Jump to content

Firefox Version 50.0.2 Released to Address Critical Zero-Day Vulnerabi


Corrine

Recommended Posts

Mozilla sent Firefox Version 50.0.2 to the release channel today to address a critical zero-day vulnerability in the wild. Firefox ESR was updated to version 45.5.1. The update includes only the one critical update, Firefox SVG Animation Remote Code Execution.

 

Additional information about the vulnerability here: Vulnerability Note VU#791496 - Mozilla Firefox SVG animation nsSMILTimeContainer use-after-free vulnerability.

 

Note: As explained in the Pale Moon forum announcement, although significantly diverted from Mozilla development, the question arose as to whether Pale Moon is also vulnerable. After evaluation, it was reported that it is extremely unlikely that Pale Moon is vulnerable to this exploit.

 

 

 

  • Like 2
Link to comment
Share on other sites

Note: As explained in the Pale Moon forum announcement, although significantly diverted from Mozilla development, the question arose as to whether Pale Moon is also vulnerable. After evaluation, it was reported that it is extremely unlikely that Pale Moon is vulnerable to this exploit.

Twitter message from PaleMoon:

Despite this, we'll still be releasing a DiD patched update on Dec 2nd that fixes the crash at the root of this.
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...