Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » LM16-0041

Overview

Id LM16-0041
Name Mozilla Firefox 46.0 for Mac OS X (See Notes)
Vendor Name mozilla
Product FireFox
Content Type Critical Critical
Language(s)
Operating System(s) OSX 
Released On 26 Apr 2016 12:00:00

LM16-0041

Mozilla Firefox 46.0 for Mac OS X (See Notes)

Vendor Name

mozilla

Product

FireFox

Released On

26 Apr 2016 12:00:00

Url

http://www.mozilla.org/firefox/46.0/releasenotes/

Description

Mozilla Firefox is a web browser provided by the Mozilla Corporation with a rapid release cycle.

Firefox 46.0 addresses the following security issues:

  • MFSA 2016-48 Firefox Health Reports could accept events from untrusted domains
  • MFSA 2016-47 Write to invalid HashMap entry through JavaScript.watch()
  • MFSA 2016-46 Elevation of privilege with chrome.tabs.update API in web extensions
  • MFSA 2016-45 CSP not applied to pages sent with multipart/x-mixed-replace
  • MFSA 2016-44 Buffer overflow in libstagefright with CENC offsets
  • MFSA 2016-42 Use-after-free and buffer overflow in Service Workers
  • MFSA 2016-39 Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8)


  • Notes:
  • Detection and deployment only support Firefox.app installed in the current system volume's Applications folder
  • Deployment while Firefox is running will not update the current browser session; the user may re-launch Firefox in order to complete the update


  • Related Resources

    Related Vulnerabilities

    None

    Related Patches

    None

    Superseded Patches


    Last Updated: 27 May 2016 11:23:35