Mozilla Firefox Security Restriction Bypass Vulnerability (CVE-2014-8631)

Mozilla Firefox Security Restriction Bypass Vulnerability (CVE-2014-8631)

Release date: 2014-12-02
Updated on:

Affected Systems:
Mozilla Firefox <34
Description:
Bugtraq id: 71560
CVE (CAN) ID: CVE-2014-8631

Firefox is a WEB browser released by Mozilla.

Mozilla Firefox has a security vulnerability when chrome objects are protected by Chrome Object Wrappers (COW) and passed as local interfaces. After successful exploitation, attackers can bypass security restrictions and perform unauthorized operations.

<* Source: Bobby Holley

Link: https://www.mozilla.org/en-US/security/advisories/mfsa2014-91/
*>

Suggestion:
Vendor patch:

Mozilla
-------
Mozilla has released a Security Bulletin (mfsa2014-91) and patches for this:
Mfsa2014-91: Privileged access to security wrapped protected objects
Link: https://www.mozilla.org/en-US/security/advisories/mfsa2014-91/

By default, Firefox searches are switched to Yahoo-Ubuntu, Which is not affected.

Manually install Firefox Flash plug-in Ubuntu 14.04

Replacement of Firefox in Ubuntu

Use apt-get to install FireFox and ThunderBird In Debian Linux

Stable Firefox 29 version released-how to install

Mozilla Firefox 31.0 official release and download

Firefox details: click here
Firefox: click here

This article permanently updates the link address: