Firefox 102 Fixes 19 Security Flaws and Enhances Privacy

13
Firefox 102 Fixes 19 Security Flaws and Enhances Privacy

This week, Mozilla announced the release of Firefox 102 in the stable channel, which includes fixes for 19 vulnerabilities, including four high-severity flaws. The latest update from Mozilla fixes CVE-2022-34470, a high-severity use-after-free flaw in nssHistory that was brought on while switching between XML documents and might result in a crash that could be exploited.

Use-after-free flaw can be used to execute arbitrary code, corrupt data, or cause a denial of service; when combined with other bugs, they can compromise the entire system. These flaws can be used by malicious websites to get beyond a browser’s sandbox.

The latest version of Firefox also fixes Linux-specific bug CVE-2022-34479, which allowed malicious websites to produce popup windows that could be resized in a way that covered the address bar with online content, possibly opening the door for spoofing attacks.

Read More: https://www.securityweek.com/firefox-102-patches-19-vulnerabilities-improves-privacy