Mozilla have released updates to Firefox browser to address a bunch of vulnerabilities of which four categorized as critical, seven as high, three as moderate and two as low.
Affected products are:
- Mozilla Firefox earlier than 43
- Mozilla Firefox ESR earlier than 38.5
Links to the security advisories with details about addressed security issues:
MFSA 2015-149 Cross-site reading attack through data and view-source URIs
MFSA 2015-148 Privilege escalation vulnerabilities in WebExtension APIs
MFSA 2015-147 Integer underflow and buffer overflow processing MP4 metadata in libstagefright
MFSA 2015-146 Integer overflow in MP4 playback in 64-bit versions
MFSA 2015-145 Underflow through code inspection
MFSA 2015-144 Buffer overflows found through code inspection
MFSA 2015-143 Linux file chooser crashes on malformed images due to flaws in Jasper library
MFSA 2015-142 DOS due to malformed frames in HTTP/2
MFSA 2015-141 Hash in data URI is incorrectly parsed
MFSA 2015-140 Cross-origin information leak through web workers error events
MFSA 2015-139 Integer overflow allocating extremely large textures
MFSA 2015-138 Use-after-free in WebRTC when datachannel is used after being destroyed
MFSA 2015-137 Firefox allows for control characters to be set in cookies
MFSA 2015-136 Same-origin policy violation using perfomance.getEntries and history navigation
MFSA 2015-135 Crash with JavaScript variable assignment with unboxed objects
MFSA 2015-134 Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)
Fresh version can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment