Mozilla Firefox Security Updates( mfsa_2017-18_2017-19 )-MAC OS X

This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities.

The multiple flaws exists due to, - XUL injection in the style editor in devtools. - Use-after-free in WebSockets during disconnection. - Use-after-free with marquee during window resizing. - Use-after-free while deleting attached editor DOM node. - Use-after-free with image observers. - Use-after-free resizing image elements. - Buffer overflow manipulating ARIA attributes in DOM. - Buffer overflow while painting non-displayable SVG. - Use-after-free in layer manager with SVG. - Out-of-bounds read with cached style data and pseudo-elements. - Same-origin policy bypass with iframes through page reloads. - Domain hijacking through AppCache fallback. - Buffer overflow viewing certificates with an extremely long OID. - Spoofing following page navigation with data: protocol and modal alerts. - CSP information leak with frame-ancestors containing paths. - Elliptic curve point addition error when using mixed Jacobian-affine coordinates. - CSP containing sandbox improperly applied. - Self-XSS XUL injection in about:webrtc. - DOS attack through long username in URL. - Sandboxed about:srcdoc iframes do not inherit CSP directives. - Failure to enable HSTS when two STS headers are sent for a connection. - Response header name interning leaks across origins. - Memory safety bugs.

Mozilla Firefox version before 55.0 on MAC OS X.

Checks if a vulnerable version is present on the target host.

Upgrade to Mozilla Firefox version 55.0 or later.