Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » firefox17.0.2

Overview

Id firefox17.0.2
Name Mozilla Firefox ESR 17.0.2 for Mac OS X (Update) (See Note)
Vendor Name mozilla
Product Firefox
Content Type Critical Critical
Language(s)
Operating System(s) OSX 
Released On 08 Jan 2013 11:42:00

firefox17.0.2

Mozilla Firefox ESR 17.0.2 for Mac OS X (Update) (See Note)

Vendor Name

mozilla

Product

Firefox

Released On

08 Jan 2013 11:42:00

Url

http://www.mozilla.com/firefox/17.0.2/releasenotes/

Description

Mozilla offers an Extended Support Release (ESR) cycle for Firefox that gives users a longer support tail than what is currently offered with regular Firefox releases. This ESR version is available for users who wish to remain on the ESR cycle. Please see Mozilla Firefox Extended Support Release for more information.

About This Update:
Firefox ESR 17.0.2 fixes the following security issues:

  • MFSA2013-20 Mis-issued TURKTRUST certificates.
  • MFSA2013-19 Use-after-free in Javascript Proxy objects.
  • MFSA2013-18 Use-after-free in Vibrate.
  • MFSA2013-17 Use-after-free in ListenerManager.
  • MFSA2013-16 Use-after-free in serializeToStream.
  • MFSA2013-15 Privilege escalation through plugin objects.
  • MFSA2013-14 Chrome Object Wrapper (COW) bypass through changing prototype.
  • MFSA2013-13 Memory corruption in XBL with XML bindings containing SVG.
  • MFSA2013-12 Buffer overflow in Javascript string concatenation.
  • MFSA2013-11 Address space layout leaked in XBL objects.
  • MFSA2013-10 Event manipulation in plugin handler to bypass same-origin policy.
  • MFSA2013-09 Compartment mismatch with quickstubs returned values.
  • MFSA2013-08 AutoWrapperChanger fails to keep objects alive during garbage collection.
  • MFSA2013-07 Crash due to handling of SSL on threads.
  • MFSA2013-05 Use-after-free when displaying table with many columns and column groups.
  • MFSA2013-04 URL spoofing in addressbar during page loads.
  • MFSA2013-03 Buffer Overflow in Canvas.
  • MFSA2013-02 Use-after-free and buffer overflow issues found using Address Sanitizer.
  • MFSA2013-01 Miscellaneous memory safety hazards (rv:18.0/ rv:10.0.12 / rv:17.0.2).
  • MFSA2012-98 Firefox installer DLL hijacking.
  • Important Note:
    The detection logic only detects Firefox installations in the current system volume.

    System Requirements:
    Mac OS X 10.6
    Mac OS X 10.7
    Mac OS X 10.8

    Related Resources

    Related Vulnerabilities

    CVE-2012-0759   CVE-2013-0744   CVE-2013-0745   CVE-2013-0746   CVE-2013-0747   CVE-2013-0748   CVE-2013-0749   CVE-2013-0750   CVE-2013-0752   CVE-2013-0753   CVE-2013-0754   CVE-2013-0755   CVE-2013-0756   CVE-2013-0757   CVE-2013-0758   CVE-2013-0761   CVE-2013-0762   CVE-2013-0763   CVE-2013-0764   CVE-2013-0766   CVE-2013-0767   CVE-2013-0768   CVE-2013-0769   CVE-2013-0771   CVE-2012-4206  

    Related Patches

    None

    Superseded Patches

    None


    Last Updated: 27 May 2016 11:16:05