Mozilla Fixes Firefox Security Bugs

Thursday, August 8, 2013 @ 07:08 PM gHale


Mozilla released Firefox 23, which comes with quite a few security fixes.

The web browser developer closed 13 security holes, of which four were critical, including a buffer underflow when generating CRMF requests, a use-after-free mutating DOM during SetBody, and miscellaneous memory safety hazards.

RELATED STORIES
Apple Patches OS X, Safari Bugs
Security Fixes for Chrome 27
Google Fixes Holes in Chrome 27
Critical Holes Fixed in Firefox

An issue which allows CRMF requests to work in code execution and XSS attacks also made the critical list.

Besides the four critical flaws, they also fixed seven high-, one moderate-, and one low-impact vulnerabilities in Firefox 23.

The high-impact security holes include a buffer overflow in Mozilla Maintenance Service and Mozilla Updater, a DLL hijacking flaw in the Firefox full and stub installers, and a privilege escalation through Mozilla Updater.

Users should update their installations to protect themselves against cybercriminal attacks.



Leave a Reply

You must be logged in to post a comment.