Mozilla has released updates to Firefox and Seamonkey browsers and Thunderbird email client to address eight vulnerabilities of which five categorized as critical and three as moderate.
Affected products are:
- Mozilla Thunderbird earlier than 11.0
- Mozilla Thunderbird ESR earlier than 10.0.3
- Mozilla Thunderbird 3.x.x earlier than 3.1.20
- Mozilla SeaMonkey earlier than 2.8
- Mozilla Firefox earlier than 11.0
- Mozilla Firefox ESR earlier than 10.0.3
- Mozilla Firefox 3.x.x earlier than 3.6.28
Links to the security advisories with details about addressed security issues:
MFSA 2012-19 Miscellaneous memory safety hazards (rv:11.0/ rv:10.0.3 / rv:1.9.2.28)
MFSA 2012-18 window.fullScreen writeable by untrusted content
MFSA 2012-17 Crash when accessing keyframe cssText after dynamic modification
MFSA 2012-16 Escalation of privilege with Javascript: URL as home page
MFSA 2012-15 XSS with multiple Content Security Policy headers
MFSA 2012-14 SVG issues found with Address Sanitizer
MFSA 2012-13 XSS with Drag and Drop and Javascript: URL
MFSA 2012-12 Use-after-free in shlwapi.dll
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment