In yesterday’s Firefox 13 release, Mozilla has fixed seven critical security vulnerabilities, four of which are critical. The majority of these vulnerabilities are also fixed in the latest Thunderbird 13 release.

More details on the vulnerabilities:

  • MFSA 2012-40 – Buffer overflow and use-after-free issues found using Address Sanitizer
  • MFSA 2012-39 – NSS parsing errors with zero length items
  • MFSA 2012-38 – Use-after-free while replacing/inserting a node in a document
  • MFSA 2012-37 – Information disclosure though Windows file shares and shortcut files
  • MFSA 2012-36 – Content Security Policy inline-script bypass
  • MFSA 2012-35 – Privilege escalation through Mozilla Updater and Windows Updater Service
  • MFSA 2012-34 – Miscellaneous memory safety hazards

Firefox and Thunderbird users are advised to update their software as soon as possible to prevent possible exploitation of the fixed vulnerabilities.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Blog Staff

About the Author

Blog Staff

The Webroot blog offers expert insights and analysis into the latest cybersecurity trends. Whether you’re a home or business user, we’re dedicated to giving you the awareness and knowledge needed to stay ahead of today’s cyber threats.

Share This