Mozilla Patches Critical Vulnerabilities in Firefox 44


January 27, 2016

Mozilla has patched a number of critical vulnerabilities in Firefox 44 and Firefox Ex§tended Release 38.6, which were released this week.

The most serious flaws were memory vulnerabilities that lived in both the public and extended support versions of the browser.

A buffer overflow (write) in WebGL, the browser’s Web graphics library, was patched. WebGL is a JavaScript API that renders 3D and 2D graphics in the browser without the need for a plug-in. Mozilla said the vulnerability was discovered in the buffersubdata method of the API.

Mozilla also addressed several “memory safety bugs” in the engine used in Firefox and other Mozilla products.

Read full story…