Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » firefox17.0.3

Overview

Id firefox17.0.3
Name Mozilla Firefox ESR 17.0.3 for Mac OS X (Update) (See Notes)
Vendor Name mozilla
Product Mozilla FireFox
Content Type Critical Critical
Language(s)
Operating System(s) OSX 
Released On 19 Feb 2013 12:00:00

firefox17.0.3

Mozilla Firefox ESR 17.0.3 for Mac OS X (Update) (See Notes)

Vendor Name

mozilla

Product

Mozilla FireFox

Released On

19 Feb 2013 12:00:00

Url

http://www.mozilla.com/firefox/17.0.3/releasenotes/

Description

Mozilla offers an Extended Support Release (ESR) cycle for Firefox that gives users a longer support tail than what is currently offered with regular Firefox releases. This ESR version is available for users who wish to remain on the ESR cycle. Please see Mozilla Firefox Extended Support Release for more information.

About This Update:
Firefox ESR 17.0.3 fixes the following security issues:

  • MFSA 2013-28 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer.
  • MFSA 2013-27 Phishing on HTTPS connection through malicious proxy.
  • MFSA 2013-26 Use-after-free in nsImageLoadingContent.
  • MFSA 2013-25 Privacy leak in JavaScript Workers.
  • MFSA 2013-24 Web content bypass of COW and SOW security wrappers.
  • MFSA 2013-21 Miscellaneous memory safety hazards (rv:19.0 / rv:17.0.3).
  • Important Notes:

  • By default, deployment will automatically update Firefox.app in the Applications folder.
  • Deployment while Firefox is running will not update the current browser session. The user may re-launch Firefox in order to complete the update.
  • The installation will show a pop up, but installs without user intervention. This installation cannot be deployed in quiet mode. There is a possibility that the user will cancel this installation.
  • Use the download only option to deploy the installer to the agent's temporary directory (by default, "/tmp/{Agent GUID}"), where it will then ready for manual installation.
  • The detection logic only detects Firefox installations in the current system volume. Multiple installations of Firefox may cause unexpected detection results.
  • System Requirements:
    Mac OS X 10.6
    Mac OS X 10.7
    Mac OS X 10.8

    Related Resources

    Related Vulnerabilities

    CVE-2013-0773   CVE-2013-0774   CVE-2013-0775   CVE-2013-0776   CVE-2013-0780   CVE-2013-0782   CVE-2013-0783  

    Related Patches

    None

    Superseded Patches


    Last Updated: 27 May 2016 11:16:41