Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » firefox24.3

Overview

Id firefox24.3
Name Mozilla Firefox ESR 24.3 for Mac OS X (Update) (See Notes)
Vendor Name mozilla
Product Mozilla FireFox
Content Type Critical Critical
Language(s)
Operating System(s) OSX 
Released On 04 Feb 2014 12:00:00

firefox24.3

Mozilla Firefox ESR 24.3 for Mac OS X (Update) (See Notes)

Vendor Name

mozilla

Product

Mozilla FireFox

Released On

04 Feb 2014 12:00:00

Url

http://www.mozilla.org/firefox/24.3.0/releasenotes/

Description

Mozilla offers an Extended Support Release (ESR) cycle for Firefox that gives users a longer support tail than what is currently offered with regular Firefox releases. This ESR version is available for users who wish to remain on the ESR cycle. Please see Mozilla Firefox Extended Support Release for more information.

About This Update:
Firefox ESR 24.3 fixes the following critical security issues:

  • MFSA 2014-13 Inconsistent JavaScript handling of access to Window objects.
  • MFSA 2014-12 NSS ticket handling issues.
  • MFSA 2014-09 Cross-origin information leak through web workers.
  • MFSA 2014-08 Use-after-free with imgRequestProxy and image proccessing.
  • MFSA 2014-04 Incorrect use of discarded images by RasterImage.
  • MFSA 2014-02 Clone protected content with XBL scopes.
  • MFSA 2014-01 Miscellaneous memory safety hazards (rv:27.0 / rv:24.3).
  • Important Notes:

  • By default, deployment will automatically update Firefox.app in the Applications folder.
  • Deployment while Firefox is running will not update the current browser session. The user may re-launch Firefox in order to complete the update.
  • Use the download only option to deploy the installer to the agent's temporary directory (by default, "/tmp/{Agent GUID}"). An administrator may then manually install the update.
  • The detection logic only detects Firefox installations in the current system volume. Multiple installations of Firefox may cause unexpected detection results.
  • System Requirements:
    Mac OS X 10.6
    Mac OS X 10.7
    Mac OS X 10.8
    Mac OS X 10.9

    Related Resources

    Related Vulnerabilities

    CVE-2014-1477   CVE-2014-1479   CVE-2014-1481   CVE-2014-1482   CVE-2014-1486   CVE-2014-1487   CVE-2014-1490   CVE-2014-1491  

    Related Patches

    None

    Superseded Patches


    Last Updated: 27 May 2016 11:18:27