Debian Firefox-Esr vulnerabilities

CVE-2018-12387 [CRITICAL] CVE-2018-12387: firefox - A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push w... A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content process. This vulnerability affects Firefox ESR < 60.2.2 and Firefox

CVE-2018-5098 [CRITICAL] CVE-2018-5098: firefox - A use-after-free vulnerability can occur when form input elements, focus, and se... A use-after-free vulnerability can occur when form input elements, focus, and selections are manipulated by script content. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Scope: local sid: resolved (fixed in 58.0-1)

CVE-2018-5155 [CRITICAL] CVE-2018-5155: firefox - A use-after-free vulnerability can occur while adjusting layout during SVG anima... A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8. Scope: local sid: resolved (fixed in 60.0-1)

CVE-2018-5156 [CRITICAL] CVE-2018-5156: firefox - A vulnerability can occur when capturing a media stream when the media source ty... A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. Scope: local sid: resolved (fixed in 61

CVE-2018-12378 [CRITICAL] CVE-2018-12378: firefox - A use-after-free vulnerability can occur when an IndexedDB index is deleted whil... A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Scope: local sid: resolved (fixed in 62.0-1)

CVE-2018-5188 [CRITICAL] CVE-2018-5188: firefox - Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. ... Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. Scope:

CVE-2018-5183 [CRITICAL] CVE-2018-5183: firefox-esr - Mozilla developers backported selected changes in the Skia library. These change... Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8. Scope: local bookworm: resolved (fixed in 52.8.0esr-1) bullseye: resolved (fixed in

CVE-2018-5145 [CRITICAL] CVE-2018-5145: firefox-esr - Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence... Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7. Scope: local bookworm: resolved (fixed in 52.7.0esr-1) bullseye: resolved (fixed in 52.7.0

CVE-2018-18505 [CRITICAL] CVE-2018-18505: firefox - An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-... An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the authentication not being correctly applied to later channels. Th

CVE-2018-18493 [CRITICAL] CVE-2018-18493: firefox - A buffer overflow can occur in the Skia library during buffer offset calculation... A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64. Scope: local sid: resolved (fixed in 64.0-1)

CVE-2018-5099 [CRITICAL] CVE-2018-5099: firefox - A use-after-free vulnerability can occur when the widget listener is holding str... A use-after-free vulnerability can occur when the widget listener is holding strong references to browser objects that have previously been freed, resulting in a potentially exploitable crash when these references are used. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Scope: local sid: resolved (fixed in 58.0-1)

CVE-2018-12376 [CRITICAL] CVE-2018-12376: firefox - Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bug... Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Scope: local sid: resolved (fixed in 62.0-1)

CVE-2018-18498 [CRITICAL] CVE-2018-18498: firefox - A potential vulnerability leading to an integer overflow can occur during buffer... A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64. Scope: local sid: resolved (fixed in 64.0-1)

CVE-2018-5103 [CRITICAL] CVE-2018-5103: firefox - A use-after-free vulnerability can occur during mouse event handling due to issu... A use-after-free vulnerability can occur during mouse event handling due to issues with multiprocess support. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Scope: local sid: resolved (fixed in 58.0-1)

CVE-2018-18500 [CRITICAL] CVE-2018-18500: firefox - A use-after-free vulnerability can occur while parsing an HTML5 stream in concer... A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65. Scope: local sid: resolved (fixed in 65.0-1)

CVE-2018-12377 [CRITICAL] CVE-2018-12377: firefox - A use-after-free vulnerability can occur when refresh driver timers are refreshe... A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Scope: local sid: resolved (fixed in 62.0-1)

CVE-2018-18501 [CRITICAL] CVE-2018-18501: firefox - Mozilla developers and community members reported memory safety bugs present in ... Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65. Scope: loc

CVE-2018-5097 [CRITICAL] CVE-2018-5097: firefox - A use-after-free vulnerability can occur during XSL transformations when the sou... A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Scope: local sid: resolved (fixed in 58.0-1)

CVE-2018-12392 [CRITICAL] CVE-2018-12392: firefox - When manipulating user events in nested loops while opening a document through s... When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3. Scope: local sid: resolved (fixed in 63.0-1)

CVE-2018-5091 [CRITICAL] CVE-2018-5091: firefox - A use-after-free vulnerability can occur during WebRTC connections when interact... A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.6 and Firefox < 58. Scope: local sid: resolved (fixed in 58.0-1)