Security Vulnerabilities fixed in Firefox 37

description-logoDescription

Mozilla developer Daniel Stenberg reported that the DNS resolver in Firefox for Android uses an insufficiently random algorithm when generating random numbers for the unique identifier. This was derived from an old version of the Bionic libc library and suffered from insufficient randomness in the pseudo-random number generator (PRNG) as described by Roee Hay and Roi Saltzman.

affected-products-logoAffected Applications

Firefox

CVE References

CVE-2015-0800 CVE-2012-2808