(CVE-2013-1675) - Multiple memory corruption issues exist. (CVE-2013-1674) - Some 'DOMSVGZoomEvent' functions are used without being properly initialized, which could lead to information disclosure. (CVE-2013-1672) - A use-after-free vulnerability exists when resizing video while playing. (CVE-2013-1670) - A local privilege escalation issues exists in the Mozilla Maintenance Service. (CVE-2013-0801) - It is possible to call a content level constructor that allows for the constructor to have chrome privileged access. (CVE-2013-0801) - It is possible to call a content level constructor that allows for the constructor to have chrome privileged access. The installed version of Firefox ESR 17.x is earlier than 17.0.6, and is, therefore, potentially affected by the following vulnerabilities : - Various memory safety issues exist. Description The installed version of Firefox ESR 17.x is earlier than 17.0.6, and is, therefore, potentially affected by the following vulnerabilities : - Various memory safety issues exist.
#Firefox esr 17 upgrade
(CVE-2013-0768) Solution Upgrade to Firefox 17.0.2 ESR or later.Synopsis The remote Windows host contains a web browser that is potentially affected by multiple vulnerabilities. (CVE-2013-0764) - An error exists related to 'Canvas' and bad height or width values passed to it from HTML. (CVE-2013-0759) - An error exists related to SSL and threading that could result in potentially exploitable crashes. The installed version of Firefox 17.x is potentially affected by the following security issues : - Two intermediate certificates were improperly issued by. (CVE-2013-0758) - An error exists related to the address bar that could allow URL spoofing attacks. (CVE-2013-0757) - An error related to SVG elements and plugins could allow privilege escalation.
#Firefox esr 17 code
(CVE-2013-0756) - 'Chrome Object Wrappers' (COW) can be bypassed by changing object prototypes, which could allow arbitrary code execution. (CVE-2013-0755) - A use-after-free error exists related to JavaScript 'Proxy' objects. (CVE-2013-0754) - A use-after-free error exists related to the 'Vibrate' library and 'domDoc'. (CVE-2013-0753) - A use-after-free error exists related to garbage collection and 'ListenManager'. (CVE-2013-0752) - A use-after-free error exists related to 'XMLSerializer' and 'serializeToStream'. (CVE-2013-0750) - An error exists related to multiple XML bindings with SVG content, contained in XBL files.
(CVE-2013-0748) - A buffer overflow exists related to JavaScript string concatenation. (CVE-2013-0747) - An error related to the 'toString' method of XBL objects could lead to address information leakage. (CVE-2013-0746) - Errors exist related to events in the plugin handler that could allow same-origin policy bypass. (CVE-2012-0745) - An error exists related to 'jsval', 'quickstubs', and compartmental mismatches that could lead to potentially exploitable crashes.
(CVE-2013-0744) - An error exists related to the 'AutoWrapperChanger' class that does not properly manage objects during garbage collection. (CVE-2013-0743) - A use-after-free error exists related to displaying HTML tables with many columns and column groups.
Description The installed version of Firefox 17.x is potentially affected by the following security issues : - Two intermediate certificates were improperly issued by TURKTRUST certificate authority. Synopsis The remote Windows host contains a web browser that is affected by multiple vulnerabilities.
0 kommentar(er)
