SuSE Security Advisory SUSE-SA:2009:034 (MozillaFirefox)

The remote host is missing updates announced in advisory SUSE-SA:2009:034.

The Mozilla Firefox browser was updated to version 3.0.11, fixing various bugs and security issues: * MFSA 2009-24/CVE-2009-1392/CVE-2009-1832/CVE-2009-1833 Crashes with evidence of memory corruption (rv:1.9.0.11) * MFSA 2009-25/CVE-2009-1834 (bmo#479413) URL spoofing with invalid unicode characters * MFSA 2009-26/CVE-2009-1835 (bmo#491801) Arbitrary domain cookie access by local file: resources * MFSA 2009-27/CVE-2009-1836 (bmo#479880) SSL tampering via non-200 responses to proxy CONNECT requests * MFSA 2009-28/CVE-2009-1837 (bmo#486269) Race condition while accessing the private data of a NPObject JS wrapper class object * MFSA 2009-29/CVE-2009-1838 (bmo#489131) Arbitrary code execution using event listeners attached to an element whose owner document is null * MFSA 2009-30/CVE-2009-1839 (bmo#479943) Incorrect principal set for file: resources loaded via location bar * MFSA 2009-31/CVE-2009-1840 (bmo#477979) XUL scripts bypass content-policy checks * MFSA 2009-32/CVE-2009-1841 (bmo#479560) JavaScript chrome privilege escalation

Update your system with the packages as indicated in the referenced security advisory. https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:034