Firefox 35 stamps out critical bugs
Nine flaws scrubbed out
Mozilla has crushed nine bugs, some rather dangerous, in the latest version of its flagship browser.
The fixes include a patch for a critical sandbox escape (CVE-2014-8643) in the Gecko Media Plugin used for h.264 video playback affecting Windows machines (but not OS X or Linux).
Another critical hole addressed a read-after-free flaw (CVE-2014-8641) in WebRTC that affected Firefox and SeaMonkey and pertains to the way tracks are handled, leading to an exploitable crash or incorrect behaviour.
A series of "miscellaneous memory safety hazards" (CVE-2014-8634 - CVE-2014-8635) filled out the remaining critical note for Firefox, SeaMonkey and the Thunderbird email client.
Those were more of a risk in browser contexts than through Thunderbird, and included several memory safety bugs in Firefox engine.
Some of these found by Mozilla staff and fans led to memory corruption under certain circumstances and remote code execution with an undefined amount of persistent hacking.
A lone high-severity bug relates to memory not being properly initialised when a malformed bitmap image is rendered by the bitmap decoder within a canvas element. That could lead to the uninitialised memory being used allowing data to potentially leak to web content.
Mozilla had also boosted the rendering of images and renovated its search user interface as part of a bunch of cosmetic and usability improvements to the new version. ®