Upstream information
Description
The setTimeout function in Mozilla Firefox before 3.0.12 does not properly preserve object wrapping, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted call, related to XPCNativeWrapper.NVD CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Novell/SUSE information
Novell Bugzilla entry: 522109 SUSE Security Advisories:- SUSE-SA:2009:039, published Mon, 27 Jul 2009 09:00:00 +0000
- SUSE-SA:2009:042, published Thu, 06 Aug 2009 10:00:00 +0000
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| openSUSE 10.3 |
| |
| openSUSE 10.3 |
|
