Firefox 38 fixes a number of vulnerabilities, several deemed critical
Firefox 38 was released on Tuesday and comes with fixes for a number of security vulnerabilities.
Among the critical bugs that were addressed are a buffer overflow when parsing compressed XML, a use-after-free during text processing when vertical text is enabled, and a buffer overflow during the rendering of SVG format graphics when combined with specific CSS properties on a page, according to a Tuesday post. All aforementioned vulnerabilities could lead to a potentially exploitable crash.
Critical miscellaneous memory safety hazards were also addressed, as well as a variety of other high, moderate and low impact vulnerabilities.