Mozilla urges all users of the Mozilla Firefox 41.0 and 41.0.1 users to update to the 41.0.2 build as soon as possible. Mozilla developer Ben Kelly independently reported the same issue," wrote the Mozilla developers in the Mozilla Foundation Security Advisory 2015-115. "Security researcher Abdulrahman Alqabandi reported that the fetch() API did not correctly implement the Cross-Origin Resource Sharing (CORS) specification, allowing a malicious page to access private data from other origins. According to Mozilla, Firefox 41.0.2 is here to fix a single issue, a high impact vulnerability in the fetch() API (Application Programming Interface), which was not capable of implementing the CORS (Cross-Origin Resource Sharing) specification. The Mozilla Firefox 41.0.2 update has been released earlier today, October 15, for GNU/Linux, Microsoft Windows, and Mac OS X computer operating systems. Just a few moments ago, Mozilla published a second hotfix release for its latest stable Mozilla Firefox 41.0 web browser patching a single vulnerability that could allow a malicious web page to access private data from other origins.
0 Comments
Leave a Reply. |