Debian Firefox vulnerabilities

CVE-2019-17021 [MEDIUM] CVE-2019-17021: firefox - During the initialization of a new content process, a race condition occurs that... During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72. Scope: local sid: resolved

CVE-2019-11743 [LOW] CVE-2019-11743: firefox - Navigation events were not fully adhering to the W3C's "Navigation-Timing Level ... Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history through timing side-channel attacks. This vulnerability affects Firefox < 69,

CVE-2019-11700 [MEDIUM] CVE-2019-11700: firefox - A hyperlink using the res: protocol can be used to open local files at a known l... A hyperlink using the res: protocol can be used to open local files at a known location in Internet Explorer if a user approves execution when prompted. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 67. Scope: local sid: resolved

CVE-2019-9804 [CRITICAL] CVE-2019-9804: firefox - In Firefox Developer Tools it is possible that pasting the result of the 'Copy a... In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. This is the result of an issue with the native version of Bash on macOS. *Note: This issue only affects macOS. Other operating system

CVE-2019-11751 [HIGH] CVE-2019-11751: firefox - Logging-related command line parameters are not properly sanitized when Firefox ... Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerabili

CVE-2019-17019 [HIGH] CVE-2019-17019: firefox - When Python was installed on Windows, a python file being served with the MIME t... When Python was installed on Windows, a python file being served with the MIME type of text/plain could be executed by Python instead of being opened as a text file when the Open option was selected upon download. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 72. Scope: local sid: resolved

CVE-2019-11736 [HIGH] CVE-2019-11736: firefox - The Mozilla Maintenance Service does not guard against files being hardlinked to... The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during checks for junctions and symbolic links by the Maintenance Service, allo

CVE-2019-11753 [HIGH] CVE-2019-11753: firefox - The Firefox installer allows Firefox to be installed to a custom user writable l... The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the unprotected location has been altered, the altered maintenance service can

CVE-2019-11694 [HIGH] CVE-2019-11694: firefox - A vulnerability exists in the Windows sandbox where an uninitialized value in me... A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnera

CVE-2019-17018 [MEDIUM] CVE-2019-17018: firefox - When in Private Browsing Mode on Windows 10, the Windows keyboard may retain wor... When in Private Browsing Mode on Windows 10, the Windows keyboard may retain word suggestions to improve the accuracy of the keyboard. This vulnerability affects Firefox < 72. Scope: local sid: resolved

CVE-2019-12383 [MEDIUM] CVE-2019-12383: firefox - Tor Browser before 8.0.1 has an information exposure vulnerability. It allows re... Tor Browser before 8.0.1 has an information exposure vulnerability. It allows remote attackers to detect the browser's UI locale by measuring a button width, even if the user has a "Don't send my language" setting. Scope: local sid: open

CVE-2019-11702 [MEDIUM] CVE-2019-11702: firefox - A hyperlink using protocols associated with Internet Explorer, such as IE.HTTP:,... A hyperlink using protocols associated with Internet Explorer, such as IE.HTTP:, can be used to open local files at a known location with Internet Explorer if a user approves execution when prompted. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 67.0.2. Scope: local sid: resolved

CVE-2019-15903 [HIGH] CVE-2019-15903: chromium - In libexpat before 2.2.8, crafted XML input could fool the parser into changing ... In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2019-13722 [MEDIUM] CVE-2019-13722: firefox - Inappropriate implementation in WebRTC in Google Chrome prior to 79.0.3945.79 al... Inappropriate implementation in WebRTC in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local sid: resolved

CVE-2019-9818 [HIGH] CVE-2019-9818: firefox - A race condition is present in the crash generation server used to generate data... A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a use-after-free in the main process, resulting in a potentially exploitable crash and a sandbox escape. *Note: this vulnerability only affects Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7,

CVE-2018-12390 [CRITICAL] CVE-2018-12390: firefox - Mozilla developers and community members reported memory safety bugs present in ... Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3. Scope: loc

CVE-2018-5150 [CRITICAL] CVE-2018-5150: firefox - Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbir... Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8. Scope: local

CVE-2018-12405 [CRITICAL] CVE-2018-12405: firefox - Mozilla developers and community members reported memory safety bugs present in ... Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64. Scope: loc

CVE-2018-5154 [CRITICAL] CVE-2018-5154: firefox - A use-after-free vulnerability can occur while enumerating attributes during SVG... A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8. Scope: local sid: resolved (fixed in 60.0-1)

CVE-2018-5095 [CRITICAL] CVE-2018-5095: firefox - An integer overflow vulnerability in the Skia library when allocating memory for... An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Scope: local sid: resolved (fixed in 58.0-1)