TTCSIRT-161.090718: TT-CSIRT Advisory – Mozilla Security Updates
Mozilla has released a security update stating that the following issues have been found in Mozilla Firefox ver 62.0:
b) Browser proxy settings can be bypassed by using the automount feature with autofs to create a mount point on the local file system – (CVE-2017-16541).
c) When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash – (CVE-2018-12379).
|Further information vulnerabilities and how they can be mitigated can be found on the Mozilla Website at https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/|