Repairs fix several critical memory corruption errors and buffer overflow flaws that could cause the browser to crash and leave users vulnerable to attack.
Mozilla issued an update to its popular Firefox browser this week, repairing more than a dozen flaws that could cause the browser to operate erratically and crash or allow remote attackers to target vulnerable users.
The browser maker issued 10 advisories on Tuesday, five critical, fixing memory corruption errors, buffer overflow flaws and an object handling flaw that could enable an attacker to execute malicious code and gain access to sensitive data. Firefox 3.5.4 and 3.0.15 plug 16 holes were addressed in a variety of browser functions.
The browser maker also updated several third-party libraries used to render media. The corrupted libraries were used by the browser to read Ogg Vorbis encoded media files.
“Some of the bugs discovered could potentially be used by an attacker to crash a victim’s browser and execute arbitrary code on their computer,” Mozilla said.
Last month, Mozilla released a new feature it said would help get users to update third-party plugins. The changes came in the release of Firefox 3.5.3 and Firefox 3.0.14.