Debian Firefox-Esr vulnerabilities

CVE-2019-17015 [HIGH] CVE-2019-17015: firefox - During the initialization of a new content process, a pointer offset can be mani... During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72. Scope: local sid: resolved

CVE-2019-11719 [HIGH] CVE-2019-11719: firefox - When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes,... When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. Scope: local sid: resolved (fixed in 68.0-1)

CVE-2019-17009 [HIGH] CVE-2019-17009: firefox - When running, the updater service wrote status and log files to an unrestricted ... When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Thunderbi

CVE-2019-17021 [MEDIUM] CVE-2019-17021: firefox - During the initialization of a new content process, a race condition occurs that... During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72. Scope: local sid: resolved

CVE-2019-11743 [LOW] CVE-2019-11743: firefox - Navigation events were not fully adhering to the W3C's "Navigation-Timing Level ... Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history through timing side-channel attacks. This vulnerability affects Firefox < 69,

CVE-2019-11751 [HIGH] CVE-2019-11751: firefox - Logging-related command line parameters are not properly sanitized when Firefox ... Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerabili

CVE-2019-11736 [HIGH] CVE-2019-11736: firefox - The Mozilla Maintenance Service does not guard against files being hardlinked to... The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during checks for junctions and symbolic links by the Maintenance Service, allo

CVE-2019-11753 [HIGH] CVE-2019-11753: firefox - The Firefox installer allows Firefox to be installed to a custom user writable l... The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the unprotected location has been altered, the altered maintenance service can

CVE-2019-11758 [HIGH] CVE-2019-11758: firefox-esr - Mozilla community member Philipp reported a memory safety bug present in Firefox... Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.2, and Firefox ESR <

CVE-2019-11694 [HIGH] CVE-2019-11694: firefox - A vulnerability exists in the Windows sandbox where an uninitialized value in me... A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnera

CVE-2019-12383 [MEDIUM] CVE-2019-12383: firefox - Tor Browser before 8.0.1 has an information exposure vulnerability. It allows re... Tor Browser before 8.0.1 has an information exposure vulnerability. It allows remote attackers to detect the browser's UI locale by measuring a button width, even if the user has a "Don't send my language" setting. Scope: local sid: open

CVE-2019-15903 [HIGH] CVE-2019-15903: chromium - In libexpat before 2.2.8, crafted XML input could fool the parser into changing ... In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2019-13722 [MEDIUM] CVE-2019-13722: firefox - Inappropriate implementation in WebRTC in Google Chrome prior to 79.0.3945.79 al... Inappropriate implementation in WebRTC in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local sid: resolved

CVE-2019-9818 [HIGH] CVE-2019-9818: firefox - A race condition is present in the crash generation server used to generate data... A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a use-after-free in the main process, resulting in a potentially exploitable crash and a sandbox escape. *Note: this vulnerability only affects Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7,

CVE-2018-12390 [CRITICAL] CVE-2018-12390: firefox - Mozilla developers and community members reported memory safety bugs present in ... Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3. Scope: loc

CVE-2018-5150 [CRITICAL] CVE-2018-5150: firefox - Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbir... Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8. Scope: local

CVE-2018-12405 [CRITICAL] CVE-2018-12405: firefox - Mozilla developers and community members reported memory safety bugs present in ... Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64. Scope: loc

CVE-2018-5154 [CRITICAL] CVE-2018-5154: firefox - A use-after-free vulnerability can occur while enumerating attributes during SVG... A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8. Scope: local sid: resolved (fixed in 60.0-1)

CVE-2018-5095 [CRITICAL] CVE-2018-5095: firefox - An integer overflow vulnerability in the Skia library when allocating memory for... An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Scope: local sid: resolved (fixed in 58.0-1)

CVE-2018-5104 [CRITICAL] CVE-2018-5104: firefox - A use-after-free vulnerability can occur during font face manipulation when a fo... A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Scope: local sid: resolved (fixed in 58.0-1)