Описание
ELSA-2010-0809: xulrunner security update (CRITICAL)
[1.9.2.11-4.0.1.el5_5]
- Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one.
[1.9.2.11-4.el5_5]
- Add upstream patch for CVE-2010-3765
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
xulrunner
1.9.2.11-4.0.1.el5_5
xulrunner-devel
1.9.2.11-4.0.1.el5_5
Oracle Linux x86_64
xulrunner
1.9.2.11-4.0.1.el5_5
xulrunner-devel
1.9.2.11-4.0.1.el5_5
Oracle Linux i386
xulrunner
1.9.2.11-4.0.1.el5_5
xulrunner-devel
1.9.2.11-4.0.1.el5_5
Связанные CVE
Связанные уязвимости
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunder ...
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.