Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » firefoxESR10.0.7

Overview

Id firefoxESR10.0.7
Name Mozilla Firefox ESR (en-us) 10.0.7 for Windows (Update) (See Notes)
Vendor Name mozilla
Product Mozilla FireFox
Content Type Critical Critical
Language(s) ENGLISH 
Operating System(s) Windows 
Released On 28 Aug 2012 12:00:00

firefoxESR10.0.7

Mozilla Firefox ESR (en-us) 10.0.7 for Windows (Update) (See Notes)

Vendor Name

mozilla

Product

Mozilla FireFox

Released On

28 Aug 2012 12:00:00

Url

http://www.mozilla.com/firefox/10.0.7/releasenotes/

Description

Mozilla offers an Extended Support Release (ESR) cycle for Firefox that gives users a longer support tail than what is currently offered with regular Firefox releases. This ESR version is available for users who wish to remain on the ESR cycle. Please see Mozilla Firefox Extended Support Release for more information.

About This Update:
Firefox ESR 10.0.7 fixes the following security issues:

  • MFSA 2012-72 Web console eval capable of executing chrome-privileged code.
  • MFSA 2012-70 Location object security checks bypassed by chrome code.
  • MFSA 2012-69 Incorrect site SSL certificate data display.
  • MFSA 2012-67 Installer will launch incorrect executable following new installation.
  • MFSA 2012-65 Out-of-bounds read in format-number in XSLT.
  • MFSA 2012-63 SVG buffer overflow and use-after-free issues.
  • MFSA 2012-62 WebGL use-after-free and memory corruption.
  • MFSA 2012-61 Memory corruption with bitmap format images with negative height.
  • MFSA 2012-58 Use-after-free issues found using Address Sanitizer.
  • MFSA 2012-57 Miscellaneous memory safety hazards (rv:15.0/ rv:10.0.7).
  • Important Notes:

  • This update is applicable to Firefox ESR 10.x.
  • The detection logic only detects Firefox installations in the system-default Program Files folder (e.g. "C:\Program Files\Mozilla Firefox").
  • Deployment while Firefox is running will not upgrade the current browser session. The user will be prompted to reboot the next time Firefox is launched, in order to complete the upgrade.
  • Deployment with Uninstall will remove Firefox completely.
  • Related Resources

    Related Vulnerabilities

    CVE-2012-1970   CVE-2012-1971   CVE-2012-1973   CVE-2012-1974   CVE-2012-1975   CVE-2012-1976   CVE-2012-3956   CVE-2012-3957   CVE-2012-3958   CVE-2012-3959   CVE-2012-3960   CVE-2012-3961   CVE-2012-3962   CVE-2012-3963   CVE-2012-3964   CVE-2012-3966   CVE-2012-3967   CVE-2012-3968   CVE-2012-3969   CVE-2012-3970   CVE-2012-3972   CVE-2012-3974   CVE-2012-3976   CVE-2012-3978   CVE-2012-3980  

    Related Patches

    None

    Superseded Patches

    None


    Last Updated: 27 May 2016 11:14:50