Patch/Configuration Management, Vulnerability Management

Mozilla patches 11 issues with Firefox, three rated critical

Mozilla released 11 patches for Firefox 44 and Firefox ESR 38.6 with three being rated as critical.

The first critical issue posted by Mozilla is an integer overflow during metadata parsing in Mozilla's use of the libstagefright library that could be exploited if triggered by a malicious MP4 formatted video file that would allow arbitrary code execution.

Another critical flaw was discovered when a researcher used the Address Sanitizer tool to find a buffer overflow write when rendering some WebGL content, which could lead to a potentially exploitable crash.

Mozilla also identified and fixed several memory safety bugs in the browser engine used by Firefox and other Mozilla-based products that could be corrupted and exploited to run arbitrary code.

Two of the remaining issues were rated as “high” and the other six were of moderate importance.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.