Mozilla has released updates to Firefox and Seamonkey browsers and Thunderbird email client to address 14 vulnerabilities of which seven categorized as critical, four as high and three as moderate.
Affected products are:
- Mozilla Thunderbird earlier than 12.0
- Mozilla Thunderbird ESR earlier than 10.0.4
- Mozilla SeaMonkey earlier than 2.9
- Mozilla Firefox earlier than 12.0
- Mozilla Firefox ESR earlier than 10.0.4
Links to the security advisories with details about addressed security issues:
MFSA 2012-33 Potential site identity spoofing when loading RSS and Atom feeds
MFSA 2012-32 HTTP Redirections and remote content can be read by javascript errors
MFSA 2012-31 Off-by-one error in OpenType Sanitizer
MFSA 2012-30 Crash with WebGL content using textImage2D
MFSA 2012-29 Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
MFSA 2012-28 Ambiguous IPv6 in Origin headers may bypass webserver access restrictions
MFSA 2012-27 Page load short-circuit can lead to XSS
MFSA 2012-26 WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error
MFSA 2012-25 Potential memory corruption during font rendering using cairo-dwrite
MFSA 2012-24 Potential XSS via multibyte content processing errors
MFSA 2012-23 Invalid frees causes heap corruption in gfxImageSurface
MFSA 2012-22 use-after-free in IDBKeyRange
MFSA 2012-21 Multiple security flaws fixed in FreeType v2.4.9
MFSA 2012-20 Miscellaneous memory safety hazards (rv:12.0/ rv:10.0.4)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment