Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » firefox10.0.6


Id firefox10.0.6
Name Mozilla Firefox ESR 10.0.6 for Mac OS X (Update) (See Note)
Vendor Name mozilla
Product Firefox
Content Type Critical Critical
Operating System(s) OSX 
Released On 17 Jul 2012 11:42:00


Mozilla Firefox ESR 10.0.6 for Mac OS X (Update) (See Note)

Vendor Name




Released On

17 Jul 2012 11:42:00



Mozilla offers an Extended Support Release (ESR) cycle for Firefox that gives users a longer support tail than what is currently offered with regular Firefox releases. This ESR version is available for users who wish to remain on the ESR cycle. Please see Mozilla Firefox Extended Support Release for more information.

About This Update:
Firefox ESR 10.0.6 fixes the following security issues:

  • MFSA 2012-56 Code execution through javascript: URLs.
  • MFSA 2012-55 feed: URLs with an innerURI inherit security context of page.
  • MFSA 2012-54 Clickjacking of certificate warning page.
  • MFSA 2012-53 Content Security Policy 1.0 implementation errors cause data leakage.
  • MFSA 2012-52 JSDependentString::undepend string conversion results in memory corruption.
  • MFSA 2012-51 X-Frame-Options header ignored when duplicated.
  • MFSA 2012-49 Same-compartment Security Wrappers can be bypassed.
  • MFSA 2012-48 use-after-free in nsGlobalWindow::PageHidden.
  • MFSA 2012-47 Improper filtering of javascript in HTML feed-view.
  • MFSA 2012-46 XSS through data: URLs.
  • MFSA 2012-45 Spoofing issue with location.
  • MFSA 2012-44 Gecko memory corruption.
  • MFSA 2012-43 Incorrect URL displayed in addressbar through drag and drop.
  • MFSA 2012-42 Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6).
  • Important Note:
    The detection logic only detects Firefox installations in the current system volume.

    System Requirements:
    Intel-based Mac OS X 10.5
    Mac OS X 10.6
    Mac OS X 10.7

    Related Resources

    Related Vulnerabilities

    CVE-2012-1967   CVE-2012-1948   CVE-2012-1950   CVE-2012-1951   CVE-2012-1952   CVE-2012-1953   CVE-2012-1954   CVE-2012-1955   CVE-2012-1966   CVE-2012-1957   CVE-2012-1958   CVE-2012-1959   CVE-2012-1961   CVE-2012-1962   CVE-2012-1964   CVE-2012-1965  

    Related Patches


    Superseded Patches

    Last Updated: 27 May 2016 11:14:28