Page 6 of 6 FirstFirst ... 23456
Results 51 to 52 of 52

Thread: Firefox updated...

  1. #51
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,486

    Exclamation Firefox 37.0 released

    FYI...

    Firefox 37.0 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates ...
    -or-
    Download: https://www.mozilla.org/en-US/firefox/all/

    - https://www.mozilla.org/en-US/firefo.../releasenotes/
    March 31, 2015

    - https://www.mozilla.org/en-US/securi...fox/#firefox37
    Fixed in Firefox 37.0
    2015-42 Windows can retain access to privileged content on navigation to unprivileged pages
    2015-41 PRNG weakness allows for DNS poisoning on Android
    2015-40 Same-origin bypass through anchor navigation
    2015-39 Use-after-free due to type confusion flaws
    2015-38 Memory corruption crashes in Off Main Thread Compositing
    2015-37 CORS requests should not follow 30x redirections after preflight
    2015-36 Incorrect memory management for simple-type arrays in WebRTC
    2015-35 Cursor clickjacking with flash and images
    2015-34 Out of bounds read in QCMS library
    2015-33 resource:// documents can load privileged pages
    2015-32 Add-on lightweight theme installation approval bypassed through MITM attack
    2015-31 Use-after-free when using the Fluendo MP3 GStreamer plugin
    2015-30 Miscellaneous memory safety hazards (rv:37.0 / rv:31.6)

    ... complete list of changes in this release... 2817 bugs found.
    ___

    - http://www.securitytracker.com/id/1031996
    CVE Reference: CVE-2015-0800, CVE-2015-0801, CVE-2015-0802, CVE-2015-0803, CVE-2015-0804, CVE-2015-0805, CVE-2015-0806, CVE-2015-0807, CVE-2015-0808, CVE-2015-0810, CVE-2015-0811, CVE-2015-0812, CVE-2015-0813, CVE-2015-0814, CVE-2015-0815, CVE-2015-0816
    Apr 1 2015
    Original Entry Date: Mar 31 2015
    Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 37.0 ...

    Last edited by AplusWebMaster; 2015-04-03 at 17:20.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #52
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,486

    Exclamation Firefox 37.0.1 released

    FYI...

    Firefox 37.0.1 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates ...
    -or-
    Download: https://www.mozilla.org/en-US/firefox/all/

    - https://www.mozilla.org/en-US/firefo.../releasenotes/
    April 3, 2015

    - https://www.mozilla.org/en-US/securi...#firefox37.0.1
    Fixed in Firefox 37.0.1
    2015-44 Certificate verification bypass through the HTTP/2 Alt-Svc header*
    2015-43 Loading privileged content through Reader mode

    * https://web.nvd.nist.gov/view/vuln/d...=CVE-2015-0799
    ___

    - https://www.us-cert.gov/ncas/current...Update-Firefox
    April 06, 2015 - "... Mozilla Foundation has released Firefox 37.0.1 to address two vulnerabilities, one of which may allow a remote attacker to conduct man-in-the-middle attacks. Users and administrators are encouraged to review the security advisories for Firefox and apply the necessary updates."

    Last edited by AplusWebMaster; 2015-04-08 at 13:25.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •