The Channel logo


By | Kelly Fiveash 28th October 2009 15:48

Firefox 3.5.4 fixes critical memory flaws

Vulns found all alone in moonlight

Mozilla trotted out Firefox 3.5.4 yesterday, which patches 16 vulns - 11 of which were critical bugs.

The browser maker said the 11 critical vulnerabilities were found in a number of components such as the JavaScript and browser engines, the GIF color map parser, the strings-to-number converter, three third party media libraries and web worker calls.

"Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code," said Mozilla.

The open source outfit had been expected to release Firefox 3.5.4 on 21 October, after shooting out a release candidate version of the update early last month.

Meanwhile, a beta of the next iteration of Mozilla's popular browser - Firefox 3.6 - might be squirted out later today.

Mozilla has already pushed the release of that version back several times, however.

Get your hands on the update here.®

comment icon Read 22 comments on this article alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


Suit-and-tie-wearing man tries to meditate, take deep breaths in faux yoga pose. Photo by Shutterstock
Emotional intelligence, not tech skills, is the way to woo suits
League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe