Mozilla has patched a number of critical vulnerabilities in Firefox 44 and Firefox Extended Release 38.6, which were released this week.
The most serious flaws were memory vulnerabilities that lived in both the public and extended support versions of the browser.
A buffer overflow (write) in WebGL, the browser’s Web graphics library, was patched. WebGL is a JavaScript API that renders 3D and 2D graphics in the browser without the need for a plug-in. Mozilla said the vulnerability was discovered in the buffersubdata method of the API.
Mozilla also addressed several “memory safety bugs” in the engine used in Firefox and other Mozilla products.
“Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code,” Mozilla said in its advisory.
Mozilla said the flaws cannot be exploited through Thunderbird where scripting is disabled, but cautioned against the risk in “browser-like contexts.”
Three other memory-related bugs were patched in Firefox 44. The vulnerabilities were found in the ANGLE graphics library, and in Firefox’s handling of zip files and parsing of the libstagefright library.
“The first two issues do not all have clear mechanisms to be exploited through web content but are vulnerable if a mechanism can be found to trigger them,” Mozilla said in its advisory. “The libstagefright issue could potentially be triggered by a malicious MP4 format video file, allowing for arbitrary code execution.”
Mozilla also patched vulnerabilities it rated “high severity” in Firefox 44, including two that facilitate address bar spoofing, and another set of issues in the browser’s Network Security Services that can introduce cryptographic weaknesses, the advisory said.