Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Firefox 45 Patches 22 Critical Vulnerabilities

Mozilla this week released the stable version of Firefox 45 to resolve 40 vulnerabilities in the browser, 22 of which are rated Critical.

Mozilla this week released the stable version of Firefox 45 to resolve 40 vulnerabilities in the browser, 22 of which are rated Critical.

The update patches flaws in multiple browser components, the most affected being the Graphite 2 library, which was impacted by 14 Critical bugs. Other Critical vulnerabilities were found in NSS, XML transformations, SetBody, HTML5 string parser, Service Worker Manager, and WebRTC data channels.

In February, Graphite 2 was updated to version 1.3.5 to resolve four issues that could result in arbitrary code execution and denial-of-service (DoS) attacks. The update arrived in Firefox 44.0.2, which was released roughly two weeks after Firefox 44 landed in the stable channel with push notifications and deprecated support for RC4.

One of the issues resolved in the library with the new update was an out-of-bounds write when loading a crafted Graphite font file (CVE-2016-1969). The issue was resolved in Graphite 2 version 1.3.6, which also patches 11 heap buffer overflow bugs, along with two uninitialized memory flaws (CVE-2016-2790 and CVE-2016-2795), and an out of bounds bit set issue (CVE-2016-1977), Mozilla revealed.

Another Critical issue resolved in Firefox 45 (and Firefox ESR 38.7) was a heap-based buffer overflow in the way the Network Security Services (NSS) libraries parsed certain ASN.1 structures, which could result in arbitrary code execution (CVE-2016-1950). A use-after-free during XML transformation operations issue was also patched in this release (CVE-2016-1964).

Firefox 45 also patches a Critical use-after-free issue when using multiple WebRTC data channel connections (CVE-2016-1962), a use-after-free issue in the SetBody function of HTMLDocument (CVE-2016-1961), a use-after-free issue in the HTML5 string parser (CVE-2016-1960), a mechanism where the Clients API in Service Workers can be used to trigger an out-of-bounds read in ServiceWorkerManager (CVE-2016-1959), and memory safety bugs in the browser engine (CVE-2016-1952 and CVE-2016-1953).

The browser update also resolves 7 vulnerabilities rated High risk, including a use-after-free vulnerability while processing DER encoded keys in the NSS libraries (CVE-2016-1979), an out-of-bounds read following a failed allocation in the HTML parser (CVE-2016-1974), a use-after-free in GetStaticInstance in WebRTC (CVE-2016-1973), a memory corruption with malicious NPAPI plugin (CVE-2016-1966), and a buffer overflow in Brotli decompression (CVE-2016-1968).

Mozilla also resolved a variant of a same origin flaw that was patched in Firefox 43, which made it possible to read cross-origin URLs following a redirect if performance.getEntries() was used along with an iframe to host a page. The new bug allowed for the same attack to be performed if a browser session was restored, because content was restored from the browser cache (CVE-2016-1967).

Advertisement. Scroll to continue reading.

It was also discovered that a malicious page can overwrite files on the user’s machine using Content Security Policy (CSP) violation reports, which could result in privilege escalation (CVE-2016-1954). The issue is resolved in Firefox 45 and Firefox ESR 38.7.

Firefox 45 also addresses 10 Moderate risk flaws in the browser, including five WebRTC (an integer underflow, a missing status check, race condition, and a use of deleted pointers to create new object) and LibVPX vulnerabilities (race condition) that affect only Windows users. Except for a Linux video memory denial of service (DOS) with Intel drivers, the other issues impact all platforms, Mozilla said.

The new browser version also patches a memory leak in the libstagefright library when array destruction occurs during MPEG4 video file processing (CVE-2016-1957). The flaw is rated Low risk, and doesn’t appear to be related to the Critical vulnerabilities discovered in Android’s libstagefright library last year.

Firefox 45 is available for download for Windows, Mac, Linux, and Android users and brings along various improvements and new features as well, in addition to the aforementioned security patches.

On Tuesday, Google pushed a new set of security patches to its Chrome browser, although it released Chrome 49 in the stable channel only last week. The latest Chrome release (version 49.0.2623.87) resolved three High risk vulnerabilities, while last week’s iteration (version 49.0.2623.75) resolved 26 security holes, 8 of which were High risk.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.