Debian Firefox vulnerabilities

CVE-2016-2832 [MEDIUM] CVE-2016-2832: firefox - Mozilla Firefox before 47.0 allows remote attackers to discover the list of disa... Mozilla Firefox before 47.0 allows remote attackers to discover the list of disabled plugins via a fingerprinting attack involving Cascading Style Sheets (CSS) pseudo-classes. Scope: local sid: resolved (fixed in 47.0-1)

CVE-2016-5250 [MEDIUM] CVE-2016-5250: firefox - Mozilla Firefox before 48.0, Firefox ESR < 45.4 and Thunderbird < 45.4 allow rem... Mozilla Firefox before 48.0, Firefox ESR < 45.4 and Thunderbird < 45.4 allow remote attackers to obtain sensitive information about the previously retrieved page via Resource Timing API calls. Scope: local sid: resolved (fixed in 48.0-1)

CVE-2016-5279 [MEDIUM] CVE-2016-5279: firefox - Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sens... Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code. Scope: local sid: resolved (fixed in 49.0-1)

CVE-2016-2822 [MEDIUM] CVE-2016-2822: firefox - Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attack... Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu. Scope: local sid: resolved (fixed in 47.0-1)

CVE-2016-2837 [MEDIUM] CVE-2016-2837: firefox - Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in th... Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media Plugin (GMP) sandbox bypass. Scope: local sid: resolved (fixed in 48.0

CVE-2016-1957 [MEDIUM] CVE-2016-1957: firefox - Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.... Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2016-9895 [MEDIUM] CVE-2016-9895: firefox - Event handlers on "marquee" elements were executed despite a strict Content Secu... Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6. Scope: local sid: resolved (fixed in 50.1.0-1)

CVE-2016-5260 [MEDIUM] CVE-2016-5260: firefox - Mozilla Firefox before 48.0 mishandles changes from 'INPUT type="password"' to '... Mozilla Firefox before 48.0 mishandles changes from 'INPUT type="password"' to 'INPUT type="text"' within a single Session Manager session, which might allow attackers to discover cleartext passwords by reading a session restoration file. Scope: local sid: resolved (fixed in 48.0-1)

CVE-2016-9903 [MEDIUM] CVE-2016-9903: firefox - Mozilla's add-ons SDK had a world-accessible resource with an HTML injection vul... Mozilla's add-ons SDK had a world-accessible resource with an HTML injection vulnerability. If an additional vulnerability allowed this resource to be loaded as a document it could allow injecting content and script into an add-on's context. This vulnerability affects Firefox < 50.1. Scope: local sid: resolved (fixed in 50.1.0-1)

CVE-2016-1955 [MEDIUM] CVE-2016-1955: firefox - Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Po... Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2016-5291 [MEDIUM] CVE-2016-5291: firefox - A same-origin policy bypass with local shortcut files to load arbitrary local co... A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. Scope: local sid: resolved (fixed in 50.0-1)

CVE-2016-5282 [MEDIUM] CVE-2016-5282: firefox - Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon req... Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon requests, which might allow remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by a jar: URL for a favicon resource. Scope: local sid: resolved (fixed in 49.0-1)

CVE-2016-2820 [MEDIUM] CVE-2016-2820: firefox - The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Fi... The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0 does not properly restrict the origin of events, which makes it easier for remote attackers to modify sharing preferences by leveraging access to the remote-report IFRAME element. Scope: local sid: resolved (fixed in 46.0-1)

CVE-2016-5271 [MEDIUM] CVE-2016-5271: firefox - The PropertyProvider::GetSpacingInternal function in Mozilla Firefox before 49.0... The PropertyProvider::GetSpacingInternal function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via text runs in conjunction with a "display: contents" Cascading Style Sheets (CSS) property. Scope: local sid: resolved (fixed in 49.0-1)

CVE-2016-1965 [MEDIUM] CVE-2016-1965: firefox - Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle a navigat... Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle a navigation sequence that returns to the original page, which allows remote attackers to spoof the address bar via vectors involving the history.back method and the location.protocol property. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2016-1967 [MEDIUM] CVE-2016-1967: firefox - Mozilla Firefox before 45.0 does not properly restrict the availability of IFRAM... Mozilla Firefox before 45.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls after restoring a browser session. NOTE: this vulnerability exists because

CVE-2016-2833 [MEDIUM] CVE-2016-2833: firefox - Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) directives for... Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) directives for cross-domain Java applets, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted applet. Scope: local sid: resolved (fixed in 47.0-1)

CVE-2016-2829 [MEDIUM] CVE-2016-2829: firefox - Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifica... Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a crafted web site that rapidly triggers permission requests, as demonstrated by the microphone permission or the geolocation permission. Scope: local sid: resolved (fixed in 47.0-1)

CVE-2016-1956 [MEDIUM] CVE-2016-1956: firefox - Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows... Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service (memory consumption or stack memory corruption) by triggering use of a WebGL shader. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2016-9067 [MEDIUM] CVE-2016-9067: firefox - Two use-after-free errors during DOM operations resulting in potentially exploit... Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50. Scope: local sid: resolved (fixed in 50.0-1)