Gentoo Linux Security Advisory GLSA 200712-22 - David Bloom reported two vulnerabilities where plug-ins (CVE-2007-6520) and Rich text editing (CVE-2007-6522) could be used to allow cross domain scripting. Alexander Klink (Cynops GmbH) discovered an issue with TLS certificates (CVE-2007-6521). Gynvael Coldwind reported that bitmaps might reveal random data from memory (CVE-2007-6524). Versions less than 9.25 are affected.
530363e74b05a9c0cab7ab3ccbe4e38646d82e728737b3b36e700bc1f9db60fc