LANDesk Patch News Bulletin: Mozilla has Released Firefox Version 22 26-JUN-2013

Version 1

    LANDesk Security and Patch News



    • (June 26, 2013) Mozilla has released Firefox version 22. The following items are fixed in this released:

    MFSA 2013-62 Inaccessible updater can lead to local privilege escalation

    MFSA 2013-61 Homograph domain spoofing in .com, .net and .name

    MFSA 2013-60 getUserMedia permission dialog incorrectly displays location

    MFSA 2013-59 XrayWrappers can be bypassed to run user defined methods in a privileged context

    MFSA 2013-58 X-Frame-Options ignored when using server push with multi-part responses

    MFSA 2013-57 Sandbox restrictions not applied to nested frame elements

    MFSA 2013-56 PreserveWrapper has inconsistent behavior

    MFSA 2013-55 SVG filters can lead to information disclosure

    MFSA 2013-54 Data in the body of XHR HEAD requests leads to CSRF attacks

    MFSA 2013-53 Execution of unmapped memory through onreadystatechange event

    MFSA 2013-52 Arbitrary code execution within Profiler

    MFSA 2013-51 Privileged content access and execution via XBL

    MFSA 2013-50 Memory corruption found using Address Sanitizer

    MFSA 2013-49 Miscellaneous memory safety hazards




    New Vulnerabilities

    • Vulnerability ID – FIREFOXv22.0_ENU


    Changed Vulnerabilities

    • Vulnerability ID – FIREFOXv21.0_ENU (Added the replacement information.)



    New Patch Downloads

    • firefox_setup_22.0_enu.exe


    Where to Send Feedback

    At LANDesk, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.


    Best regards,

    LANDesk Product Support


    Copyright © 2013 LANDesk Software.  All rights reserved. LANDesk is either a registered trademark or trademark of LANDesk Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.


    Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. LANDesk disclaims any liability with respect to this document and LANDesk has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit