14 DAY TRIAL // The latest stable release of Firefox web browser includes patches for a total of eight low, moderate and high severity vulnerabilities, and five critical problems.
The risks associated with the reported issues run from privilege escalation, bypassing origin restrictions, privacy violations (on Android 4.0 and lower), and accessing data in memory.
Critical flaws could allow execution of arbitrary code
One of the serious problems addressed by Mozilla in Firefox 38 refers to an out-of-bounds read and write bug in the JavaScript subset “asm.js” during the validation procedure.
The root of the flaw is an error in defining the heap lengths, and exploitation could lead to reading parts of the memory that may contain sensitive data.
The developer also removed various bugs that could be exploited to lead to memory corruption problems, if certain conditions were met. In the security advisory published on Tuesday, Mozilla says that “with enough effort at least some of these could be exploited to run arbitrary code.”
Most of the critical bugs solved in the current release of Firefox result in a crash condition of the web browser that could be taken advantage of to carry out a more damaging attack.
Also, in most of the cases, the issues were identified using the Address Sanitizer tool, which can reveal memory corruption type of bugs (use-after-free, buffer overflow).
Firefox 38 adds support for DRM (Digital Rights Management)
Mozilla’s browser update also includes an integration with the Adobe Content Decryption Module (CDM), which permits playing DRM-wrapped content in HTML5 video tag.
The decision was made to provide users with the possibility to access premium video content such as that provided by Netflix. However, DRM is not open source and Mozilla sees it as a “black-box” technology, which prevents implementing various security measures.
To compensate, Mozilla runs the CDM in a sandbox that restricts interaction with sensitive parts of the system and the web browser.
Apart from this, the developer offers the possibility to remove the CDM component from the browser.
“We believe that these are important security and choice mechanisms that allow us to introduce this technology in a manner that lessens the negative impacts of integrating this type of black-box,” says in a blog post Denelle Dixon-Thayer, Senior Vice President of Business and Legal Affairs at Mozilla Corporation.