A total of 17 security holes have been addressed by Mozilla with the release of Firefox 36. The latest version of the Web browser also includes support for the HTTP/2 protocol.
While the number of fixed vulnerabilities is higher than usual, only four of the flaws have been rated critical.
One of the critical issues is a buffer overflow in the libstagefright library (CVE-2015-0829). The bug, reported by a security researcher who uses the online moniker Pantrombka, is caused by invalid MP4 files during video playback. The issue can lead to a potentially exploitable crash, Mozilla said.
Another critical vulnerability that leads to a potentially exploitable crash was discovered and reported by Paul Bandha. The researcher identified a use-after-free bug (CVE-2015-0831) when running specific Web content with IndexedDB to create an index.
The remaining critical flaws are memory safety bugs (CVE-2015-0835, CVE-2015-0836) discovered by Mozilla developers and members of the Mozilla community.
“Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code,” Mozilla said in an advisory.
The high-impact vulnerabilities fixed in Firefox 36 have been described as reading of local files through manipulation of form autocomplete, a buffer overflow during MP3 playback, a buffer overflow during CSS restyling, a double-free issue when using non-default memory allocators with a zero-length XHR, an out-of-bounds read and write while rendering SVG content, and a flaw that made it possible for malicious DLL files to execute with elevated privileges.
The advisory describes the medium-impact security holes as a Caja Compiler JavaScript sandbox bypass, crash using DrawTarget in Cairo graphics library, and malicious WebGL content crash when writing strings. Researchers also discovered that an appended period to hostnames can bypass HPKP and HSTS protections, UI Tour whitelisted websites in the background tab can spoof foreground tabs, and that local files or privileged URLs in pages can be opened in new tabs.
Firefox 36 introduces support for the recently finalized Hypertext Transfer Protocol 2 (HTTP/2), the successor of HTTP. Mozilla explained in the release notes that HTTP/2 “enables a faster, more scalable, and more responsive web.”
The latest version of the application also brings syncing for pinned tiles, and a locale for the Uzbek language.
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Zero-Day in MOVEit File Transfer Software Exploited to Steal Data From Organizations
- Russia Blames US Intelligence for iOS Zero-Click Attacks
- Cisco Acquiring Armorblox for Predictive and Generative AI Technology
- Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks
- Organizations Warned of Salesforce ‘Ghost Sites’ Exposing Sensitive Information
- Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards
- Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
Latest News
- Zero-Day in MOVEit File Transfer Software Exploited to Steal Data From Organizations
- Google Temporarily Offering $180,000 for Full Chain Chrome Exploit
- Russia Blames US Intelligence for iOS Zero-Click Attacks
- Toyota Discloses New Data Breach Involving Vehicle, Customer Information
- Cisco Acquiring Armorblox for Predictive and Generative AI Technology
- Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks
- Amazon Settles Ring Customer Spying Complaint
- Organizations Warned of Salesforce ‘Ghost Sites’ Exposing Sensitive Information
