Mozilla Firefox Security Restriction Bypass Vulnerability (CVE-2014-8631)
Release date: 2014-12-02
Updated on:
Affected Systems:
Mozilla Firefox <34
Description:
Bugtraq id: 71560
CVE (CAN) ID: CVE-2014-8631
Firefox is a WEB browser released by Mozilla.
Mozilla Firefox has a security vulnerability when chrome objects are protected by Chrome Object Wrappers (COW) and passed as local interfaces. After successful exploitation, attackers can bypass security restrictions and perform unauthorized operations.
<* Source: Bobby Holley
Link: https://www.mozilla.org/en-US/security/advisories/mfsa2014-91/
*>
Suggestion:
Vendor patch:
Mozilla
-------
Mozilla has released a Security Bulletin (mfsa2014-91) and patches for this:
Mfsa2014-91: Privileged access to security wrapped protected objects
Link: https://www.mozilla.org/en-US/security/advisories/mfsa2014-91/
By default, Firefox searches are switched to Yahoo-Ubuntu, Which is not affected.
Manually install Firefox Flash plug-in Ubuntu 14.04
Replacement of Firefox in Ubuntu
Use apt-get to install FireFox and ThunderBird In Debian Linux
Stable Firefox 29 version released-how to install
Mozilla Firefox 31.0 official release and download
Firefox details: click here
Firefox: click here
This article permanently updates the link address: