Wednesday, March 2, 2011

Security Updates To Mozilla Products

Mozilla has released security bulletins related to found issues in some of their products. Eight of the fixed vulnerabilities are categorized as critical, one as high and one as moderate.

Critical:
MFSA 2011-09 Crash caused by corrupted JPEG image
MFSA 2011-07 Memory corruption during text run construction (Windows)
MFSA 2011-06 Use-after-free error using Web Workers
MFSA 2011-05 Buffer overflow in JavaScript atom map
MFSA 2011-04 Buffer overflow in JavaScript upvarMap
MFSA 2011-03 Use-after-free error in JSON.stringify
MFSA 2011-02 Recursive eval call causes confirm dialogs to evaluate to true
MFSA 2011-01 Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)

High:
MFSA 2011-10 CSRF risk with plugins and 307 redirects

Moderate:
MFSA 2011-08 ParanoidFragmentSink allows javascript: URLs in chrome documents


Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey

No comments: