Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 46.0 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox esr 38.5.0 |
||
mozilla firefox esr 38.4.0 |
||
mozilla firefox esr 38.0.1 |
||
mozilla firefox esr 38.0 |
||
mozilla firefox esr 38.5.2 |
||
mozilla firefox esr 38.5.1 |
||
mozilla firefox esr 38.1.0 |
||
mozilla firefox esr 38.0.5 |
||
mozilla firefox esr 38.3.0 |
||
mozilla firefox esr 38.2.1 |
||
mozilla firefox |
||
mozilla firefox esr 38.7.1 |
||
mozilla firefox esr 38.7.0 |
||
mozilla firefox esr 38.6.1 |
||
mozilla firefox esr 38.6.0 |
||
mozilla firefox esr 38.2.0 |
||
mozilla firefox esr 38.1.1 |
Browser bods emit ten patches in total, some for critical or high severity holes
In version 46 of its popular Firefox web browser, Mozilla has patched 10 vulnerabilities, some rated either critical or high severity, that permitted remote code execution. One of the patched high-severity flaws was burned reported by the Communications-Electronics Security Group (CESG), the information security limb of the UK's Government Communications Headquarters (GCHQ). Mozilla says in an advisory that four critical memory safety bugs (CVE-2016-2804 to 2807) are now patched. "Mozilla develo...