A use-after-free vulnerability can occur when the layer manager is freed too early when rendering specific SVG content, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 55.
Puede ocurrir una vulnerabilidad de uso de memoria previamente liberada cuando el gestor de capas se liberar demasiado pronto cuando se "renderizar" determinados contenidos SVG, resultando en un cierre inesperado explotable. Esta vulnerabilidad afecta a las versiones anteriores a la 55 de Firefox.
USN-3391-1 fixed vulnerabilities in Firefox. The update introduced a performance regression with WebExtensions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to conduct cross-site scripting attacks, bypass sandbox restrictions, obtain sensitive information, spoof the origin of modal alerts, bypass same origin restrictions, read uninitialized memory, cause a denial of service via program crash or hang, or execute arbitrary code. Various other issues were also addressed.
