Results 1 to 10 of 105

Thread: Firefox updated...

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Firefox v13 released

    FYI...

    Firefox v13 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates
    -or-
    Download: https://www.mozilla.com/firefox/all.html
    June 5, 2012

    What's new...
    - https://www.mozilla.org/firefox/13.0/releasenotes/
    Release Notes/Bug fixes ... See: Known Issues...
    Complete list of changes in this release:
    - https://www.mozilla.org/firefox/13.0...s/buglist.html
    Security Advisories:
    - https://www.mozilla.org/security/kno...html#firefox13
    Fixed in Firefox 13
    MFSA 2012-40 Buffer overflow and use-after-free issues found using Address Sanitizer
    MFSA 2012-39 NSS parsing errors with zero length items
    MFSA 2012-38 Use-after-free while replacing/inserting a node in a document
    MFSA 2012-37 Information disclosure though Windows file shares and shortcut files
    MFSA 2012-36 Content Security Policy inline-script bypass
    MFSA 2012-35 Privilege escalation through Mozilla Updater and Windows Updater Service
    MFSA 2012-34 Miscellaneous memory safety hazards
    ___

    - http://www.securitytracker.com/id/1027120
    CVE Reference:
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-0441 - 5.0
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-1937 - 9.3 (HIGH)
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-1938 - 9.3 (HIGH)
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-1939 - 9.3 (HIGH)
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-1940 - 9.3 (HIGH)
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-1941 - 9.3 (HIGH)
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-1942 - 7.2 (HIGH)
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-1943 - 6.9
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-1944 - 4.3
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-1945 - 2.9
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-1946 - 9.3 (HIGH)
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-1947 - 9.3 (HIGH)
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-3105 - 9.3 (HIGH)
    Jun 6 2012
    Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
    Version(s): prior to 13.0

    - https://secunia.com/advisories/49368/
    Release Date: 2012-06-06
    Criticality level: Highly critical
    Impact: Unknown, Exposure of sensitive information, Privilege escalation, DoS, System access
    Where: From remote...
    Solution: Upgrade to Firefox version 13.0...

    Last edited by AplusWebMaster; 2012-06-07 at 20:49.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #2
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Firefox v13.0.1 released

    FYI...

    Firefox v13.0.1 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates
    -or-
    Download: https://www.mozilla.com/firefox/all.html
    June 15, 2012

    What's new...
    - https://www.mozilla.org/firefox/13.0.1/releasenotes/
    Flash 11.3 sometimes caused a crash on quit (747683*, fixed in 13.0.1)...
    * https://bugzilla.mozilla.org/show_bug.cgi?id=747683

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #3
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Firefox "new tab" thumbnail feature - disable

    FYI...

    Firefox "new tab" thumbnail feature - disable

    - http://h-online.com/-1625761
    25 June 2012 - "... users can completely disable the new tab page feature in Firefox by changing some advanced preferences under "about:config" ..."

    - http://www.h-online.com/security/new...ew=zoom;zoom=1

    - http://www.theregister.co.uk/2012/06...rity_concerns/
    22 June 2012

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #4
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Firefox v14.0.1 released

    FYI...

    Firefox v14.0.1 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates then Apply Update
    -or-
    Download: https://www.mozilla.com/firefox/all.html
    July 17, 2012

    What's new...
    - https://www.mozilla.org/firefox/14.0.1/releasenotes/
    Complete list of Bug fixes:
    - https://www.mozilla.org/en-US/firefo...s/buglist.html

    Security Advisories for v14.0.01:
    - https://www.mozilla.org/security/kno...html#firefox14
    Fixed in Firefox 14
    MFSA 2012-56 Code execution through javascript: URLs
    MFSA 2012-55 feed: URLs with an innerURI inherit security context of page
    MFSA 2012-53 Content Security Policy 1.0 implementation errors cause data leakage
    MFSA 2012-52 JSDependentString::undepend string conversion results in memory corruption
    MFSA 2012-51 X-Frame-Options header ignored when duplicated
    MFSA 2012-50 Out of bounds read in QCMS
    MFSA 2012-49 Same-compartment Security Wrappers can be bypassed
    MFSA 2012-48 use-after-free in nsGlobalWindow::PageHidden
    MFSA 2012-47 Improper filtering of javascript in HTML feed-view
    MFSA 2012-46 XSS through data: URLs
    MFSA 2012-45 Spoofing issue with location
    MFSA 2012-44 Gecko memory corruption
    MFSA 2012-43 Incorrect URL displayed in addressbar through drag and drop
    MFSA 2012-42 Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6)
    ___

    - http://www.securitytracker.com/id/1027256
    CVE Reference: CVE-2012-1948, CVE-2012-1949, CVE-2012-1950, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954, CVE-2012-1955, CVE-2012-1957, CVE-2012-1958, CVE-2012-1959, CVE-2012-1960, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963, CVE-2012-1965, CVE-2012-1966, CVE-2012-1967
    Jul 17 2012
    Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
    Version(s): prior to 14...

    - https://secunia.com/advisories/49965/
    Release Date: 2012-07-18
    Criticality level: Highly critical
    Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, System access
    Where: From remote...
    Solution: Upgrade to version 14...

    Last edited by AplusWebMaster; 2012-07-18 at 15:34.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #5
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Firefox v15.0 released

    FYI...

    Firefox v15.0 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates then Apply Update
    -or-
    Download: https://www.mozilla.com/firefox/all.html
    August 28, 2012

    What's new...
    - https://www.mozilla.org/en-US/firefo.../releasenotes/
    Complete list of Bug fixes:
    - https://www.mozilla.org/en-US/firefo...s/buglist.html

    Security Advisories for v15.0:
    - https://www.mozilla.org/security/kno...html#firefox15
    Fixed in Firefox 15
    MFSA 2012-72 Web console eval capable of executing chrome-privileged code
    MFSA 2012-71 Insecure use of __android_log_print
    MFSA 2012-70 Location object security checks bypassed by chrome code
    MFSA 2012-69 Incorrect site SSL certificate data display
    MFSA 2012-68 DOMParser loads linked resources in extensions when parsing text/html
    MFSA 2012-67 Installer will launch incorrect executable following new installation
    MFSA 2012-66 HTTPMonitor extension allows for remote debugging without explicit activation
    MFSA 2012-65 Out-of-bounds read in format-number in XSLT
    MFSA 2012-64 Graphite 2 memory corruption
    MFSA 2012-63 SVG buffer overflow and use-after-free issues
    MFSA 2012-62 WebGL use-after-free and memory corruption
    MFSA 2012-61 Memory corruption with bitmap format images with negative height
    MFSA 2012-60 Escalation of privilege through about:newtab
    MFSA 2012-59 Location object can be shadowed using Object.defineProperty
    MFSA 2012-58 Use-after-free issues found using Address Sanitizer
    MFSA 2012-57 Miscellaneous memory safety hazards (rv:15.0/ rv:10.0.7)
    ___

    - http://www.securitytracker.com/id/1027450
    CVE Reference: CVE-2012-1956, CVE-2012-1970, CVE-2012-1971, CVE-2012-1972, CVE-2012-1973, CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956, CVE-2012-3957, CVE-2012-3958, CVE-2012-3959, CVE-2012-3960, CVE-2012-3961, CVE-2012-3962, CVE-2012-3963, CVE-2012-3964, CVE-2012-3965, CVE-2012-3966, CVE-2012-3967, CVE-2012-3968, CVE-2012-3969, CVE-2012-3970, CVE-2012-3971, CVE-2012-3972, CVE-2012-3973, CVE-2012-3974, CVE-2012-3975, CVE-2012-3976, CVE-2012-3978, CVE-2012-3979, CVE-2012-3980
    Aug 29 2012
    Impact: Disclosure of system information, Execution of arbitrary code via network, User access via local system, User access via network
    Version(s): prior to 15.0 ...

    - https://secunia.com/advisories/50088/
    Release Date: 2012-08-29
    Criticality level: Highly critical
    Impact: Cross Site Scripting, Spoofing, Exposure of sensitive information, System access
    Where: From remote...
    Solution: Upgrade to version 15.

    Last edited by AplusWebMaster; 2012-08-29 at 15:27.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #6
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Post Firefox v15.0.1 released

    FYI...

    Firefox v15.0.1 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates then Apply Update
    -or-
    Download: https://www.mozilla.com/firefox/all.html
    September 6, 2012

    What's new...
    - https://www.mozilla.org/en-US/firefo.../releasenotes/
    Complete list of Bug fixes:
    - https://www.mozilla.org/en-US/firefo...s/buglist.html

    - http://www.ghacks.net/2012/09/06/fir...ribution-soon/
    Sep 6, 2012 - "... unfortunate bug in Mozilla Firefox 15 stable that is preventing the browser’s private browsing mode from working correctly. The bug was discovered shortly after Firefox 15 was distributed to users of the stable channel of the browser, and Mozilla has been working diligently ever since to resolve the issue... It is a issue of trust for Mozilla mainly, which can easily be lost if sensitive features are not working like they should. For users the situation may have been even more precarious as it may have forced them to explain their browsing activities to third parties..."
    - http://cdn.ghacks.net/wp-content/upl...fox-15.0.1.jpg
    ___

    - http://h-online.com/-1702798
    7 Sep 2012

    Last edited by AplusWebMaster; 2012-09-07 at 18:07.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •