Debian Firefox-Esr vulnerabilities

CVE-2016-2835 [HIGH] CVE-2016-2835: firefox - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox be... Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Scope: local sid: resolved (fixed in 48.0-1)

CVE-2016-1952 [HIGH] CVE-2016-1952: firefox - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox be... Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2016-1951 [HIGH] CVE-2016-1951: firefox - Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime (N... Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime (NSPR) before 4.12 allow remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long string to a PR_*printf function. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2016-2819 [HIGH] CVE-2016-2819: firefox - Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x b... Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element. Scope: local sid: resolved (fixed in 47.0-1)

CVE-2016-2793 [HIGH] CVE-2016-2793: firefox - CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.... CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2016-1969 [HIGH] CVE-2016-1969: firefox - The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox befo... The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted Graphite smart font. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2016-5278 [HIGH] CVE-2016-5278: firefox - Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozill... Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image. Scope: local sid: resolved (fixed in 49.0-1)

CVE-2016-1974 [HIGH] CVE-2016-1974: firefox - The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and... The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not verify that memory allocation succeeds, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via crafted Unicode data in an HTML, XML, or SVG document. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2016-2804 [HIGH] CVE-2016-2804: firefox - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox be... Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Scope: local sid: resolved (fixed in 46.0-1)

CVE-2016-2802 [HIGH] CVE-2016-2802: firefox - The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before... The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2016-2792 [HIGH] CVE-2016-2792: firefox - The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as... The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2800. Scope: local sid: resolv

CVE-2016-5275 [HIGH] CVE-2016-5275: firefox - Buffer overflow in the mozilla::gfx::FilterSupport::ComputeSourceNeededRegions f... Buffer overflow in the mozilla::gfx::FilterSupport::ComputeSourceNeededRegions function in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code by leveraging improper interaction between empty filters and CANVAS element rendering. Scope: local sid: resolved (fixed in 49.0-1)

CVE-2016-5296 [HIGH] CVE-2016-5296: firefox - A heap-buffer-overflow in Cairo when processing SVG content caused by compiler o... A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. Scope: local sid: resolved (fixed in 50.0-1)

CVE-2016-2818 [HIGH] CVE-2016-2818: firefox - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox be... Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Scope: local sid: resolved (fixed in 47.0-1)

CVE-2016-9900 [HIGH] CVE-2016-9900: firefox - External resources that should be blocked when loaded by SVG images can bypass s... External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of "data:" URLs. This could allow for cross-domain data leakage. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6. Scope: local sid: resolved (fixed in 50.1.0-1)

CVE-2016-2808 [HIGH] CVE-2016-2808: firefox - The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0... The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code or cause a denial of service (generation-count overflow, out-of-bounds HashMap write access, and application crash) via a crafted web site. Scope: local sid: resolved (fixed i

CVE-2016-1949 [HIGH] CVE-2016-1949: firefox - Mozilla Firefox before 44.0.2 does not properly restrict the interaction between... Mozilla Firefox before 44.0.2 does not properly restrict the interaction between Service Workers and plugins, which allows remote attackers to bypass the Same Origin Policy via a crafted web site that triggers spoofed responses to requests that use NPAPI, as demonstrated by a request for a crossdomain.xml file. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2016-2794 [HIGH] CVE-2016-2794: firefox - The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 befor... The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2016-2800 [HIGH] CVE-2016-2800: firefox - The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as... The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792. Scope: local sid: resolv

CVE-2016-9068 [HIGH] CVE-2016-9068: firefox - A use-after-free during web animations when working with timelines resulting in ... A use-after-free during web animations when working with timelines resulting in a potentially exploitable crash. This vulnerability affects Firefox < 50. Scope: local sid: resolved (fixed in 50.0-1)