Mozilla have released updates to Firefox and Seamonkey browsers and Thunderbird email client to address a bunch of vulnerabilities of which three categorized as critical, one as high, four as moderate and one as low.
Affected products are:
- Mozilla Firefox earlier than 35
- Mozilla Firefox ESR earlier than 31.4
- Mozilla Thunderbird earlier than 31.4
- SeaMonkey 2.32
Links to the security advisories with details about addressed security issues:
MSFA-2015-09 XrayWrapper bypass through DOM objects
MSFA-2015-08 Delegated OCSP responder certificates failure with id-pkix-ocsp-nocheck extension
MSFA-2015-07 Gecko Media Plugin sandbox escape
MSFA-2015-06 Read-after-free in WebRTC
MSFA-2015-05 Read of uninitialized memory in Web Audio
MSFA-2015-04 Cookie injection through Proxy Authenticate responses
MSFA-2015-03 sendBeacon requests lack an Origin header
MSFA-2015-02 Uninitialized memory use during bitmap rendering
MSFA-2015-01 Miscellaneous memory safety hazards (rv:35.0 / rv:31.4)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment