Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>Firefox 38 fixes a number of vulnerabilities, several deemed critical

Firefox 38 fixes a number of vulnerabilities, several deemed critical


Firefox 38 was released on Tuesday 12 May 2015 and fixes a number of security vulnerabilities. Among the critical bugs that were addressed are a buffer overflow when parsing compressed XML, a use-after-free during text processing when vertical text is enabled, and a buffer overflow during the rendering of SVG format graphics when combined with specific CSS properties on a page. All aforementioned vulnerabilities could lead to a potentially exploitable crash. An out-of-bounds read and write in asm.js during JavaScript validation was deemed critical because it could lead to a potentially exploitable crash and could allow for the reading of random memory, which could contain sensitive data. Critical miscellaneous memory safety hazards were also addressed, as well as a variety of other high, moderate and low impact vulnerabilities.
 
Read More:
 
Source:
 
SC Magazine
 
ZDNet
 
Team Cymru
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis