Security update for Mozille Firefox SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2015:0761-1 Final 1 1 2015-04-22T19:54:15Z current 2015-04-22T19:54:15Z 2015-04-22T19:54:15Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for Mozille Firefox Mozilla Firefox was updated to 37.0.2 to fix one security issue. The following vulnerability was fixed: * CVE-2015-2706 Memory corruption during failed plugin initialization (bmo#1141081 MFSA 2015-45 bnc#928116) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2015-04/msg00044.html E-Mail link for openSUSE-SU-2015:0761-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings MozillaFirefox-37.0.2-71.1 MozillaFirefox-branding-upstream-37.0.2-71.1 MozillaFirefox-buildsymbols-37.0.2-71.1 MozillaFirefox-devel-37.0.2-71.1 MozillaFirefox-translations-common-37.0.2-71.1 MozillaFirefox-translations-other-37.0.2-71.1 Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted plugin that does not properly complete initialization. CVE-2015-2706 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-04/msg00044.html https://www.suse.com/security/cve/CVE-2015-2706.html CVE-2015-2706 https://bugzilla.suse.com/928116 SUSE Bug 928116