Firefox 52, ESR 45.8, ESR 52 bugs

For discussions about security.
Post Reply
Message
Author
User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

Firefox 52, ESR 45.8, ESR 52 bugs

#1 Post by rufwoof »

Description

Mozilla developers and community members Christian Holler, Jon Coppeard, Marcia Knous, David Baron, Mats Palmgren, Ronald Crane, Bob Clary, and Chris Peterson reported memory safety bugs present in Firefox 52, Firefox ESR 45.8, and Firefox ESR 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
https://www.mozilla.org/en-US/security/ ... sa2017-11/

User avatar
Burn_IT
Posts: 3650
Joined: Sat 12 Aug 2006, 19:25
Location: Tamworth UK

#2 Post by Burn_IT »

Well why not publish them all so as to make it easy for the world of script kiddies to exploit.
That was not a very clever post.
"Just think of it as leaving early to avoid the rush" - T Pratchett

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

#3 Post by rufwoof »

Doesn't Mozilla do that all the time, so any potential hacker is directed to exactly where the weakness is, making it a breeze to write a exploit. They then just need to set up traps for anyone who hasn't upgraded their browser ... again a trivial test.

Sailor Enceladus
Posts: 1543
Joined: Mon 22 Feb 2016, 19:43

#4 Post by Sailor Enceladus »

Interesting. Maybe 52.1esr will stop the crashing in Slacko 6.3.2 (then again it didn't happen in FF45.8esr so probably not).

Post Reply