Thursday, February 21, 2013

Mozilla Security Updates Available

Mozilla have released updates to Firefox and Seamonkey browsers and Thunderbird email client to address a bunch of vulnerabilities of which four categorized as critical, two as high and two as moderate.

Affected products are:
- Mozilla Firefox earlier than 19.0
- Mozilla Firefox ESR earlier than 17.0.3
- Mozilla Thunderbird earlier than 17.0.3
- Mozilla Thunderbird ESR earlier than 17.0.3
- Mozilla SeaMonkey earlier than 2.16

Links to the security advisories with details about addressed security issues:
MFSA 2013-28 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer
MFSA 2013-27 Phishing on HTTPS connection through malicious proxy
MFSA 2013-26 Use-after-free in nsImageLoadingContent
MFSA 2013-25 Privacy leak in JavaScript Workers
MFSA 2013-24 Web content bypass of COW and SOW security wrappers
MFSA 2013-23 Wrapped WebIDL objects can be wrapped again
MFSA 2013-22 Out-of-bounds read in image rendering
MFSA 2013-21 Miscellaneous memory safety hazards (rv:19.0 / rv:17.0.3)


Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey

No comments: