Mozilla have released updates to Firefox browser to address a bunch of vulnerabilities of which nine categorized as critical, seven as high, six as moderate and one as low.
Affected products are:
- Mozilla Firefox earlier than 45
- Mozilla Firefox earlier than ESR 38.7
Links to the security advisories with details about addressed security issues:
MFSA 2016-38 Out-of-bounds write with malicious font in Graphite 2
MFSA 2016-37 Font vulnerabilities in the Graphite 2 library
MFSA 2016-36 Use-after-free during processing of DER encoded keys in NSS
MFSA 2016-35 Buffer overflow during ASN.1 decoding in NSS
MFSA 2016-34 Out-of-bounds read in HTML parser following a failed allocation
MFSA 2016-33 Use-after-free in GetStaticInstance in WebRTC
MFSA 2016-32 WebRTC and LibVPX vulnerabilities found through code inspection
MFSA 2016-31 Memory corruption with malicious NPAPI plugin
MFSA 2016-30 Buffer overflow in Brotli decompression
MFSA 2016-29 Same-origin policy violation using performance.getEntries and history navigation with session restore
MFSA 2016-28 Addressbar spoofing though history navigation and Location protocol property
MFSA 2016-27 Use-after-free during XML transformations
MFSA 2016-26 Memory corruption when modifying a file being read by FileReader
MFSA 2016-25 Use-after-free when using multiple WebRTC data channels
MFSA 2016-24 Use-after-free in SetBody
MFSA 2016-23 Use-after-free in HTML5 string parser
MFSA 2016-22 Service Worker Manager out-of-bounds read in Service Worker Manager
MFSA 2016-21 Displayed page address can be overridden
MFSA 2016-20 Memory leak in libstagefright when deleting an array during MP4 processing
MFSA 2016-19 Linux video memory DOS with Intel drivers
MFSA 2016-18 CSP reports fail to strip location information for embedded iframe pages
MFSA 2016-17 Local file overwriting and potential privilege escalation through CSP reports
MFSA 2016-16 Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)
Fresh version can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment