Mozilla has released Firefox 24 which includes seventeen security patches, seven of which were rated as Critical, with four more rated as High, and the remainder as Moderate.
Critical vulnerabilities can allow attackers to run code and install malicious software, while those rated as being High can result in sensitive data leakage or code injections.
The following are the Critical vulnerabilities patched in Firefox 24:
- MFSA 2013-92 GC hazard with default compartments and frame chain restoration: A Mozilla developer found that the cause was an older garbage collection bug that a more recent change made easier to trigger.
- MFSA 2013-90 Memory corruption involving scrolling: The first bug was a use-after-free condition due to scrolling an image document. The second was due to nodes in a range request being added as children of two different parents.
- MFSA 2013-89 Buffer overflow with multi-column, lists, and floats: Combining lists, floats, and multiple columns could trigger a potentially exploitable buffer overflow.
- MFSA 2013-81 Use-after-free with select element: A use-after-free condition by using a
< select >element in a form after it has been destroyed. This could lead to a potentially exploitable crash.
- MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning: A use-after-free problem in the Animation Manager during the cloning of stylesheets. This can lead to a potentially exploitable crash.
- MFSA 2013-78 Integer overflow in ANGLE library: The Almost Native Graphics Layer Engine (ANGLE) library used by Mozilla was vulnerable to an integer overflow. This vulnerability is present because of insufficient bounds checking in the
drawLineLoopfunction, which can be driven by web content to overflow allocated memory, leading to a potentially exploitable crash.
- MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9): Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
Read More Here…