USN-2993-1: Firefox vulnerabilities
USN-2993-1: Firefox vulnerabilities Ubuntu Security Notice USN-2993-1 9th June, 2016 firefox vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Firefox could be made to crash or run programs as your login if it opened a malicious website. Software description firefox – Mozilla Open Source web browser Details Christian Holler, Gary Kwong, Jesse Ruderman, Tyson Smith, Timothy Nikkel,Sylvestre Ledru, Julian Seward, Olli Pettay, Karl Tomlinson, ChristophDiehl, Julian Hector, Jan de Mooij, Mats Palmgren, and Tooru Fujisawadiscovered multiple memory safety issues in Firefox. If a user weretricked in to opening a specially crafted website, an attacker couldpotentially exploit these to cause a denial of service via applicationcrash, or execute arbitrary code. (CVE-2016-2815, CVE-2016-2818) A buffer overflow was discovered when parsing HTML5 fragments in somecircumstances. If a [ more… ]
