Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » firefox14.0.1

Overview

Id firefox14.0.1
Name Mozilla Firefox 14.0.1 for Mac OS X (Update) (See Note)
Vendor Name mozilla
Product Firefox
Content Type Critical Critical
Language(s)
Operating System(s) OSX 
Released On 17 Jul 2012 11:42:00

firefox14.0.1

Mozilla Firefox 14.0.1 for Mac OS X (Update) (See Note)

Vendor Name

mozilla

Product

Firefox

Released On

17 Jul 2012 11:42:00

Url

http://www.mozilla.com/firefox/14.0.1/releasenotes/

Description

About This Update:
Firefox 14.0.1 fixes the following security issues:

  • MFSA 2012-56 Code execution through javascript: URLs.
  • MFSA 2012-55 feed: URLs with an innerURI inherit security context of page.
  • MFSA 2012-53 Content Security Policy 1.0 implementation errors cause data leakage.
  • MFSA 2012-52 JSDependentString::undepend string conversion results in memory corruption.
  • MFSA 2012-51 X-Frame-Options header ignored when duplicated.
  • MFSA 2012-50 Out of bounds read in QCMS.
  • MFSA 2012-49 Same-compartment Security Wrappers can be bypassed.
  • MFSA 2012-48 use-after-free in nsGlobalWindow::PageHidden.
  • MFSA 2012-47 Improper filtering of javascript in HTML feed-view.
  • MFSA 2012-46 XSS through data: URLs.
  • MFSA 2012-45 Spoofing issue with location.
  • MFSA 2012-44 Gecko memory corruption.
  • MFSA 2012-43 Incorrect URL displayed in addressbar through drag and drop.
  • MFSA 2012-42 Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6).
  • Important Notes:

  • This update is applicable to Firefox version 4 and higher.
  • The detection logic only detects Firefox installations in the system-default Program Files folder (e.g. "C:\Program Files\Mozilla Firefox").
  • Deployment while Firefox is running will not upgrade the current browser session. The user will be prompted to reboot the next time Firefox is launched, in order to complete the upgrade.
  • Deployment with Uninstall will remove Firefox completely.
  • System Requirements:
    Intel-based Mac OS X 10.5
    Mac OS X 10.6
    Mac OS X 10.7

    Related Resources

    Related Vulnerabilities

    CVE-2012-1948   CVE-2012-1949   CVE-2012-1950   CVE-2012-1951   CVE-2012-1952   CVE-2012-1953   CVE-2012-1954   CVE-2012-1955   CVE-2012-1957   CVE-2012-1958   CVE-2012-1959   CVE-2012-1960   CVE-2012-1961   CVE-2012-1962   CVE-2012-1963   CVE-2012-1965   CVE-2012-1966   CVE-2012-1967  

    Related Patches

    Superseded Patches

    None


    Last Updated: 27 May 2016 11:14:27