{"affected":[],"aliases":[],"details":"\nThis update to Firefox 17.0.9esr (bnc#840485) addresses:\n\n    * MFSA 2013-91 User-defined properties on DOM proxies get the wrong\n      'this' object\n          o (CVE-2013-1737)\n    * MFSA 2013-90 Memory corruption involving scrolling\n          o use-after-free in mozilla::layout::ScrollbarActivity\n            (CVE-2013-1735)\n          o Memory corruption in nsGfxScrollFrameInner::IsLTR()\n            (CVE-2013-1736)\n    * MFSA 2013-89 Buffer overflow with multi-column, lists, and floats\n          o buffer overflow at nsFloatManager::GetFlowArea() with multicol,\n            list, floats (CVE-2013-1732)\n    * MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes\n          o compartment mismatch in nsXBLBinding::DoInitJSClass\n            (CVE-2013-1730)\n    * MFSA 2013-83 Mozilla Updater does not lock MAR file after signature\n      verification\n          o MAR signature bypass in Updater could lead to downgrade\n            (CVE-2013-1726)\n    * MFSA 2013-82 Calling scope for new Javascript objects can lead to\n      memory corruption\n          o ABORT: bad scope for new JSObjects: ReparentWrapper /\n            document.open (CVE-2013-1725)\n    * MFSA 2013-79 Use-after-free in Animation Manager during stylesheet\n      cloning\n          o Heap-use-after-free in nsAnimationManager::BuildAnimations\n            (CVE-2013-1722)\n    * MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 /\n      rv:17.0.9)\n          o Memory safety bugs fixed in Firefox 17.0.9 and Firefox 24.0\n            (CVE-2013-1718)\n    * MFSA 2013-65 Buffer underflow when generating CRMF requests\n          o ASAN heap-buffer-overflow (read 1) in\n            cryptojs_interpret_key_gen_type (CVE-2013-1705)\n\nSecurity Issue references:\n\n    * CVE-2013-1737\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1737>\n    * CVE-2013-1735\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1735>\n    * CVE-2013-1736\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1736>\n    * CVE-2013-1732\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1732>\n    * CVE-2013-1730\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1730>\n    * CVE-2013-1726\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1726>\n    * CVE-2013-1725\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1725>\n    * CVE-2013-1722\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1722>\n    * CVE-2013-1718\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1718>\n    * CVE-2013-1705\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1705>\n\n","id":"SUSE-SU-2015:0446-1","modified":"2013-09-19T11:00:29Z","published":"2013-09-19T11:00:29Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20150446-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/833389"},{"type":"REPORT","url":"https://bugzilla.suse.com/840485"},{"type":"REPORT","url":"https://bugzilla.suse.com/916196"},{"type":"REPORT","url":"https://bugzilla.suse.com/917100"},{"type":"REPORT","url":"https://bugzilla.suse.com/917300"},{"type":"REPORT","url":"https://bugzilla.suse.com/917597"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1701"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1702"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1705"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1706"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1707"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1709"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1710"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1712"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1713"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1714"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1717"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1718"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1722"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1725"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1726"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1730"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1732"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1735"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1736"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1737"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0822"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0827"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0831"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0836"}],"related":["CVE-2013-1701","CVE-2013-1702","CVE-2013-1705","CVE-2013-1706","CVE-2013-1707","CVE-2013-1709","CVE-2013-1710","CVE-2013-1712","CVE-2013-1713","CVE-2013-1714","CVE-2013-1717","CVE-2013-1718","CVE-2013-1722","CVE-2013-1725","CVE-2013-1726","CVE-2013-1730","CVE-2013-1732","CVE-2013-1735","CVE-2013-1736","CVE-2013-1737","CVE-2015-0822","CVE-2015-0827","CVE-2015-0831","CVE-2015-0836"],"summary":"Security update for Mozilla Firefox","upstream":["CVE-2013-1701","CVE-2013-1702","CVE-2013-1705","CVE-2013-1706","CVE-2013-1707","CVE-2013-1709","CVE-2013-1710","CVE-2013-1712","CVE-2013-1713","CVE-2013-1714","CVE-2013-1717","CVE-2013-1718","CVE-2013-1722","CVE-2013-1725","CVE-2013-1726","CVE-2013-1730","CVE-2013-1732","CVE-2013-1735","CVE-2013-1736","CVE-2013-1737","CVE-2015-0822","CVE-2015-0827","CVE-2015-0831","CVE-2015-0836"]}