Critical Holes Fixed in Firefox 39

Tuesday, July 7, 2015 @ 06:07 PM gHale

Firefox 39 web browser released Thursday and this latest version fixes 24 vulnerabilities, including several rated critical.

The list of critical flaws includes two related use-after-free vulnerabilities (CVE-2015-2722 and CVE-2015-2733) identified and reported by Looben Yan. The bugs, discovered using the Address Sanitizer tool, occur when the XMLHttpRequest object ends up used along with shared or dedicated workers. This results in a crash that can end up exploited, Mozilla said.

High Severity Issues Fixed in Chrome
Unpatched IE11 Vulnerability Released
Chrome Exploit Changes DNS Servers
Safari Browser Spoofing Potential

Another critical use-after-free bug that leads to an exploitable crash (CVE-2015-2731) came to Mozilla from a security researcher using the moniker “Herre.” The researcher discovered the vulnerability occurs when a Content Policy modifies the Document Object Model (DOM) to remove a DOM object.

Seven vulnerabilities identified by security researcher Ronald Crane also ended up rated “critical.”

He found three uninitialized memory issues, two buffer overflows, a bug related to unowned memory in ZIP files, and a poor validation issue.

Mozilla developers and members of the community identified three critical memory safety bugs in the browser engine.

The high severity issues fixed by Mozilla with the release of Firefox 39 are a privilege escalation vulnerability in the PDF.js PDF file viewer, and a type confusion flaw in the Indexed Database Manager.