Mozilla Firefox Multiple Vulnerabilities-01 Mar15 (Mac OS X)

This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities.

Multiple flaws exist due to, - Some unspecified vulnerabilities in the browser engine in Mozilla Firefox. - WebRTC implementation accepting turns: and stuns: URIs despite the program itself not supporting TLS connections to TURN and STUN servers. - Multiple untrusted search path vulnerabilities in updater.exe. - Improper recognition of the equivalence of domain names with and without a trailing . (dot) character. - Use-after-free error in the 'IDBDatabase::CreateObjectStore' function in dom/indexedDB/IDBDatabase.cpp script. - Flaw in the 'WebGLContext::CompileShader' function in dom/canvas/WebGLContextGL.cpp script that is triggered when handling specially crafted WebGL content that writes strings. - Buffer overflow in libstagefright. - Double free vulnerability in the 'nsXMLHttpRequest::GetResponse' function. - Heap-based buffer overflow in the 'mozilla::gfx::CopyRect' and 'nsTransformedTextRun::SetCapitalization' functions. - Stack-based buffer underflow in the 'mozilla::MP3FrameParser::ParseBuffer' function - Out-of-bounds Memory Zeroing Issue in Cairo graphics library implementation - Flaw in web content that relies on the Caja Compiler and other similar sandboxing libraries for protection. - Manual Link Opening Context Restriction Bypass flaw in Firefox. - Flaw in the autocomplete feature for forms. - Multiple use-after-free vulnerabilities in OpenType Sanitiser. - Heap use-after-free flaw in the 'ots::ots_gasp_parse' function.

Mozilla Firefox before version 36.0 on Mac OS X

Checks if a vulnerable version is present on the target host.

Upgrade to Mozilla Firefox version 36.0 or later.