Patch/Configuration Management, Vulnerability Management

Mozilla patches two Firefox vulnerabilities

Mozilla pushed out two security patches for Firefox on Oct. 20 rated as potentially having a high impact on users of the popular browser.

The first vulnerability, CVE-2016-5287, was “a potential exploitable use-after-free crash during actor destruction with service workers, “ according to the patch report. It does not affect release version earlier than Firefox 49.

The second, CVE-2016-5288, was discovered by a developer who showed that web content could access information in the HTTP cache if e10s is disabled and it affects Firefox versions 48 and 49.

Both issues were patched with the release of Firefox 49.0.2.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.