Number: IRCNE2014022103
Date: 2014/02/18
According to “internetnews”, there are 13 security advisories attached to the Firefox 27 release, four of them ranked as being critical. As is common in nearly all Firefox release updates, one of the critical updates is for a group of vulnerabilities that Mozilla labels "Miscellaneous memory safety hazards."
There is also a critical fix for a use-after-free memory error reported to Mozilla by way of Hewlett-Packard's Zero Day Initiative. Use-after-free errors enable attackers to potentially leverage legitimate memory space to launch arbitrary code.
In addition, Firefox 27 provides a fix for a download dialog box window issue that potentially could have enabled a spoofing attack.
- 2