Debian Firefox-Esr vulnerabilities

CVE-2017-7802 [CRITICAL] CVE-2017-7802: firefox - A use-after-free vulnerability can occur when manipulating the DOM during the re... A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. Scope: local sid: r

CVE-2017-5391 [CRITICAL] CVE-2017-5391: firefox - Special "about:" pages used by web content, such as RSS feeds, can load privileg... Special "about:" pages used by web content, such as RSS feeds, can load privileged "about:" pages in an iframe. If a content-injection bug were found in one of those pages this could allow for potential privilege escalation. This vulnerability affects Firefox < 51. Scope: local sid: resolved (fixed in 51.0-1)

CVE-2017-5472 [CRITICAL] CVE-2017-5472: firefox - A use-after-free vulnerability with the frameloader during tree reconstruction w... A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. Scope: local sid: resolved (fixed in 54.0-1)

CVE-2017-5441 [CRITICAL] CVE-2017-5441: firefox - A use-after-free vulnerability when holding a selection during scroll events. Th... A use-after-free vulnerability when holding a selection during scroll events. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Scope: local sid: resolved (fixed in 52.0.1-1)

CVE-2017-5465 [CRITICAL] CVE-2017-5465: firefox - An out-of-bounds read while processing SVG content in "ConvolvePixel". This resu... An out-of-bounds read while processing SVG content in "ConvolvePixel". This results in a crash and also allows for otherwise inaccessible memory being copied into SVG graphic content, which could then displayed. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Scope: local sid: resolved (fixed in 52.0.1-1)

CVE-2017-7753 [CRITICAL] CVE-2017-7753: firefox - An out-of-bounds read occurs when applying style rules to pseudo-elements, such ... An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. Scope: local sid: resolved (fixed in 55.0-1)

CVE-2017-5402 [CRITICAL] CVE-2017-5402: firefox - A use-after-free can occur when events are fired for a "FontFace" object after t... A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. Scope: local sid: resolved (fixed in 52.0-1)

CVE-2017-7793 [CRITICAL] CVE-2017-7793: firefox - A use-after-free vulnerability can occur in the Fetch API when the worker or the... A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4. Scope: local sid: resolved (fixed in 56.0-1)

CVE-2017-5377 [CRITICAL] CVE-2017-5377: firefox - A memory corruption vulnerability in Skia that can occur when using transforms t... A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 51. Scope: local sid: resolved (fixed in 51.0-1)

CVE-2017-5380 [CRITICAL] CVE-2017-5380: firefox - A potential use-after-free found through fuzzing during DOM manipulation of SVG ... A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. Scope: local sid: resolved (fixed in 51.0-1)

CVE-2017-5433 [CRITICAL] CVE-2017-5433: firefox - A use-after-free vulnerability in SMIL animation functions occurs when pointers ... A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Scope: local sid: resolved (fixed in

CVE-2017-7751 [CRITICAL] CVE-2017-7751: firefox - A use-after-free vulnerability with content viewer listeners that results in a p... A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. Scope: local sid: resolved (fixed in 54.0-1)

CVE-2017-5375 [CRITICAL] CVE-2017-5375: firefox - JIT code allocation can allow for a bypass of ASLR and DEP protections leading t... JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. Scope: local sid: resolved (fixed in 51.0-1)

CVE-2017-7800 [CRITICAL] CVE-2017-7800: firefox - A use-after-free vulnerability can occur in WebSockets when the object holding t... A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. Scope: local sid: resolved (fixed in 55.0-1)

CVE-2017-7784 [CRITICAL] CVE-2017-7784: firefox - A use-after-free vulnerability can occur when reading an image observer during f... A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. Scope: local sid: resolved (fixed in 55.0-1)

CVE-2017-7828 [CRITICAL] CVE-2017-7828: firefox - A use-after-free vulnerability can occur when flushing and resizing layout becau... A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use. This results in a potentially exploitable crash during these operations. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5. Scope: local sid: resolved (fixed in 57.0-1)

CVE-2017-5400 [CRITICAL] CVE-2017-5400: firefox - JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASL... JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. Scope: local sid: resolved (fixed in 52.0-1)

CVE-2017-5401 [CRITICAL] CVE-2017-5401: firefox - A crash triggerable by web content in which an "ErrorResult" references unassign... A crash triggerable by web content in which an "ErrorResult" references unassigned memory due to a logic error. The resulting crash may be exploitable. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. Scope: local sid: resolved (fixed in 52.0-1)

CVE-2017-5443 [CRITICAL] CVE-2017-5443: firefox - An out-of-bounds write vulnerability while decoding improperly formed BinHex for... An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Scope: local sid: resolved (fixed in 52.0.1-1)

CVE-2017-7810 [CRITICAL] CVE-2017-7810: firefox - Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. Some of the... Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4. Scope: local sid: resolved (fixed in 56.0-1)