Friday, May 17, 2013

Mozilla Product Updates Released

Mozilla have released updates to Firefox web browser and Thunderbird email client to address a bunch of vulnerabilities of which three categorized as critical, four as high and one as moderate.

Affected products are:
- Mozilla Firefox earlier than 21.0
- Mozilla Firefox ESR earlier than 17.0.6
- Mozilla Thunderbird earlier than 17.0.6
- Mozilla Thunderbird ESR earlier than 17.0.6

Links to the security advisories with details about addressed security issues:
MFSA 2013-48 Memory corruption found using Address Sanitizer
MFSA 2013-47 Uninitialized functions in DOMSVGZoomEvent
MFSA 2013-46 Use-after-free with video and onresize event
MFSA 2013-45 Mozilla Updater fails to update some Windows Registry entries
MFSA 2013-44 Local privilege escalation through Mozilla Maintenance Service
MFSA 2013-43 File input control has access to full path
MFSA 2013-42 Privileged access for content level constructor
MFSA 2013-41 Miscellaneous memory safety hazards (rv:21.0 / rv:17.0.6)


Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird

No comments: