14 DAY TRIAL // The security advisory that comes with the release of the latest version of the popular web browser, Firefox 9, reveals that a number of four critical, a high and a moderate impact security vulnerabilities were fixed.
A critical one refers to the fact that the application crashes when a video is scaled to extreme sizes. Other flaws were caused by miscellaneous memory safety hazards, a potentially exploitable crash in the YARR regular expression library, and a nsSVGValue out-of-bounds access.
All these security holes could have allowed an attacker to execute arbitrary code and install software without the user ever noticing.
The high risk vulnerabilities, that may have been utilized to gather sensitive data from sites or inject data or code into those sites, were caused by a crash that occurred when a plug-in removed itself on Mac OS X.
The moderate flaw, which may have very well been a high or a critical flaw if it didn’t require too much user interaction or non-default configurations, referred to a key detection without JavaScript via and SVG animation.
Firefox 9 for Windows is available for download here. Firefox 9 for Mac is available for download here. Portable Firefox 9 is available for download here.