Mozilla has unveiled the latest version of its flagship Firefox browser, which features 17 security fixes including patches for three critical and six high-severity flaws.
One of the critical fixes addresses a buffer overflow in the libstagefright library during video playback. It occurs when invalid MP4 files are played, leading to the allocation of a buffer that’s too small for the content and causing a “potentially exploitable crash.”
Another critical flaw causing a potential crash occurs when running specific web content with IndexedDB to create an index.
“In general this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled, but is potentially a risk in browser or browser-like contexts,” Mozilla said.
The final critical vulnerability fixed in Firefox 36 relates to several memory bugs in the browser engine.
“Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code,” said the browser maker.
Two high severity-issues relate to buffer overflow during CSS restyling and buffer underflow during MP3 playback.
Another fix addresses a problem whereby a user-readable file in a known local path could be uploaded to a malicious site.
A fourth high severity flaw relates to an out-of-bounds read-and-write problem when rendering SVG content, and a fifth is a double-free error which occurs when sending a zero-length XmlHttpRequest (XHR).
The final high-severity fix patches an issue which allows “possibly malicious DLL files to execute with elevated privileges if a user agrees when a User Account Control (UAC) prompt from Windows is displayed.”
It’s a higher than normal set of fixes for Firefox – the previous two browser versions have addressed only 10 flaws each, for example.
Firefox 36 also includes support for HTTP successor HTTP/2, which is said to enable a faster, more scalable and responsive online experience.