Security updates released for Firefox 79 and Firefox ESR 68.11

Security updates released for Firefox 79 and Firefox ESR 68.11

Hello everyone,

 

Mozilla has fixed several security vulnerabilities in Firefox 79 and Firefox ESR 68.11. The details of the vulnerabilities are as follows:

  CVE ID
  Vulnerability
  Severity
  CVE-2020-15652
  Potential leak of redirect targets when loading scripts in a worker
  High
  CVE-2020-6514
  WebRTC data channel leaks internal address to peer
  High
  CVE-2020-15655
  Extension APIs could be used to bypass Same-Origin Policy
  High
  CVE-2020-15653
  Bypassing iframe sandbox when allowing popups
  Moderate  
  CVE-2020-6463
  Use-after-free in ANGLE
  Moderate
  CVE-2020-15656
  Type confusion for special arguments in IonMonkey
  Moderate
  CVE-2020-15658
  Overriding file type when saving to disk
  Low
  CVE-2020-15657
  DLL hijacking due to incorrect loading path
  Low
  CVE-2020-15654
  Custom cursor can overlay user interface
  Low
  CVE-2020-15659
  Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11
  High



To fix these vulnerabilities, initiate a sync between the Vulnerability Manager Plus server and the Central Patch Repository. Search for the following Patch IDs or Bulletin ID and deploy them to your target systems.

 

Patch ID

Bulletin ID

Patch description

315260

TU-027

Mozilla Firefox (79.0)

315261

TU-027

Mozilla Firefox (x64) (79.0)

315248

TU-054

Mozilla Firefox ESR (68.11.0)

315249

TU-054

Mozilla Firefox ESR (x64) (68.11.0)

 

Cheers,

The ManageEngine Team


                New to ADSelfService Plus?