Mozilla Firefox Security Updates(mfsa_2018-11_2018-12)-MAC OS X

This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities.

Multiple flaws exists due to, - Use-after-free error with SVG animations and clip paths. - Use-after-free error with SVG animations and text paths. - Same-origin bypass of PDF Viewer to view protected PDF files. - Malicious PDF can inject JavaScript into PDF Viewer. - Integer overflow and out-of-bounds write errors in Skia. - Uninitialized memory use by WebRTC encoder. - WebExtensions information leak error through webRequest API. - Out-of-bounds read error in mixed content websocket messages. - Replacing cached data in JavaScript Start-up Bytecode Cache. - CSP not applied to all multipart content sent with multipart/x-mixed-replace. - WebExtension host permission bypass error through filterReponseData. - Improper linkification of chrome: and javascript: content in web console and JavaScript debugger. - Lightweight themes can be installed without user interaction. - Dragging and dropping link text onto home button can set home page to include chrome pages. - Pasted script from clipboard can run in the Live Bookmarks page or PDF viewer. - File name spoofing of Downloads panel with Unicode characters. - Windows Defender SmartScreen UI runs with less secure behavior for downloaded files in Windows 10 April 2018 Update. - Universal CSP bypass error on sites using strict-dynamic in their policies. - JSON Viewer script injection. - Buffer overflow error in XSLT during number formatting. - Checkbox for enabling Flash protected mode is inverted in 32-bit Firefox. - Heap-use-after-free error in mozilla::WebGLContext::DrawElementsInstanced. - Memory safety bugs fixed in Firefox 60.

Mozilla Firefox version before 60 on MAC OS X.

Checks if a vulnerable version is present on the target host.

Upgrade to Mozilla Firefox version 60 or later. Please see the references for more information.