https://bugzilla.novell.com/show_bug.cgi?id=808243 https://bugzilla.novell.com/show_bug.cgi?id=808243#c0 Summary: Firefox 19.0.2/17.0.4 Classification: openSUSE Product: openSUSE 12.2 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: Firefox AssignedTo: bnc-team-mozilla@forge.provo.novell.com ReportedBy: wolfgang@rosenauer.org QAContact: qa-bugs@suse.de CC: security-team@suse.de Found By: --- Blocker: --- Firefox 19.0.2/17.0.4 Thunderbird 17.0.4 Seamonkey 2.16.1 released because of https://www.mozilla.org/security/announce/2013/mfsa2013-29.html Description VUPEN Security, via TippingPoint's Zero Day Initiative, reported a use-after-free within the HTML editor when content script is run by the document.execCommand() function while internal editor operations are occurring. This could allow for arbitrary code execution. References use-after-free in nsHTMLEditor when using execCommand() (CVE-2013-0787) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.