Thursday, June 7, 2012

Mozilla Updates

Mozilla has released updates to Firefox and Seamonkey browsers and Thunderbird email client to address seven vulnerabilities of which four categorized as critical, two as high and one as moderate.

Affected products are:
- Mozilla Thunderbird earlier than 13.0
- Mozilla Thunderbird ESR earlier than 10.0.5
- Mozilla SeaMonkey earlier than 2.10
- Mozilla Firefox earlier than 13.0
- Mozilla Firefox ESR earlier than 10.0.5

Links to the security advisories with details about addressed security issues:
MFSA 2012-40 Buffer overflow and use-after-free issues found using Address Sanitizer
MFSA 2012-39 NSS parsing errors with zero length items
MFSA 2012-38 Use-after-free while replacing/inserting a node in a document
MFSA 2012-37 Information disclosure though Windows file shares and shortcut files
MFSA 2012-36 Content Security Policy inline-script bypass
MFSA 2012-35 Privilege escalation through Mozilla Updater and Windows Updater Service
MFSA 2012-34 Miscellaneous memory safety hazards (rv:13.0/ rv:10.0.5)

Fresh versions can be obtained via inbuilt updater or by downloading from the product site: Firefox
Thunderbird
SeaMonkey

No comments: