Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
SUBSCRIBE
Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
Zerosecurity
No Result
View All Result
Home Security

Firefox 47 update fixes 13 vulnerabilities

Kyle by Kyle
June 14, 2016
in Security, Exploits
0
mozilla firefox 40 beta fitur baru banner
74
SHARES
1.2k
VIEWS
Share on FacebookShare on Twitter

In the most recent Firefox update pushed by Mozilla, two critical vulnerabilities were patched. The patch included a fix for a buffer overflow and a set of memory safety fixes – plus 11 other exploits ranging from low to high in severity.

You might also like

BreachForums Owner Arrested and Charged

Plex media server seen exploited in the wild utilizing a 3 year old RCE

New TPM 2.0 exploit attackers to access or overwrite sensitive data

Revealed by a security specialist “firehack,” the buffer overflow (CVE-2016-2819) occurs while parsing HTML5 fragments with a foreign context for example under an SVG (Scalable Vector Graphics) node. As stated by Mozilla in its security advisory, placing an HTML fragment inside a preexisting document can cause a “potentially exploitable crash.”

The second severe flaw listed, was referred to as miscellaneous memory safety hazards (CVE-2016-2818 and CVE-2016-2815) seen in Firefox and its Extended Support Release. “Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code,” Mozilla added.

Firefox 47 update

Among the list of vulnerabilities repaired in Firefox 47 which had a top level severity was a bug that under certain situations produced a pointerlock without having the user’s approval. This pointerlock couldn’t be cancelled without ending the browser’s process, therefore causing a persistent denial of service attack.

Another was a exploit was the Mozilla Windows updater could be used to overwrite arbitrary files, which could have led to an unauthorized privilege escalation.

Other high impact flaws that had been resolved included an out-of-bounds write when using the ANGLE graphics library for WebGL (Web Graphics Library) content, as well as two use-after-free vulnerabilities, which are a form of memory corruption flaw which can be exploited if somebody tries to access and reuse memory after it has been freed.

Tags: firefoxpatchupdate
Share30Tweet19
Kyle

Kyle

Co-owner, writer, and editor at ZeroSecurity. Security, Blockchain, and SEO enthusiast. "Formal education will make you a living; self-education will make you a fortune."

Recommended For You

BreachForums Owner Arrested and Charged

by Paul Anderson
March 17, 2023
0
BreachForums Owner Arrested and Charged

On Wednesday afternoon, federal agents arrested a man in Peekskill, New York, for allegedly running a dark web data breach site known as "BreachForums." The suspect, Conor Brian...

Read more

Plex media server seen exploited in the wild utilizing a 3 year old RCE

by Kyle
March 11, 2023
0
Plex RCE responsible-for lastpass breach

CISA, the cybersecurity and infrastructure agency, has included a severe remote code execution (RCE) vulnerability in the Plex Media Server, which is nearly three years old, in its...

Read more

New TPM 2.0 exploit attackers to access or overwrite sensitive data

by Paul Anderson
March 5, 2023
0
New TPM 2.0 Exploit

Two buffer overflow vulnerabilities have been discovered in the Trusted Platform Module (TPM) 2.0 specification, which could give cybercriminals unauthorized access to or the ability to overwrite sensitive...

Read more

Stolen credit card market BidenCash leaks over 2 million credit cards

by Paul Anderson
March 3, 2023
0
Stolen credit card market BidenCash leaks over 2 million credit cards

BidenCash, a marketplace that focuses on carding, has leaked a database of 2,165,700 credit and debit cards to celebrate its first anniversary. Instead of keeping the leak a...

Read more

Google reports a rise in ransomware attacks

by Paul Anderson
July 15, 2022
1
Google reports a rise in ransomware attacks

In the 3rd issue of the recently released, Threat Horizons, Google's Cybersecurity Action Team (GCAT) provides organizations with information about emerging risks and actionable mitigation. Bad actors have...

Read more
Next Post
Let’s Encrypt leaks 7,600 customer emails

Let’s Encrypt leaks 7,600 customer emails

Related News

BreachForums Owner Arrested and Charged

BreachForums Owner Arrested and Charged

March 17, 2023
ChipMixer platform tied to crypto laundering scheme – seized by authorities

ChipMixer platform tied to crypto laundering scheme – seized by authorities

March 17, 2023
NSA intercepting U.S. Routers

NSA intercepting U.S. Routers

June 6, 2014 - Updated on March 17, 2023
Zerosecurity

We cover the latest in Information Security & Blockchain news, as well as threat trends targeting both sectors.

Categories

  • Crypto
  • Data Breaches
  • DotNet Framework
  • Downloads
  • Exploits
  • Exploits
  • Information
  • Legal
  • Malware
  • Malware Analysis
  • Mobile Security
  • Paper Downloads
  • Piracy
  • Privacy
  • Programming
  • Public
  • Security
  • Security
  • Software & Service Reviews
  • Technology
  • Tools
  • Tutorials
  • Video Tutorials
  • Whitepapers
  • Zero Security
  • Contact Us
  • List of our Writers

© 2022 ZeroSecurity, All Rights Reserved.

No Result
View All Result
  • Home
  • Security
  • Exploits
  • Data Breaches
  • Malware
  • Privacy
  • Mobile Security
  • Tools
  • Contact Us
  • Privacy Policy

© 2022 ZeroSecurity, All Rights Reserved.