Security update for Mozilla Firefox (important)

Mozilla Firefox has been updated to the 17.0.7 ESR version,
which fixes bugs and security issues.

MFSA 2013-49: Mozilla developers identified and fixed
several memory safety bugs in the browser engine used in
Firefox and other Mozilla-based products. Some of these
bugs showed evidence of memory corruption under certain
circumstances, and we presume that with enough effort at
least some of these could be exploited to run arbitrary
code.

Gary Kwong, Jesse Ruderman, and Andrew McCreight
reported memory safety problems and crashes that affect
Firefox ESR 17, and Firefox 21. (CVE-2013-1682)

MFSA 2013-50: Security researcher Abhishek Arya
(Inferno) of the Google Chrome Security Team used the
Address Sanitizer tool to discover a series of
use-after-free problems rated critical as security issues
in shipped software. Some of these issues are potentially
exploitable, allowing for remote code execution. We would
also like to thank Abhishek for reporting additional
use-after-free and buffer overflow flaws in code introduced
during Firefox development. These were fixed before general
release.

o Heap-use-after-free in
mozilla::dom::HTMLMediaElement::LookupMediaElementURITable
(CVE-2013-1684) o Heap-use-after-free in
nsIDocument::GetRootElement (CVE-2013-1685) o
Heap-use-after-free in mozilla::ResetDir (CVE-2013-1686)
*

MFSA 2013-51 / CVE-2013-1687: Security researcher
Mariusz Mlynski reported that it is possible to compile a
user-defined function in the XBL scope of a specific
element and then trigger an event within this scope to run
code. In some circumstances, when this code is run, it can
access content protected by System Only Wrappers (SOW) and
chrome-privileged pages. This could potentially lead to
arbitrary code execution. Additionally, Chrome Object
Wrappers (COW) can be bypassed by web content to access
privileged methods, leading to a cross-site scripting (XSS)
attack from privileged pages.

MFSA 2013-53 / CVE-2013-1690: Security researcher
Nils reported that specially crafted web content using the
onreadystatechange event and reloading of pages could
sometimes cause a crash when unmapped memory is executed.
This crash is potentially exploitable.

MFSA 2013-54 / CVE-2013-1692: Security researcher
Johnathan Kuskos reported that Firefox is sending data in
the body of XMLHttpRequest (XHR) HEAD requests, which goes
agains the XHR specification. This can potentially be used
for Cross-Site Request Forgery (CSRF) attacks against sites
which do not distinguish between HEAD and POST requests.

MFSA 2013-55 / CVE-2013-1693: Security researcher
Paul Stone of Context Information Security discovered that
timing differences in the processing of SVG format images
with filters could allow for pixel values to be read. This
could potentially allow for text values to be read across
domains, leading to information disclosure.

MFSA 2013-59 / CVE-2013-1697: Mozilla security
researcher moz_bug_r_a4 reported that XrayWrappers can be
bypassed to call content-defined toString and valueOf
methods through DefaultValue. This can lead to unexpected
behavior when privileged code acts on the incorrect values.