Mozilla have released updates to Firefox browser to address a bunch of vulnerabilities of which two categorized as critical, five as high, four as moderate and two as low.
Affected products are:
- Mozilla Firefox earlier than 47
- Mozilla Firefox earlier than ESR 45.2
Links to the security advisories with details about addressed security issues:
MFSA 2016-61 Network Security Services (NSS) vulnerabilities
MFSA 2016-60 Java applets bypass CSP protections
MFSA 2016-59 Information disclosure of disabled plugins through CSS pseudo-classes
MFSA 2016-58 Entering fullscreen and persistent pointerlock without user permission
MFSA 2016-57 Incorrect icon displayed on permissions notifications
MFSA 2016-56 Use-after-free when textures are used in WebGL operations after recycle pool destruction
MFSA 2016-55 File overwrite and privilege escalation through Mozilla Windows updater
MFSA 2016-54 Partial same-origin-policy through setting location.host through data URI
MFSA 2016-53 Out-of-bounds write with WebGL shader
MFSA 2016-52 Addressbar spoofing though the SELECT element
MFSA 2016-51 Use-after-free deleting tables from a contenteditable document
MFSA 2016-50 Buffer overflow parsing HTML5 fragments
MFSA 2016-49 Miscellaneous memory safety hazards (rv:47.0 / rv:45.2)
Fresh version can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment