Debian Firefox-Esr vulnerabilities

CVE-2018-5159 [CRITICAL] CVE-2018-5159: firefox - An integer overflow can occur in the Skia library due to 32-bit integer use in a... An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8. Scope: local

CVE-2018-5102 [CRITICAL] CVE-2018-5102: firefox - A use-after-free vulnerability can occur when manipulating HTML media elements w... A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Scope: local sid: resolved (fixed in 58.0-1)

CVE-2018-5148 [CRITICAL] CVE-2018-5148: firefox - A use-after-free vulnerability can occur in the compositor during certain graphi... A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.7.3 and Firefox < 59.0.2. Scope: local sid: resolved (fixed in 59.0.2-1)

CVE-2018-5089 [CRITICAL] CVE-2018-5089: firefox - Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. Some of the... Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Scope: local sid: resolved (fixed in 58.0-1)

CVE-2018-5096 [CRITICAL] CVE-2018-5096: firefox-esr - A use-after-free vulnerability can occur while editing events in form elements o... A use-after-free vulnerability can occur while editing events in form elements on a page, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.6 and Thunderbird < 52.6. Scope: local bookworm: resolved (fixed in 52.6.0esr-1) bullseye: resolved (fixed in 52.6.0esr-1) forky: resolved (fixed in 52.6.0esr-1) sid: resolved (fixed

CVE-2018-18492 [CRITICAL] CVE-2018-18492: firefox - A use-after-free vulnerability can occur after deleting a selection element due ... A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64. Scope: local sid: resolved (fixed in 64.0-1)

CVE-2018-5144 [HIGH] CVE-2018-5144: firefox-esr - An integer overflow can occur during conversion of text to some Unicode characte... An integer overflow can occur during conversion of text to some Unicode character sets due to an unchecked length parameter. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7. Scope: local bookworm: resolved (fixed in 52.7.0esr-1) bullseye: resolved (fixed in 52.7.0esr-1) forky: resolved (fixed in 52.7.0esr-1) sid: resolved (fixed in 52.7.0esr-1

CVE-2018-5125 [HIGH] CVE-2018-5125: firefox - Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of the... Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59. Scope: local sid: resolved (fixed in 59.0-1)

CVE-2018-12385 [HIGH] CVE-2018-12385: firefox - A potentially exploitable crash in TransportSecurityInfo used for SSL can be tri... A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into the local cache or from locally installed malware. This issue also triggers a non-exploitable startup c

CVE-2018-12362 [HIGH] CVE-2018-12362: firefox - An integer overflow can occur during graphics operations done by the Supplementa... An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. Scope: local sid: resolved (fixed in 61.0-1)

CVE-2018-6126 [HIGH] CVE-2018-6126: firefox - A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remot... A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Scope: local sid: resolved (fixed in 60.0.2-1)

CVE-2018-12393 [HIGH] CVE-2018-12393: firefox - A potential vulnerability was found in 32-bit builds where an integer overflow d... A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit builds are not vulnerable to this issue.*. This vulnerability affects Firefox < 63, Firefox E

CVE-2018-12360 [HIGH] CVE-2018-12360: firefox - A use-after-free vulnerability can occur when deleting an input element during a... A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. Scope: local sid: resolved (fixed in 61.0-1)

CVE-2018-12389 [HIGH] CVE-2018-12389: firefox-esr - Mozilla developers and community members reported memory safety bugs present in ... Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 60.3 and Thunderbird < 60.3. Scope: local bookworm: resolved (fixed i

CVE-2018-5158 [HIGH] CVE-2018-5158: firefox - The PDF viewer does not sufficiently sanitize PostScript calculator functions, a... The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60. Scope: local sid: resolved (fixed in 60.0-1)

CVE-2018-17466 [HIGH] CVE-2018-17466: firefox - Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allow... Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Scope: local sid: resolved (fixed in 64.0-1)

CVE-2018-18335 [HIGH] CVE-2018-18335: chromium - Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a re... Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 71.0.3578.80-1) bullseye: resolved (fixed in 71.0.3578.80-1) forky: resolved (fixed in 71.0.3578.80-1) sid: resolved (fixed in 71.0.3578.80-1) trixie: resolved (fixed

CVE-2018-18356 [HIGH] CVE-2018-18356: chromium - An integer overflow in path handling lead to a use after free in Skia in Google ... An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 71.0.3578.80-1) bullseye: resolved (fixed in 71.0.3578.80-1) forky: resolved (fixed in 71.0.3578.80-1) sid: resolved (fixed in

CVE-2018-5147 [HIGH] CVE-2018-5147: firefox - The libtremor library has the same flaw as CVE-2018-5146. This library is used b... The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR < 52.7.2 and Firefox < 59.0.1. Scope: local sid: resolved (fixed in 59.0.1-1)

CVE-2018-12386 [HIGH] CVE-2018-12386: firefox - A vulnerability in register allocation in JavaScript can lead to type confusion,... A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3. Scope: local sid: resolved (fixed in 62.0.3-1)