Top
image: Threat Post

Mozilla Fixes 32 Vulnerabilities in Firefox 54

June 15, 2017

Category:

Mozilla fixed 32 vulnerabilities, including a critical bug that could have resulted in a crash, with the release Tuesday of Firefox 54, the latest version of its flagship browser.

The critical bug, a use-after-free vulnerability, was dug up by longtime bug hunter Nils. The vulnerability (CVE-2017-5472) existed in the browser’s frameloader. Nils encountered the vulnerability during tree reconstruction while regenerating CSS layout. The researcher discovered that while attempting to access a node in the tree that didn’t exist, he could trigger a potentially exploitable crash.

Read More on Threat Post