Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » firefox16.0.1

Overview

Id firefox16.0.1
Name Mozilla Firefox 16.0.1 for Mac OS X (Update) (See Note)
Vendor Name mozilla
Product Firefox
Content Type Critical Critical
Language(s)
Operating System(s) OSX 
Released On 11 Oct 2012 12:00:00

firefox16.0.1

Mozilla Firefox 16.0.1 for Mac OS X (Update) (See Note)

Vendor Name

mozilla

Product

Firefox

Released On

11 Oct 2012 12:00:00

Url

http://www.mozilla.com/firefox/16.0.1/releasenotes/

Description

About This Update:
Firefox 16.0 and 16.0.1 fix the following security issues:

  • MFSA 2012-89 defaultValue security checks not applied.
  • MFSA 2012-88 Miscellaneous memory safety hazards (rv:16.0.1).
  • MFSA 2012-87 Use-after-free in the IME State Manager.
  • MFSA 2012-86 Heap memory corruption issues found using Address Sanitizer.
  • MFSA 2012-85 Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer.
  • MFSA 2012-84 Spoofing and script injection through location.hash.
  • MFSA 2012-83 Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties.
  • MFSA 2012-82 top object and location property accessible by plugins.
  • MFSA 2012-81 GetProperty function can bypass security checks.
  • MFSA 2012-80 Crash with invalid cast when using instanceof operator.
  • MFSA 2012-79 DOS and crash with full screen and history navigation.
  • MFSA 2012-77 Some DOMWindowUtils methods bypass security checks.
  • MFSA 2012-76 Continued access to initial origin after setting document.domain.
  • MFSA 2012-75 select element persistance allows for attacks.
  • MFSA 2012-74 Miscellaneous memory safety hazards (rv:16.0/ rv:10.0.8).
  • Important Notes:

  • This update is applicable to Firefox version 4 and higher.
  • The detection logic only detects Firefox installations in the system-default Program Files folder (e.g. "C:\Program Files\Mozilla Firefox").
  • Deployment while Firefox is running will not upgrade the current browser session. The user will be prompted to reboot the next time Firefox is launched, in order to complete the upgrade.
  • Deployment with Uninstall will remove Firefox completely.
  • System Requirements:
    Intel-based Mac OS X 10.5
    Mac OS X 10.6
    Mac OS X 10.7

    Related Resources

    Related Vulnerabilities

    CVE-2012-3982   CVE-2012-3986   CVE-2012-3988   CVE-2012-3990   CVE-2012-3991   CVE-2012-3992   CVE-2012-3993   CVE-2012-3994   CVE-2012-3995   CVE-2012-4179   CVE-2012-4180   CVE-2012-4181   CVE-2012-4182   CVE-2012-4183   CVE-2012-4184   CVE-2012-4185   CVE-2012-4186   CVE-2012-4187   CVE-2012-4188   CVE-2012-3983   CVE-2012-3984   CVE-2012-3985   CVE-2012-3989   CVE-2012-4191   CVE-2012-4192   CVE-2012-4193  

    Related Patches

    Superseded Patches

    None


    Last Updated: 27 May 2016 11:15:18