Debian Firefox vulnerabilities

CVE-2016-5268 [MEDIUM] CVE-2016-5268: firefox - Mozilla Firefox before 48.0 does not properly set the LINKABLE and URI_SAFE_FOR_... Mozilla Firefox before 48.0 does not properly set the LINKABLE and URI_SAFE_FOR_UNTRUSTED_CONTENT flags of about: URLs that are used for error pages, which makes it easier for remote attackers to conduct spoofing attacks via a crafted URL, as demonstrated by misleading text after an about:neterror?d= substring. Scope: local sid: resolved (fixed in 48.0-1)

CVE-2016-1958 [MEDIUM] CVE-2016-1958: firefox - browser/base/content/browser.js in Mozilla Firefox before 45.0 and Firefox ESR 3... browser/base/content/browser.js in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to spoof the address bar via a javascript: URL. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2016-2830 [MEDIUM] CVE-2016-2830: firefox - Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the networ... Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses. Scope: local sid: resolved (fixed in 48.0-1)

CVE-2016-9071 [MEDIUM] CVE-2016-9071: firefox - Content Security Policy combined with HTTP to HTTPS redirection can be used by m... Content Security Policy combined with HTTP to HTTPS redirection can be used by malicious server to verify whether a known site is within a user's browser history. This vulnerability affects Firefox < 50. Scope: local sid: resolved (fixed in 50.0-1)

CVE-2016-5299 [HIGH] CVE-2016-5299: firefox - A previously installed malicious Android application with same signature-level p... A previously installed malicious Android application with same signature-level permissions as Firefox can intercept AuthTokens meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50. Scope: local sid: resolved

CVE-2016-5267 [MEDIUM] CVE-2016-5267: firefox - Mozilla Firefox before 48.0 on Android allows remote attackers to spoof the addr... Mozilla Firefox before 48.0 on Android allows remote attackers to spoof the address bar via left-to-right characters in conjunction with a right-to-left character set. Scope: local sid: resolved

CVE-2016-9061 [HIGH] CVE-2016-9061: firefox - A previously installed malicious Android application which defines a specific si... A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50. Scope: local sid: resolved

CVE-2016-5294 [MEDIUM] CVE-2016-5294: firefox - The Mozilla Updater can be made to choose an arbitrary target working directory ... The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. Scope: local sid: resolved

CVE-2016-9065 [HIGH] CVE-2016-9065: firefox - The location bar in Firefox for Android can be spoofed by forcing a user into fu... The location bar in Firefox for Android can be spoofed by forcing a user into fullscreen mode, blocking its exiting, and creating of a fake location bar without any user notification. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50. Scope: local sid: resolved

CVE-2016-2826 [HIGH] CVE-2016-2826: firefox - The maintenance service in Mozilla Firefox before 47.0 and Firefox ESR 45.x befo... The maintenance service in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows does not prevent MAR extracted-file modification during updater execution, which might allow local users to gain privileges via a Trojan horse file. Scope: local sid: resolved

CVE-2016-9905 [HIGH] CVE-2016-9905: firefox - A potentially exploitable crash in "EnumerateSubDocuments" while adding or remov... A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR < 45.6 and Thunderbird < 45.6. Scope: local sid: resolved

CVE-2016-2824 [HIGH] CVE-2016-2824: firefox - The TSymbolTableLevel class in ANGLE, as used in Mozilla Firefox before 47.0 and... The TSymbolTableLevel class in ANGLE, as used in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows, allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact by triggering use of a WebGL shader that writes to an array. Scope: local sid: resolved

CVE-2016-9062 [LOW] CVE-2016-9062: firefox - Private browsing mode leaves metadata information, such as URLs, for sites visit... Private browsing mode leaves metadata information, such as URLs, for sites visited in "browser.db" and "browser.db-wal" files within the Firefox profile after the mode is exited. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50. Scope: local sid: resolved

CVE-2016-5295 [HIGH] CVE-2016-5295: firefox - This vulnerability allows an attacker to use the Mozilla Maintenance Service to ... This vulnerability allows an attacker to use the Mozilla Maintenance Service to escalate privilege by having the Maintenance Service invoke the Mozilla Updater to run malicious local files. This vulnerability requires local system access and is a variant of MFSA2013-44. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox < 50. S

CVE-2016-2809 [MEDIUM] CVE-2016-2809: firefox - The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 on Window... The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 on Windows allows user-assisted remote attackers to delete arbitrary files by leveraging certain local file execution. Scope: local sid: resolved

CVE-2016-9072 [HIGH] CVE-2016-9072: firefox - When a new Firefox profile is created on 64-bit Windows installations, the sandb... When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. Note: This issue only affects 64-bit Windows. 32-bit Windows and other operating systems are unaffected. This vulnerability affects Firefox < 50. Scope: local sid: resolved

CVE-2016-5253 [MEDIUM] CVE-2016-5253: firefox - The Updater in Mozilla Firefox before 48.0 on Windows allows local users to writ... The Updater in Mozilla Firefox before 48.0 on Windows allows local users to write to arbitrary files via vectors involving the callback application-path parameter and a hard link. Scope: local sid: resolved

CVE-2016-2839 [MEDIUM] CVE-2016-2839: firefox - Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux make cairo... Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux make cairo _cairo_surface_get_extents calls that do not properly interact with libav header allocation in FFmpeg 0.10, which allows remote attackers to cause a denial of service (application crash) via a crafted video. Scope: local sid: resolved

CVE-2016-2810 [MEDIUM] CVE-2016-2810: firefox - Mozilla Firefox before 46.0 on Android before 5.0 allows attackers to bypass int... Mozilla Firefox before 46.0 on Android before 5.0 allows attackers to bypass intended Signature access requirements via a crafted application that leverages content-provider permissions, as demonstrated by reading the browser history or a saved password. Scope: local sid: resolved

CVE-2016-2813 [MEDIUM] CVE-2016-2813: firefox - Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript acc... Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780. Scope: local sid: resolved