This article is more than 1 year old

Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade

Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln

Mozilla has released a bug-and-security update for Firefox, with 11 security fixes, three of them critical.

Chief among the security patches is a use-after-free bug the organisation says was discovered by one James Kitchener. From the advisory: “Mozilla community member James Kitchener reported a crash in DirectWrite when rendering MathML content with specific fonts due to an error in how font resources and tables are handled. This leads to use-after-free of a DirectWrite font-face object, resulting in a potentially exploitable crash”.

Other “miscellaneous memory safety hazards” were discovered in the browser engine. “Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code”, the advisory notes.

The other critical bug is in the Cesium JavaScript library, here. Crafted WebGL content could be used by a remote attacker to execute arbitrary code on the target system.

There are two Web Audio fixes, one use-after-free memory error leading to a potentially-exploitable crash, and one buffer overflow “because of an error in the the amount of allocated memory for buffers”.

The full list of vulnerabilities is here, and users are advised to update to the latest version of Firefox (31) and Thunderbird (31) - although most of the bugs can't be exploited in Thunderbird. ®

More about

TIP US OFF

Send us news


Other stories you might like