefox openSUSE Tumbleweed GA MozillaThunderbird openSUSE Tumbleweed GA seamonkey |
