Firefox 24 delivers 17 security updates
Posted on 18 September 2013.
Mozilla released Firefox 24, which includes 17 security updates: seven are critical, four high, and six moderate.


Fixed in this version:
  • MFSA 2013-92 GC hazard with default compartments and frame chain restoration
  • MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object
  • MFSA 2013-90 Memory corruption involving scrolling
  • MFSA 2013-89 Buffer overflow with multi-column, lists, and floats
  • MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes
  • MFSA 2013-87 Shared object library loading from writable location
  • MFSA 2013-86 WebGL Information disclosure through OS X NVIDIA graphic drivers
  • MFSA 2013-85 Uninitialized data in IonMonkey
  • MFSA 2013-84 Same-origin bypass through symbolic links
  • MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification
  • MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption
  • MFSA 2013-81 Use-after-free with select element
  • MFSA 2013-80 NativeKey continues handling key messages after widget is destroyed
  • MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning
  • MFSA 2013-78 Integer overflow in ANGLE library
  • MFSA 2013-77 Improper state in HTML5 Tree Builder with templates
  • MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9)





Spotlight

Windows 0-day exploited in ongoing attacks, temporary workarounds offered

Posted on 22 October 2014.  |  A new Windows zero-day vulnerability is being actively exploited in the wild and is primarily a risk to users on servers and workstations that open documents with embedded OLE objects.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Oct 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //