FYI...
Firefox v14.0.1 released
From an admin. account, start Firefox, then >Help >About >Check for Updates then Apply Update
-or-
Download: https://www.mozilla.com/firefox/all.html
July 17, 2012
What's new...
- https://www.mozilla.org/firefox/14.0.1/releasenotes/
Complete list of Bug fixes:
- https://www.mozilla.org/en-US/firefo...s/buglist.html
Security Advisories for v14.0.01:
- https://www.mozilla.org/security/kno...html#firefox14
Fixed in Firefox 14
MFSA 2012-56 Code execution through javascript: URLs
MFSA 2012-55 feed: URLs with an innerURI inherit security context of page
MFSA 2012-53 Content Security Policy 1.0 implementation errors cause data leakage
MFSA 2012-52 JSDependentString::undepend string conversion results in memory corruption
MFSA 2012-51 X-Frame-Options header ignored when duplicated
MFSA 2012-50 Out of bounds read in QCMS
MFSA 2012-49 Same-compartment Security Wrappers can be bypassed
MFSA 2012-48 use-after-free in nsGlobalWindow::PageHidden
MFSA 2012-47 Improper filtering of javascript in HTML feed-view
MFSA 2012-46 XSS through data: URLs
MFSA 2012-45 Spoofing issue with location
MFSA 2012-44 Gecko memory corruption
MFSA 2012-43 Incorrect URL displayed in addressbar through drag and drop
MFSA 2012-42 Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6)
___
- http://www.securitytracker.com/id/1027256
CVE Reference: CVE-2012-1948, CVE-2012-1949, CVE-2012-1950, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954, CVE-2012-1955, CVE-2012-1957, CVE-2012-1958, CVE-2012-1959, CVE-2012-1960, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963, CVE-2012-1965, CVE-2012-1966, CVE-2012-1967
Jul 17 2012
Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Version(s): prior to 14...
- https://secunia.com/advisories/49965/
Release Date: 2012-07-18
Criticality level: Highly critical
Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, System access
Where: From remote...
Solution: Upgrade to version 14...