Published on: 23 September 2015
Tweet
Published on: 23 September 2015
Mozilla has published security advisories to address multiple vulnerabilities found in Firefox. These vulnerabilities are caused by memory safety bugs in the browser engine, buffer overflow or use-after-free error. A remote attacker could entice a user to open a web page with specially crafted content to exploit the vulnerabilities.
Depending on the vulnerability exploited, a successful attack could lead to application crash or arbitrary code execution on an affected system.
Mozilla has released new versions of the products to address the issues and they can be downloaded at the following URLs:
Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
This link will open in a new windowhttps://www.mozilla.org/en-US/security/advisories
This link will open in a new windowhttps://www.mozilla.org/en-US/security/advisories/mfsa2015-96 (to mfsa2015-114)
This link will open in a new windowhttps://wiki.mozilla.org/Enterprise/Firefox/ExtendedSupport:Proposal
This link will open in a new windowhttps://www.hkcert.org/my_url/en/alert/15092301
This link will open in a new windowhttps://www.us-cert.gov/ncas/current-activity/2015/09/22/Mozilla-Releases-Security-Updates-Firefox
This link will open in a new windowhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4476
This link will open in a new windowhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4500 (to CVE-2015-4512)
This link will open in a new windowhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4516 (to CVE-2015-4517)
This link will open in a new windowhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4519 (to CVE-2015-4522)
This link will open in a new windowhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7174 (to CVE-2015-7180)