Mozilla has published a security advisory to address a vulnerability found in Firefox. The vulnerability is caused by memory corruption during failed plugin initialization. A remote attacker could entice a user to open a web page with specially crafted content to exploit the vulnerability.
A successful attack could potentially lead to arbitrary code execution.
Mozilla has released new versions of the products to address the issue and they can be downloaded at the following URLs:
Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/
https://www.mozilla.org/en-US/firefox/37.0.2/releasenotes/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2706