Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » firefox19.0

Overview

Id firefox19.0
Name Mozilla Firefox 19.0 for Mac OS X (Update) (See Notes)
Vendor Name mozilla
Product Mozilla FireFox
Content Type Critical Critical
Language(s)
Operating System(s) OSX 
Released On 19 Feb 2013 12:00:00

firefox19.0

Mozilla Firefox 19.0 for Mac OS X (Update) (See Notes)

Vendor Name

mozilla

Product

Mozilla FireFox

Released On

19 Feb 2013 12:00:00

Url

http://www.mozilla.com/firefox/19.0/releasenotes/

Description

About This Update:
Firefox 19.0 fixes several security issues:

  • MFSA 2013-28 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer.
  • MFSA 2013-27 Phishing on HTTPS connection through malicious proxy.
  • MFSA 2013-26 Use-after-free in nsImageLoadingContent.
  • MFSA 2013-25 Privacy leak in JavaScript Workers.
  • MFSA 2013-24 Web content bypass of COW and SOW security wrappers.
  • MFSA 2013-23 Wrapped WebIDL objects can be wrapped again.
  • MFSA 2013-22 Out-of-bounds read in image rendering.
  • MFSA 2013-21 Miscellaneous memory safety hazards (rv:19.0 / rv:17.0.3).
  • Important Notes:

  • By default, deployment will automatically update Firefox.app in the Applications folder.
  • Deployment while Firefox is running will not update the current browser session. The user may re-launch Firefox in order to complete the update.
  • The installation will show a pop up, but installs without user intervention. This installation cannot be deployed in quiet mode. There is a possibility that the user will cancel this installation.
  • Use the download only option to deploy the installer to the agent's temporary directory (by default, "/tmp/{Agent GUID}"), where it will then ready for manual installation.
  • The detection logic only detects Firefox installations in the current system volume. Multiple installations of Firefox may cause unexpected detection results.
  • System Requirements:
    Mac OS X 10.6
    Mac OS X 10.7
    Mac OS X 10.8

    Related Resources

    Related Vulnerabilities

    CVE-2013-0765   CVE-2013-0772   CVE-2013-0773   CVE-2013-0774   CVE-2013-0775   CVE-2013-0776   CVE-2013-0777  

    Related Patches

    Superseded Patches


    Last Updated: 27 May 2016 11:16:40