Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Firefox 36 swats bugs, adds HTTP2 and gets certifiably serious

  • Please log in to reply
No replies to this topic

#1 NickAu


    Bleepin' Fish Doctor

  • Moderator
  • 13,540 posts
  • Gender:Male
  • Location: Australia
  • Local time:12:13 AM

Posted 26 February 2015 - 04:06 AM


Mozilla has outfoxed three critical and six high severity flaws in its latest round of patches for its flagship browser.

It stomps out memory safety bugs, exploitable use-after-free crashes, and a buffer overflow.

Of the critical crashes, bad guys could potentially craft attacks targeting MP4 video playback through a buffer overflow in the libstagefright library (CVE-2015-0829).

Another potential exploitable crash that is unlikely to be a threat in email clients where scripting was disabled centres on a use-after-free flaw for specific web content with IndexedDB (CVE-2015-0831).

The third are a bunch of memory bugs (CVE-2015-0836) (CVE-2015-0835) Mozilla and its fans found in the engine behind the company's products including Firefox browser that dedicated attackers could probably exploit, given enough coffee.




We shall see.

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users