Skip to main content

Mozilla Firefox 31 Fixes Three Critical Vulnerabilities

posted onJuly 23, 2014
by l33tdawg

On July 22, Mozilla officially released the stable version for Firefox 31 for all supported platforms, integrating 11 security fixes, three of them being marked as critical.

One of the major vulnerabilities corrected would allow exploitation of a WebGL crash with Cesium JavaScript library. Details about this glitch are not available at the moment, but Mozilla notes that it cannot be leveraged through email in the Thunderbird client because scripting is disabled.

Another flaw refers to a use-after-free vulnerability when handling DirectWrite font. Exploiting it would be possible on Windows platform only, OS X and Linux remaining unaffected. The potential risk would occur when rendering MathML content with certain fonts, an error in handling font resources and tables causing DirectWrite to crash; the result would be a use-after-free of a DirectWrite font-face object an attacker might be able to exploit.

Source

Tags

Mozilla Firefox Software-Programming Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th