Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » firefox18.0

Overview

Id firefox18.0
Name Mozilla Firefox 18.0 for Mac OS X (Update) (See Note)
Vendor Name mozilla
Product Firefox
Content Type Critical Critical
Language(s)
Operating System(s) OSX 
Released On 08 Jan 2013 11:42:00

firefox18.0

Mozilla Firefox 18.0 for Mac OS X (Update) (See Note)

Vendor Name

mozilla

Product

Firefox

Released On

08 Jan 2013 11:42:00

Url

http://www.mozilla.com/firefox/18.0/releasenotes/

Description

About This Update:
Firefox 18.0 fixes several security issues:

  • MFSA 2013-20 Mis-issued TURKTRUST certificates.
  • MFSA 2013-19 Use-after-free in Javascript Proxy objects.
  • MFSA 2013-18 Use-after-free in Vibrate.
  • MFSA 2013-17 Use-after-free in ListenerManager.
  • MFSA 2013-16 Use-after-free in serializeToStream.
  • MFSA 2013-15 Privilege escalation through plugin objects.
  • MFSA 2013-14 Chrome Object Wrapper (COW) bypass through changing prototype.
  • MFSA 2013-13 Memory corruption in XBL with XML bindings containing SVG.
  • MFSA 2013-12 Buffer overflow in Javascript string concatenation.
  • MFSA 2013-11 Address space layout leaked in XBL objects.
  • MFSA 2013-10 Event manipulation in plugin handler to bypass same-origin policy.
  • MFSA 2013-09 Compartment mismatch with quickstubs returned values.
  • MFSA 2013-08 AutoWrapperChanger fails to keep objects alive during garbage collection.
  • MFSA 2013-07 Crash due to handling of SSL on threads.
  • MFSA 2013-06 Touch events are shared across iframes.
  • MFSA 2013-05 Use-after-free when displaying table with many columns and column groups.
  • MFSA 2013-04 URL spoofing in addressbar during page loads.
  • MFSA 2013-03 Buffer Overflow in Canvas.
  • MFSA 2013-02 Use-after-free and buffer overflow issues found using Address Sanitizer.
  • MFSA 2013-01 Miscellaneous memory safety hazards (rv:18.0/ rv:10.0.12 / rv:17.0.2).
  • MFSA 2012-98 Firefox installer DLL hijacking.
  • Important Notes:

  • This update is applicable to Firefox version 4 and higher.
  • The detection logic only detects Firefox installations in the system-default Program Files folder (e.g. "C:\Program Files\Mozilla Firefox").
  • Deployment while Firefox is running will not upgrade the current browser session. The user will be prompted to reboot the next time Firefox is launched, in order to complete the upgrade.
  • Deployment with Uninstall will remove Firefox completely.
  • System Requirements:
    Mac OS X 10.6
    Mac OS X 10.7
    Mac OS X 10.8

    Related Resources

    Related Vulnerabilities

    CVE-2012-0759   CVE-2012-5829   CVE-2013-0744   CVE-2013-0745   CVE-2013-0746   CVE-2013-0747   CVE-2013-0748   CVE-2013-0749   CVE-2013-0750   CVE-2013-0751   CVE-2013-0752   CVE-2013-0753   CVE-2013-0754   CVE-2013-0755   CVE-2013-0756   CVE-2013-0757   CVE-2013-0758   CVE-2013-0760   CVE-2013-0761   CVE-2013-0762   CVE-2013-0763   CVE-2013-0764   CVE-2013-0766   CVE-2013-0767   CVE-2013-0768   CVE-2013-0769   CVE-2013-0770   CVE-2013-0771  

    Related Patches

    Superseded Patches

    None


    Last Updated: 27 May 2016 11:16:05