{"id":10785,"date":"2013-02-19T12:35:04","date_gmt":"2013-02-19T20:35:04","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=10785"},"modified":"2016-10-06T11:48:36","modified_gmt":"2016-10-06T18:48:36","slug":"mozillas-firefox-19-patches-critical-flaws","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/","title":{"rendered":"Mozilla&#8217;s Firefox 19 Patches Critical Flaws"},"content":{"rendered":"<p>The Mozilla Foundation has released <a href=\"https:\/\/www.mozilla.org\/security\/known-vulnerabilities\/firefox.html#firefox19\" target=\"_blank\">Firefox 19<\/a> for Mac OS X, fixing 8 vulnerabilities (4 critical, 2 high, 2 moderate) that resolve 14 CVEs overall. Among the critical vulnerabilities fixed in Firefox 19, several include memory safety bugs, some of which could be exploited to run arbitrary code. Another notable bug fixed allows spoofing of addresses that can be used for phishing attacks by fooling users into entering credentials.<\/p>\n<p>Eight vulnerabilities fixed in Firefox 19 are described as follows:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.mozilla.org\/security\/announce\/2013\/mfsa2013-28.html\" target=\"_blank\">MFSA 2013-28<\/a> Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer<\/li>\n<li><a href=\"https:\/\/www.mozilla.org\/security\/announce\/2013\/mfsa2013-27.html\" target=\"_blank\">MFSA 2013-27<\/a> Phishing on HTTPS connection through malicious proxy<\/li>\n<li><a href=\"https:\/\/www.mozilla.org\/security\/announce\/2013\/mfsa2013-26.html\" target=\"_blank\">MFSA 2013-26<\/a> Use-after-free in nsImageLoadingContent<\/li>\n<li><a href=\"https:\/\/www.mozilla.org\/security\/announce\/2013\/mfsa2013-25.html\" target=\"_blank\">MFSA 2013-25<\/a> Privacy leak in JavaScript Workers<\/li>\n<li><a href=\"https:\/\/www.mozilla.org\/security\/announce\/2013\/mfsa2013-24.html\" target=\"_blank\">MFSA 2013-24<\/a> Web content bypass of COW and SOW security wrappers<\/li>\n<li><a href=\"https:\/\/www.mozilla.org\/security\/announce\/2013\/mfsa2013-23.html\" target=\"_blank\">MFSA 2013-23<\/a> Wrapped WebIDL objects can be wrapped again<\/li>\n<li><a href=\"https:\/\/www.mozilla.org\/security\/announce\/2013\/mfsa2013-22.html\" target=\"_blank\">MFSA 2013-22<\/a> Out-of-bounds read in image rendering<\/li>\n<li><a href=\"https:\/\/www.mozilla.org\/security\/announce\/2013\/mfsa2013-21.html\" target=\"_blank\">MFSA 2013-21<\/a> Miscellaneous memory safety hazards (rv:19.0 \/ rv:17.0.3)<\/li>\n<\/ul>\n<p>Users can update their software to the latest version on your Mac by using the browser\u2019s internal updater (go to Firefox &gt; About Firefox &gt; Check for Updates). You can also head over to Mozilla\u2019s <a href=\"http:\/\/www.mozilla.org\/en-US\/firefox\/new\/\" target=\"_blank\">download page to get Firefox 19<\/a> on your Mac.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Mozilla Foundation has released Firefox 19 for Mac OS X, fixing 8 vulnerabilities (4 critical, 2 high, 2 moderate) that resolve 14 CVEs overall. Among the critical vulnerabilities fixed in Firefox 19, several include memory safety bugs, some of which could be exploited to run arbitrary code. Another notable bug fixed allows spoofing of [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":9917,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[13,5],"tags":[56,207,201],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"The Mozilla Foundation has released Firefox 19 for Mac OS X, fixing 8 vulnerabilities (4 critical, 2 high, 2 moderate) that resolve 14 CVEs overall. Among\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Mozilla&#039;s Firefox 19 Patches Critical Flaws - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"The Mozilla Foundation has released Firefox 19 for Mac OS X, fixing 8 vulnerabilities (4 critical, 2 high, 2 moderate) that resolve 14 CVEs overall. Among\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2013-02-19T20:35:04+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2016-10-06T18:48:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Firefox-Security-Update-Tile.png\" \/>\n\t<meta property=\"og:image:width\" content=\"400\" \/>\n\t<meta property=\"og:image:height\" content=\"260\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Derek Erwin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Firefox-Security-Update-Tile.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Firefox-Security-Update-Tile.png\",\"width\":\"400\",\"height\":\"260\",\"caption\":\"Firefox browser security updates\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/\",\"name\":\"Mozilla's Firefox 19 Patches Critical Flaws - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#primaryimage\"},\"datePublished\":\"2013-02-19T20:35:04+00:00\",\"dateModified\":\"2016-10-06T18:48:36+00:00\",\"description\":\"The Mozilla Foundation has released Firefox 19 for Mac OS X, fixing 8 vulnerabilities (4 critical, 2 high, 2 moderate) that resolve 14 CVEs overall. Among\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Mozilla&#8217;s Firefox 19 Patches Critical Flaws\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d7586ee278e291223dbae05ec1d95812\"},\"headline\":\"Mozilla&#8217;s Firefox 19 Patches Critical Flaws\",\"datePublished\":\"2013-02-19T20:35:04+00:00\",\"dateModified\":\"2016-10-06T18:48:36+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#webpage\"},\"wordCount\":192,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Firefox-Security-Update-Tile.png\",\"keywords\":[\"Firefox\",\"Mozilla\",\"Security Updates\"],\"articleSection\":[\"Security &amp; Privacy\",\"Security News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d7586ee278e291223dbae05ec1d95812\",\"name\":\"Derek Erwin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f88b4bb259f7d5b1d10884ffa4b3c126?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f88b4bb259f7d5b1d10884ffa4b3c126?s=96&d=mm&r=g\",\"caption\":\"Derek Erwin\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/derek-erwin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"The Mozilla Foundation has released Firefox 19 for Mac OS X, fixing 8 vulnerabilities (4 critical, 2 high, 2 moderate) that resolve 14 CVEs overall. Among","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/","og_locale":"en_US","og_type":"article","og_title":"Mozilla's Firefox 19 Patches Critical Flaws - The Mac Security Blog","og_description":"The Mozilla Foundation has released Firefox 19 for Mac OS X, fixing 8 vulnerabilities (4 critical, 2 high, 2 moderate) that resolve 14 CVEs overall. Among","og_url":"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/","og_site_name":"The Mac Security Blog","article_published_time":"2013-02-19T20:35:04+00:00","article_modified_time":"2016-10-06T18:48:36+00:00","og_image":[{"width":"400","height":"260","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Firefox-Security-Update-Tile.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Derek Erwin","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Firefox-Security-Update-Tile.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Firefox-Security-Update-Tile.png","width":"400","height":"260","caption":"Firefox browser security updates"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/","name":"Mozilla's Firefox 19 Patches Critical Flaws - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#primaryimage"},"datePublished":"2013-02-19T20:35:04+00:00","dateModified":"2016-10-06T18:48:36+00:00","description":"The Mozilla Foundation has released Firefox 19 for Mac OS X, fixing 8 vulnerabilities (4 critical, 2 high, 2 moderate) that resolve 14 CVEs overall. Among","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Mozilla&#8217;s Firefox 19 Patches Critical Flaws"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d7586ee278e291223dbae05ec1d95812"},"headline":"Mozilla&#8217;s Firefox 19 Patches Critical Flaws","datePublished":"2013-02-19T20:35:04+00:00","dateModified":"2016-10-06T18:48:36+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#webpage"},"wordCount":192,"commentCount":0,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Firefox-Security-Update-Tile.png","keywords":["Firefox","Mozilla","Security Updates"],"articleSection":["Security &amp; Privacy","Security News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intego.com\/mac-security-blog\/mozillas-firefox-19-patches-critical-flaws\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d7586ee278e291223dbae05ec1d95812","name":"Derek Erwin","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/f88b4bb259f7d5b1d10884ffa4b3c126?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f88b4bb259f7d5b1d10884ffa4b3c126?s=96&d=mm&r=g","caption":"Derek Erwin"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/derek-erwin\/"}]}},"jetpack_featured_media_url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Firefox-Security-Update-Tile.png","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-2NX","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/10785"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=10785"}],"version-history":[{"count":4,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/10785\/revisions"}],"predecessor-version":[{"id":10793,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/10785\/revisions\/10793"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media\/9917"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=10785"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=10785"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=10785"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}