Firefox 6 patches 10 dangerous security holes

Firefox 6 patches 10 dangerous security holes

Summary: The vulnerabilities are serious enough to allow an attacker to launch harmful code and install software, requiring no user interaction beyond normal browsing.

SHARE:
TOPICS: Browser, Security
58

Mozilla has shipped a critical Firefox update to fix at least 10 security vulnerabilities, some serious enough to expose web surfers to drive-by download attacks.

According to an advisory from the open-source group, 8 of the 10 vulnerabilities are rated "critical," meaning that they can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.

Here's a glimpse of the critical issues:follow Ryan Naraine on twitter

Mozilla identified and fixed several memory safety bugs in the browser engine used in Firefox 4, Firefox 5 and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.

These include a WebGL crash, a JavaScript crash, a crash in the Ogg reader, memory safety issues and unsigned scripts.  These all affected Firefox 4 and 5.

Mozilla also credited researcher Michael Jordon of Context IS  with reporting a pair of critical issues -- that an overly long shader program could cause a buffer overrun and crash in a string class used to store the shader source code; and a potentially exploitable heap overflow in the ANGLE library used by Mozilla's WebGL implementation.

Some additional security problems fixed:

  • Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a SVG text manipulation routine contained a dangling pointer vulnerability.
  • Mike Cardwell reported that Content Security Policy violation reports failed to strip out proxy authorization credentials from the list of request headers. Daniel Veditz reported that redirecting to a website with Content Security Policy resulted in the incorrect resolution of hosts in the constructed policy.
  • nasalislarvatus3000 reported that when using Windows D2D hardware acceleration, image data from one domain could be inserted into a canvas and read by a different domain.

Firefox 6 is being distributed via the browser's automatic update mechanism.

Topics: Browser, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

58 comments
Log in or register to join the discussion
  • RE: Firefox 6 patches 10 dangerous security holes

    So, those stuck on v5 have been using a vulnerable browser for how long now, and won't get patched up. How wonderful. I love this new thing of waiting until the next release to fix security vulnerabilities. Great job Mozilla team for leaving your users open to attack, because you're too busy to release a fix for older versions.
    The one and only, Cylon Centurion
    • What are you talking about?

      I just downloaded a 6.6MB security update on FF5. It upgraded to 6.0.

      Big deal.
      ScorpioBlue
      • That is you

        @ScorpioBlue
        Enterprise won't do it this way. It has its version control policy.
        ZenithY
      • Well maybe they need to re-think that

        And not get so hung up on version numbers.

        Besides, Cylon didn't mention enterprise. He mentioned himself.
        ScorpioBlue
      • Rather, they will rethink using Firefox

        @ScorpioBlue
        Really, they won't use Firefox in the Enterprise anyway, since there is no MSI managed installer to use with Group Policy...
        D. W. Bierbaum
      • If ninite can mange installtion (firefox included)

        @ScorpioBlue
        I am sure system administrators can find a way to deploy it.

        When our first .net application was deployed in a big enterprise, they don't even have .net framework there (9 years ago). They just packed all dlls and deployed it. When .net framework finally got in the system, our application was broken. They have to uninstall old package, install framework, then install application again.

        Anyway, in enterprise, especially in goverment, version control is no small issue. Ask anyone about TRM (Technology Refernce Model), that is guidance for software/hardware approval processes.

        I guess firefox is not for enterprise...
        ZenithY
      • Ignore him.....

        @ScorpioBlue

        Cylon Centurion is a Microsoft shill and troll. He thinks that Microsoft Idiot Explorer never had an issue and never had a patch before....Idiot Explorer has more holes in it than swiss cheese.
        linux for me
      • RE: Firefox 6 patches 10 dangerous security holes

        @ScorpioBlue

        Big deal? You consider broken addons not to be? Mozilla is pretty much telling me to either suffer broken addons or suffer security holes which won't be patched, unless I upgrade. That's bullshit. As a heavy Firefox user, that is total bullshit.
        The one and only, Cylon Centurion
      • RE: Firefox 6 patches 10 dangerous security holes

        @ScorpioBlue I'm rethinking using Firefox, because my ZoneAlarm browser security doesn't fully work with FF6.

        Man! This is annoying!
        I am Gorby
      • RE: Firefox 6 patches 10 dangerous security holes

        <i>Big deal?</i><br><br>That's right. Big deal.<br><br><i>You consider broken addons not to be?</i><br><br>And you think by calling it 6.0 instead of 4.3.1.8 it's going to make any difference? If it was going to break because of the name, then it would've broken them anyway regardless what name they called it.<br><br><i>Mozilla is pretty much telling me to either suffer broken addons or suffer security holes which won't be patched, unless I upgrade.</i><br><br>And what broken add-ons have you had? You won't know if you'll have any unless you upgraded. Did you do that? Or are you just speculating?<br><br><i>That's ********.</i><br><br>What's that? I didn't get that. lol...<br><br><i>As a heavy Firefox user, that is total ********.</i><br><br>I still didn't get that. Speak man, speak... :D <br><br>I really think you're making a big deal out of nothing.
        ScorpioBlue
      • RE: Firefox 6 patches 10 dangerous security holes

        @ScorpioBlue

        Yes, I have a broken addon. Stylish doesn't work. I use Stylish to correct a few quirks with the UI that I find annoying.
        The one and only, Cylon Centurion
      • RE: Firefox 6 patches 10 dangerous security holes

        That's [b]one[/b]. Out of how many?

        Besides Stylish Custom 0.7.7 works just fine. Try that.
        ScorpioBlue
      • RE: Firefox 6 patches 10 dangerous security holes

        @ScorpioBlue

        Just having one broken addon is too many. Now, tell me again, why Mozilla is playing this numbers games again?
        The one and only, Cylon Centurion
      • RE: Firefox 6 patches 10 dangerous security holes

        <i>Just having one broken addon is too many.</i><br><br>No, you're looking for an excuse to whine. One broken add-on is nothing and I made a suggestion about an alternative earlier.<br><br>Or maybe you really don't use FF and are here to badmouth it because it's not a Microsoft product. Isn't that right? <br><br><i>Now, tell me again, why Mozilla is playing this numbers games again?</i><br><br>Now who really cares besides you and a few whiners on zdnet?
        ScorpioBlue
    • RE: Firefox 6 patches 10 dangerous security holes

      @Cylon Centurion -- Why are they stuck on v5? Without explaining that it's hard to know if you have a point or not.
      LeoD
      • RE: Firefox 6 patches 10 dangerous security holes

        @LeoD True. It is hard to know if he has a real point, or is just acting as the MSFT shill. But I do know that sometimes people are stuck on the previous version, because they need their Add Ons to work. Yet even with this release, FFox breaks at least one Add On, 'firecookie'. So if you really need that Add On, you cannot upgrade to FF6 yet.

        What other Add Ons did they break this time? Who knows?
        mejohnsn
      • RE: Firefox 6 patches 10 dangerous security holes

        @LeoD @mejohnsn<br><br>You can't just keep playing this game of upgrading every six weeks. This silly game with the version numbers are breaking addons faster than the developers can fix them. To make matters worse Firefox 3.5, 4, and now 5, are unsupported. Meaning if holes are found, you're out of luck. <br><br>Users wanting to patch these listed holes will have to upgrade to version 6 or die.

        Plus, how was my comment shilling for MSFT?
        The one and only, Cylon Centurion
      • RE: Firefox 6 patches 10 dangerous security holes

        @LeoD <br>He doesn't have a real point. The new version numbers just aren't something he's used to, that's all.<br><br>If it really broke his extensions, he'd tell us about it and what those extensions are. But I haven't heard anything beyond complaining in general.
        ScorpioBlue
      • RE: Firefox 6 patches 10 dangerous security holes

        @ScorpioBlue

        See above.
        The one and only, Cylon Centurion
      • RE: Firefox 6 patches 10 dangerous security holes

        And I still think you're making a big deal about nothing.

        If you can't keep up with it then go back to IE9 and have sh!tty pop up ads and Flash animations galore.
        ScorpioBlue