Mozilla Firefox Security Updates(mfsa_2017-10_2017-12)-Windows

This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities.

The multiple flaws exists due to, - An use-after-free in SMIL animation functions, - An use-after-free during transaction processing in the editor, - An uut-of-bounds write with malicious font in Graphite 2, - An Out-of-bounds write in Base64 encoding in NSS, - The buffer overflow in WebGL, - The origin confusion when reloading isolated data:text/html URL, - An use-after-free during focus handling, - An use-after-free in text input selection, - An use-after-free in frame selection, - An use-after-free in nsAutoPtr during XSLT processing, - An use-after-free in nsTArray Length() during XSLT processing, - An use-after-free in txExecutionState destructor during XSLT processing, - An use-after-free with selection during scroll events, - An use-after-free during style changes, - The memory corruption with accessibility and DOM manipulation, - The out-of-bounds write during BinHex decoding, - The buffer overflow while parsing application/http-index-format content, - An out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data, - An out-of-bounds read during glyph processing, - An out-of-bounds read in ConvolvePixel, - An out-of-bounds write in ClearKeyDecryptor, - The vulnerabilities in Libevent library, - The sandbox escape allowing file system read access through file picker, - The sandbox escape through internal feed reader APIs, - The sandbox escape allowing local file system access, - The Potential Buffer overflow in flex-generated code, - An uninitialized values used while parsing application/http-index-format content, - The crash during bidirectional unicode manipulation with animation, - An addressbar spoofing using javascript: URI on Firefox for Android, - An addressbar spoofing with onblur event, - The DRBG flaw in NSS, - The memory corruption when drawing Skia content, - The addressbar spoofing during scrolling with editable content on Firefox for Android, - The HTML injection into RSS Reader feed preview page through TITLE element, - The drag and drop of javascript: URLs can allow for self-XSS, - An incorrect ownership model for Private Browsing information and - The memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1.

Mozilla Firefox version before 53.0 on Windows.

Checks if a vulnerable version is present on the target host.

Upgrade to Mozilla Firefox version 53.0 or later.