Thursday, November 10, 2011

Security Updates From Mozilla

Mozilla has released updates to Firefox browser and Thunderbird email client to address a bunch of vulnerabilities of which many are categorized as critical.

Affected products are:
- Mozilla Thunderbird earlier than 8.0 or 3.1.16
- Mozilla Firefox earlier than 8.0 or 3.6.24

Links to the security advisories with details about addressed security issues:
MFSA 2011-52 Code execution via NoWaiverWrapper
MFSA 2011-51 Cross-origin image theft on Mac with integrated Intel GPU
MFSA 2011-50 Cross-origin data theft using canvas and Windows D2D
MFSA 2011-49 Memory corruption while profiling using Firebug
MFSA 2011-48 Miscellaneous memory safety hazards (rv:8.0)
MFSA 2011-47 Potential XSS against sites using Shift-JIS
MFSA 2011-46 loadSubScript unwraps XPCNativeWrapper scope parameter (1.9.2 branch)

Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird

No comments: