Synopsis: Critical: firefox security update Issue Date: 2012-10-26 CVE Numbers: CVE-2012-4194 CVE-2012-4195 CVE-2012-4196 -- Multiple flaws were found in the location object implementation in Firefox. Malicious content could be used to perform cross-site scripting attacks, bypass the same-origin policy, or cause Firefox to execute arbitrary code. (CVE-2012-4194, CVE-2012-4195, CVE-2012-4196) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 10.0.10 ESR. After installing the update, Firefox must be restarted for the changes to take effect. -- SL5 x86_64 firefox-10.0.10-1.el5_8.i386.rpm firefox-10.0.10-1.el5_8.x86_64.rpm xulrunner-10.0.10-1.el5_8.i386.rpm xulrunner-10.0.10-1.el5_8.x86_64.rpm xulrunner-devel-10.0.10-1.el5_8.i386.rpm xulrunner-devel-10.0.10-1.el5_8.x86_64.rpm i386 firefox-10.0.10-1.el5_8.i386.rpm xulrunner-10.0.10-1.el5_8.i386.rpm xulrunner-devel-10.0.10-1.el5_8.i386.rpm SL6 x86_64 firefox-10.0.10-1.el6_3.i686.rpm firefox-10.0.10-1.el6_3.x86_64.rpm xulrunner-10.0.10-1.el6_3.i686.rpm xulrunner-10.0.10-1.el6_3.x86_64.rpm xulrunner-devel-10.0.10-1.el6_3.i686.rpm xulrunner-devel-10.0.10-1.el6_3.x86_64.rpm i386 firefox-10.0.10-1.el6_3.i686.rpm xulrunner-10.0.10-1.el6_3.i686.rpm xulrunner-devel-10.0.10-1.el6_3.i686.rpm - Scientific Linux Development Team