Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Mozilla updates Firefox 40 to patch two serious flaws

Mozilla updates Firefox 40 to patch two serious flaws

2015/08/28

Securityweek - (International) Mozilla released Firefox version 40.0.3 addressing a use-after free vulnerability in which an attacker could crash Firefox or execute arbitrary code with user privileges, and an add-on notification bypass through data Uniform Resource Locator (URL) that an attacker could use to trick users into installing a malicious add-on.

Source: http://www.securityweek.com/mozilla-updates-firefox-40-patch-two-serious-flaws

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:25:07