Chemical Safety Incidents
Firefox 43: 21 Security Issues Fixed
Thursday, December 17, 2015 @ 05:12 PM gHale
Firefox 43 released and Mozilla fixed 21 security flaws and added feature improvements, including a 64-bit version for Windows, in the browser.
Firefox 43 resolves four vulnerabilities rated critical.
One of them, reported by Tsubasa Iinuma, can end up exploited for cross-site reading attacks by bypassing cross-origin restrictions using data: and view-source: URIs to confuse protections.
A use-after-free vulnerability in WebRTC can lead to a potentially exploitable crash, according to Looben Yang, who discovered the issue.
Mozilla developer Kris Maglione discovered a privilege escalation issue related to WebExtension APIs. The vulnerability can end up exploited to execute arbitrary code with the privileges of the affected WebExtension, which could lead to cross-site scripting (XSS) attacks and personal information theft.
Memory safety bugs found by Mozilla developers and community members also ended up with a critical rating.