Debian Firefox vulnerabilities

CVE-2018-5103 [CRITICAL] CVE-2018-5103: firefox - A use-after-free vulnerability can occur during mouse event handling due to issu... A use-after-free vulnerability can occur during mouse event handling due to issues with multiprocess support. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Scope: local sid: resolved (fixed in 58.0-1)

CVE-2018-18500 [CRITICAL] CVE-2018-18500: firefox - A use-after-free vulnerability can occur while parsing an HTML5 stream in concer... A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65. Scope: local sid: resolved (fixed in 65.0-1)

CVE-2018-12377 [CRITICAL] CVE-2018-12377: firefox - A use-after-free vulnerability can occur when refresh driver timers are refreshe... A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Scope: local sid: resolved (fixed in 62.0-1)

CVE-2018-18501 [CRITICAL] CVE-2018-18501: firefox - Mozilla developers and community members reported memory safety bugs present in ... Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65. Scope: loc

CVE-2018-5097 [CRITICAL] CVE-2018-5097: firefox - A use-after-free vulnerability can occur during XSL transformations when the sou... A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Scope: local sid: resolved (fixed in 58.0-1)

CVE-2018-12392 [CRITICAL] CVE-2018-12392: firefox - When manipulating user events in nested loops while opening a document through s... When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3. Scope: local sid: resolved (fixed in 63.0-1)

CVE-2018-5186 [CRITICAL] CVE-2018-5186: firefox - Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of ... Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 61. Scope: local sid: resolved (fixed in 61.0-1)

CVE-2018-5091 [CRITICAL] CVE-2018-5091: firefox - A use-after-free vulnerability can occur during WebRTC connections when interact... A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.6 and Firefox < 58. Scope: local sid: resolved (fixed in 58.0-1)

CVE-2018-5159 [CRITICAL] CVE-2018-5159: firefox - An integer overflow can occur in the Skia library due to 32-bit integer use in a... An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8. Scope: local

CVE-2018-5122 [CRITICAL] CVE-2018-5122: firefox - A potential integer overflow in the "DoCrypt" function of WebCrypto was identifi... A potential integer overflow in the "DoCrypt" function of WebCrypto was identified. If a means was found of exploiting it, it could result in an out-of-bounds write. This vulnerability affects Firefox < 58. Scope: local sid: resolved (fixed in 58.0-1)

CVE-2018-5102 [CRITICAL] CVE-2018-5102: firefox - A use-after-free vulnerability can occur when manipulating HTML media elements w... A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Scope: local sid: resolved (fixed in 58.0-1)

CVE-2018-5187 [CRITICAL] CVE-2018-5187: firefox - Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of these bugs ... Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61. Scope: local sid: resolved (fixed in 61.0-1)

CVE-2018-5151 [CRITICAL] CVE-2018-5151: firefox - Memory safety bugs were reported in Firefox 59. Some of these bugs showed eviden... Memory safety bugs were reported in Firefox 59. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 60. Scope: local sid: resolved (fixed in 60.0-1)

CVE-2018-5148 [CRITICAL] CVE-2018-5148: firefox - A use-after-free vulnerability can occur in the compositor during certain graphi... A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.7.3 and Firefox < 59.0.2. Scope: local sid: resolved (fixed in 59.0.2-1)

CVE-2018-5089 [CRITICAL] CVE-2018-5089: firefox - Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. Some of the... Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Scope: local sid: resolved (fixed in 58.0-1)

CVE-2018-12369 [CRITICAL] CVE-2018-12369: firefox - WebExtensions bundled with embedded experiments were not correctly checked for p... WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects Firefox ESR < 60.1 and Firefox < 61. Scope: local sid: resolved (fixed in 61.0-1)

CVE-2018-18492 [CRITICAL] CVE-2018-18492: firefox - A use-after-free vulnerability can occur after deleting a selection element due ... A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64. Scope: local sid: resolved (fixed in 64.0-1)

CVE-2018-5160 [HIGH] CVE-2018-5160: firefox - WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image object ca... WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image object can be freed while it is still in use. This can result in the WebRTC encoder using uninitialized memory, leading to a potentially exploitable crash. This vulnerability affects Firefox < 60. Scope: local sid: resolved (fixed in 60.0-1)

CVE-2018-5112 [HIGH] CVE-2018-5112: firefox - Development Tools panels of an extension are required to load URLs for the panel... Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to access, including potentially privileged pages. This vulnerability affects

CVE-2018-5137 [HIGH] CVE-2018-5137: firefox - A legacy extension's non-contentaccessible, defined resources can be loaded by a... A legacy extension's non-contentaccessible, defined resources can be loaded by an arbitrary web page through script. This script does this by using a maliciously crafted path string to reference the resources. Note: this vulnerability does not affect WebExtensions. This vulnerability affects Firefox < 59. Scope: local sid: resolved (fixed in 59.0-1)