Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » firefox27.0


Id firefox27.0
Name Mozilla Firefox 27.0 for Mac OS X (Update) (See Notes)
Vendor Name mozilla
Product Mozilla FireFox
Content Type Critical Critical
Operating System(s) OSX 
Released On 04 Feb 2014 12:00:00


Mozilla Firefox 27.0 for Mac OS X (Update) (See Notes)

Vendor Name



Mozilla FireFox

Released On

04 Feb 2014 12:00:00



About This Update:
Firefox 27.0 fixes the following critical security issues:

  • MFSA 2014-13 Inconsistent JavaScript handling of access to Window objects.
  • MFSA 2014-12 NSS ticket handling issues.
  • MFSA 2014-11 Crash when using web workers with asm.js.
  • MFSA 2014-10 Firefox default start page UI content invokable by script.
  • MFSA 2014-09 Cross-origin information leak through web workers.
  • MFSA 2014-08 Use-after-free with imgRequestProxy and image proccessing.
  • MFSA 2014-07 XSLT stylesheets treated as styles in Content Security Policy.
  • MFSA 2014-05 Information disclosure with *FromPoint on iframes.
  • MFSA 2014-04 Incorrect use of discarded images by RasterImage.
  • MFSA 2014-03 UI selection timeout missing on download prompts.
  • MFSA 2014-02 Clone protected content with XBL scopes.
  • MFSA 2014-01 Miscellaneous memory safety hazards (rv:27.0 / rv:24.3).
  • Important Notes:

  • By default, deployment will automatically update in the Applications folder.
  • Deployment while Firefox is running will not update the current browser session. The user may re-launch Firefox in order to complete the update.
  • Use the download only option to deploy the installer to the agent's temporary directory (by default, "/tmp/{Agent GUID}"). An administrator may then manually install the update.
  • The detection logic only detects Firefox installations in the current system volume. Multiple installations of Firefox may cause unexpected detection results.
  • System Requirements:
    Mac OS X 10.6
    Mac OS X 10.7
    Mac OS X 10.8
    Mac OS X 10.9

    Related Resources

    Related Vulnerabilities

    CVE-2014-1477   CVE-2014-1478   CVE-2014-1479   CVE-2014-1480   CVE-2014-1481   CVE-2014-1482   CVE-2014-1483   CVE-2014-1485   CVE-2014-1486   CVE-2014-1487   CVE-2014-1488   CVE-2014-1489   CVE-2014-1490   CVE-2014-1491  

    Related Patches

    Superseded Patches

    Last Updated: 27 May 2016 11:18:28