Ubuntu Security Notice 3391-2 - USN-3391-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubufox. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to conduct cross-site scripting attacks, bypass sandbox restrictions, obtain sensitive information, spoof the origin of modal alerts, bypass same origin restrictions, read uninitialized memory, cause a denial of service via program crash or hang, or execute arbitrary code. Various other issues were also addressed. Continue reading...
