TTCSIRT-198.020419: TT-CSIRT Advisory – FireFox Security Updates
Mozilla has released a security update stating that the following issues have been discovered in Mozilla FireFox ver 65.0:
a) A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations – (CVE-2018-18504).
b) A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements – (CVE-2018-18500).
c) When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations – (CVE-2018-18503).
Further information on these vulnerabilities and how they can be mitigated can be found on the Mozilla Website at https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/ |