Several vulnerabilities in certain circumstances lead to memory corruption.
9, Mozilla corrected vulnerabilities, including critical, the latest version of Firefox 35.
Fixed a critical vulnerability in a plug Gecko Media Plugin, makes it possible to "escape from the sandbox," as well as a reading error after the release of WebRTC, exploitation which allows a remote user to execute arbitrary code using a specially crafted packets. In addition, a series of errors corrected memory corruption in the engine Firefox, SeaMonkey and email client Thunderbird.
Several vulnerabilities found by experts Mozilla, under certain circumstances, lead to memory corruption and exploitation allows remote code execution.
One critical flaw is related to incorrect initialization of memory that occurs when the strain bitmap bitmap decoder is presented within the element Canvas. This may lead to the use of uninitialized memory, which in turn allows data to seep into web-content.
Source : securitylab.ru
9, Mozilla corrected vulnerabilities, including critical, the latest version of Firefox 35.
Fixed a critical vulnerability in a plug Gecko Media Plugin, makes it possible to "escape from the sandbox," as well as a reading error after the release of WebRTC, exploitation which allows a remote user to execute arbitrary code using a specially crafted packets. In addition, a series of errors corrected memory corruption in the engine Firefox, SeaMonkey and email client Thunderbird.
Several vulnerabilities found by experts Mozilla, under certain circumstances, lead to memory corruption and exploitation allows remote code execution.
One critical flaw is related to incorrect initialization of memory that occurs when the strain bitmap bitmap decoder is presented within the element Canvas. This may lead to the use of uninitialized memory, which in turn allows data to seep into web-content.
Source : securitylab.ru
No comments:
Post a Comment