Firefox Gets Fixes in Version 3.5.6
Page 1 of 1
Firefox is getting bumped to a new version number today as Mozilla seeks to close a number of security holes relating to media and memory corruption. eSecurity Planet has the story.
Mozilla has released a new update for its open source Firefox Web browser, closing the door on a handful of security vulnerabilities found in previous versions.
The new Firefox 3.5.6 includes seven security advisories detailing fixes in the release, three of which are for issues that Mozilla described as "critical."
Two of the critical fixes deal with media-related vulnerabilities in particular. One vulnerable component is the liboggplay library, which is used by Firefox 3.5.x as part of its support for HTML 5 audio and video tags.
"Mozilla discovered several bugs in liboggplay which posed potential memory safety issues," Mozilla said in its advisory. "The bugs, which were fixed, could potentially be used by an attacker to crash a victim's browser and execute arbitrary code on their computer."