Friday, April 29, 2011

Critical Updates for Firefox Versions 3.6 and 4.0


Updates released yesterday by Mozilla for both Firefox versions 3.6 and 4.0 included critical security updates.  To get the update, click Help > About Firefox > check for updates.

Fixed in Firefox 3.6.17

MFSA 2011-18 XSLT generate-id() function heap address leak
MFSA 2011-16 Directory traversal in resource: protocol
MFSA 2011-15 Escalation of privilege through Java Embedding Plugin
MFSA 2011-14 Information stealing via form history
MFSA 2011-13 Multiple dangling pointer vulnerabilities
MFSA 2011-12 Miscellaneous memory safety hazards (rv:2.0.1/ 1.9.2.17/ 1.9.1.19)

Fixed in Firefox 4.0.1

MFSA 2011-18 XSLT generate-id() function heap address leak
MFSA 2011-17 WebGLES vulnerabilities
MFSA 2011-12 Miscellaneous memory safety hazards (rv:2.0.1/ 1.9.2.17/ 1.9.1.19)

References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


No comments: