Debian Firefox vulnerabilities

CVE-2018-5138 [MEDIUM] CVE-2018-5138: firefox - A spoofing vulnerability can occur when a malicious site with an extremely long ... A spoofing vulnerability can occur when a malicious site with an extremely long domain name is opened in an Android Custom Tab (a browser panel inside another app) and the default browser is Firefox for Android. This could allow an attacker to spoof which page is actually loaded and in use. Note: this issue only affects Firefox for Android. Other versions and operat

CVE-2018-12391 [HIGH] CVE-2018-12391: firefox - During HTTP Live Stream playback on Firefox for Android, audio data can be acces... During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. *Note: this issue only affects Firefox for Android. Desktop versions of Firefox are un

CVE-2017-5460 [CRITICAL] CVE-2017-5460: firefox - A use-after-free vulnerability in frame selection triggered by a combination of ... A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Scope: local sid: resolved (fixed in 52.0.1-1)

CVE-2017-7792 [CRITICAL] CVE-2017-7792: firefox - A buffer overflow will occur when viewing a certificate in the certificate manag... A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. Scope: local sid: resolved (fixed in 55.0-1)

CVE-2017-5434 [CRITICAL] CVE-2017-5434: firefox - A use-after-free vulnerability occurs when redirecting focus handling which resu... A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Scope: local sid: resolved (fixed in 52.0.1-1)

CVE-2017-7827 [CRITICAL] CVE-2017-7827: firefox - Memory safety bugs were reported in Firefox 56. Some of these bugs showed eviden... Memory safety bugs were reported in Firefox 56. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 57. Scope: local sid: resolved (fixed in 57.0-1)

CVE-2017-5459 [CRITICAL] CVE-2017-5459: firefox - A buffer overflow in WebGL triggerable by web content, resulting in a potentiall... A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Scope: local sid: resolved (fixed in 52.0.1-1)

CVE-2017-5469 [CRITICAL] CVE-2017-5469: firefox - Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 ... Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Scope: local sid: resolved (fixed in 52.0.1-1)

CVE-2017-5470 [CRITICAL] CVE-2017-5470: firefox - Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1. Some of the... Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. Scope: local sid: resolved (fixed in 54.0-1)

CVE-2017-7819 [CRITICAL] CVE-2017-7819: firefox - A use-after-free vulnerability can occur in design mode when image objects are r... A use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4. Scope: local sid: resolved (fixed in 56.0-1)

CVE-2017-5435 [CRITICAL] CVE-2017-5435: firefox - A use-after-free vulnerability occurs during transaction processing in the edito... A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Scope: local sid: resolved (fixed in 52.0.1-1)

CVE-2017-5471 [CRITICAL] CVE-2017-5471: firefox - Memory safety bugs were reported in Firefox 53. Some of these bugs showed eviden... Memory safety bugs were reported in Firefox 53. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 54. Scope: local sid: resolved (fixed in 54.0-1)

CVE-2017-5461 [CRITICAL] CVE-2017-5461: firefox - Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x bef... Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations. Scope: local sid: resolved (fixed in 52.0.1-1)

CVE-2017-7788 [CRITICAL] CVE-2017-7788: firefox - When an "iframe" has a "sandbox" attribute and its content is specified using "s... When an "iframe" has a "sandbox" attribute and its content is specified using "srcdoc", that content does not inherit the containing page's Content Security Policy (CSP) as it should unless the sandbox attribute included "allow-same-origin". This vulnerability affects Firefox < 55. Scope: local sid: resolved (fixed in 55.0-1)

CVE-2017-5429 [CRITICAL] CVE-2017-5429: firefox - Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Firefox ESR 52... Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Sco

CVE-2017-5430 [CRITICAL] CVE-2017-5430: firefox - Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and Thunderbird ... Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53. Scope: local sid: resolved (fixed in 52.0

CVE-2017-7821 [CRITICAL] CVE-2017-7821: firefox - A vulnerability where WebExtensions can download and attempt to open a file of s... A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. This can be triggered without specific user interaction for the file download and open actions. This could be used to trigger known vulnerabilities in the programs that handle those document types. This vulnerability affects Firefox < 56. Scope: local sid

CVE-2017-7756 [CRITICAL] CVE-2017-7756: firefox - A use-after-free and use-after-scope vulnerability when logging errors from head... A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests (XHR). This could result in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. Scope: local sid: resolved (fixed in 54.0-1)

CVE-2017-5468 [CRITICAL] CVE-2017-5468: firefox - An issue with incorrect ownership model of "privateBrowsing" information exposed... An issue with incorrect ownership model of "privateBrowsing" information exposed through developer tools. This can result in a non-exploitable crash when manually triggered during debugging. This vulnerability affects Firefox < 53. Scope: local sid: resolved (fixed in 52.0.1-1)

CVE-2017-7801 [CRITICAL] CVE-2017-7801: firefox - A use-after-free vulnerability can occur while re-computing layout for a "marque... A use-after-free vulnerability can occur while re-computing layout for a "marquee" element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. Scope: local sid: resolved (fixed in 55.0-1)