Security Experts:

Firefox 41 Patches Critical Vulnerabilities

A total of 30 vulnerabilities, including many rated as having critical and high impact, have been patched by Mozilla on Tuesday with the release of Firefox 41.

The latest version of the popular web browser addresses two critical memory safety errors affecting the ANGLE graphics library (CVE-2015-7179 and CVE-2015-7178). The issues, reported by security researcher Ronald Crane, can lead to a potentially exploitable crash, Mozilla said.

Other critical issues fixed in Firefox are a use-after-free bug triggered when using a shared worker with IndexedDB (CVE-2015-4510), and a use-after-free that can occur when manipulating HTML media content (CVE-2015-4509). Both vulnerabilities can lead to a potentially exploitable crash.

Memory safety bugs identified by Mozilla developers and members of the community have also been rated as having critical severity. Some of the flaws can be exploited to execute arbitrary code.

Ronald Crane has also been credited for reporting eight high severity vulnerabilities identified through code inspection. Mozilla has pointed out that while not all of these security holes have a clear mechanism for exploitation via web content, it’s possible that a trigger mechanism exists.

The list of high severity issues also includes two flaws related to the handling of cross-origin resource sharing (CORS) “preflight” requests, a buffer overflow that occurs when decoding WebM video, an immutable property enforcement bypass, and an arbitrary file manipulation issue that can be exploited by a local attacker through the Mozilla updater. The file manipulation vulnerability only affects the Windows version of Firefox.

Mozilla revealed earlier this month that an attacker had access to a privileged account on the company’s Bugzilla bug tracker since at least September 2014 after stealing a legitimate user’s credentials. The intruder is believed to have accessed the details of 185 non-public bugs before the breach was discovered.

While most of the exposed issues were either not security related or were already fixed by the time they were accessed by the attacker, a total of ten vulnerabilities might have been leveraged for malicious purposes. One of the Firefox flaws was exploited in early August to steal sensitive information from the visitors of a Russian news site.

Ensuring that the bugs reported privately via Bugzilla remain private is very important to prevent vulnerabilities from being exploited before they are patched. However, researchers have occasionally found Bugzilla security holes that expose potentially sensitive information. Last week, Mozilla reported patching a flaw that allowed attackers to register accounts with apparently privileged email addresses.

Vulnerabilities in Bugzilla could expose the details of a large number of weaknesses considering that numerous software projects rely on the platform to track bugs.

Related: Firefox 40 Patches Vulnerabilities, Expands Malware Protection

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.