In the most recent Firefox update pushed by Mozilla, two critical vulnerabilities were patched. The patch included a fix for a buffer overflow and a set of memory safety fixes – plus 11 other exploits ranging from low to high in severity.
Revealed by a security specialist “firehack,” the buffer overflow (CVE-2016-2819) occurs while parsing HTML5 fragments with a foreign context for example under an SVG (Scalable Vector Graphics) node. As stated by Mozilla in its security advisory, placing an HTML fragment inside a preexisting document can cause a “potentially exploitable crash.”
The second severe flaw listed, was referred to as miscellaneous memory safety hazards (CVE-2016-2818 and CVE-2016-2815) seen in Firefox and its Extended Support Release. “Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code,” Mozilla added.
Among the list of vulnerabilities repaired in Firefox 47 which had a top level severity was a bug that under certain situations produced a pointerlock without having the user’s approval. This pointerlock couldn’t be cancelled without ending the browser’s process, therefore causing a persistent denial of service attack.
Another was a exploit was the Mozilla Windows updater could be used to overwrite arbitrary files, which could have led to an unauthorized privilege escalation.
Other high impact flaws that had been resolved included an out-of-bounds write when using the ANGLE graphics library for WebGL (Web Graphics Library) content, as well as two use-after-free vulnerabilities, which are a form of memory corruption flaw which can be exploited if somebody tries to access and reuse memory after it has been freed.