Security Alert (A15-04-10): Vulnerability in Firefox


 

Published on: 21 April 2015

Description:

Mozilla has published a security advisory to address a vulnerability found in Firefox. The vulnerability is caused by memory corruption during failed plugin initialization. A remote attacker could entice a user to open a web page with specially crafted content to exploit the vulnerability.

 

Affected Systems:

  • Firefox prior to version 37.0.2

 

Impact:

A successful attack could potentially lead to arbitrary code execution.

 

Recommendation:

Mozilla has released new versions of the products to address the issue and they can be downloaded at the following URLs:

  • Firefox 37.0.2 for Windows, Macintosh and Linux
    http://www.mozilla.org/en-US/firefox/all.html

Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/
https://www.mozilla.org/en-US/firefox/37.0.2/releasenotes/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2706
 



Tag: Firefox , Mozilla
Tags