Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » LM14-0061

Overview

Id LM14-0061
Name Mozilla Firefox 31.2.0 ESR for Mac OS X (See Notes)
Vendor Name mozilla
Product Mozilla Firefox ESR
Content Type Critical Critical
Language(s)
Operating System(s) OSX 
Released On 14 Oct 2014 12:00:00

LM14-0061

Mozilla Firefox 31.2.0 ESR for Mac OS X (See Notes)

Vendor Name

mozilla

Product

Mozilla Firefox ESR

Released On

14 Oct 2014 12:00:00

Url

https://www.mozilla.org/firefox/31.2.0/releasenotes/

Description

Mozilla Firefox Extended Support Release (ESR) is a web browser provided by the Mozilla Corporation with a more controlled release cycle.

Firefox 31.2.0 ESR addresses the following security issues:

  • MFSA 2014-82 Accessing cross-origin objects via the Alarms API
  • MFSA 2014-81 Inconsistent video sharing within iframe
  • MFSA 2014-79 Use-after-free interacting with text directionality
  • MFSA 2014-77 Out-of-bounds write with WebM video
  • MFSA 2014-76 Web Audio memory corruption issues with custom waveforms
  • MFSA 2014-75 Buffer overflow during CSS manipulation
  • MFSA 2014-74 Miscellaneous memory safety hazards (rv:33.0 / rv:31.2)

  • Notes:
  • By default, deployment will automatically update Firefox.app in the Applications folder.
  • Deployment while Firefox is running will not update the current browser session. The user may re-launch Firefox in order to complete the update.
  • Use the download only option to deploy the installer to the agent's temporary directory (by default, "/tmp/{Agent GUID}"). An administrator may then manually install the update.
  • The detection logic only detects Firefox installations in the current system volume. Multiple installations of Firefox may cause unexpected detection results.
  • Related Resources

    Related Vulnerabilities

    CVE-2014-1574   CVE-2014-1576   CVE-2014-1577   CVE-2014-1578   CVE-2014-1581   CVE-2014-1583   CVE-2014-1585   CVE-2014-1586  

    Related Patches

    None

    Superseded Patches


    Last Updated: 27 May 2016 11:20:12