Mozilla Firefox Esr vulnerabilities

CVE-2018-12383 [MEDIUM] CWE-522 CVE-2018-12383: If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted cop If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Firefox 58. The new master password is added only on the new file. This could allow the expos

CVE-2018-12367 [MEDIUM] CWE-20 CVE-2018-12367: In the previous mitigations for Spectre, the resolution or precision of various methods was reduced In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. In that work PerformanceNavigationTiming was not adjusted but it was found that it could be used as a precision timer. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Fire

CVE-2018-12366 [MEDIUM] CWE-125 CVE-2018-12366: An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds rea An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

CVE-2018-12381 [MEDIUM] CWE-610 CVE-2018-12381: Manually dragging and dropping an Outlook email message into the browser will trigger a page navigat Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. *Note: this issue only affects Windows operating systems with Outlook installed. Other operating systems are not affected.*. This vulnerability affects Firefox ESR < 60.2 and Fi

CVE-2018-12365 [MEDIUM] CWE-200 CVE-2018-12365: A compromised IPC child process can escape the content sandbox and list the names of arbitrary files A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

CVE-2017-7786 [CRITICAL] CWE-119 CVE-2017-7786: A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVE-2017-5396 [CRITICAL] CWE-416 CVE-2017-5396: A use-after-free vulnerability in the Media Decoder when working with media files when some events a A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVE-2017-5442 [CRITICAL] CWE-416 CVE-2017-5442: A use-after-free vulnerability during changes in style when manipulating DOM elements. This results A use-after-free vulnerability during changes in style when manipulating DOM elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVE-2016-9901 [CRITICAL] CWE-20 CVE-2016-9901: HTML tags received from the Pocket server will be processed without sanitization and any JavaScript HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the "about:pocket-saved" (unprivileged) page, giving it access to Pocket's messaging API through HTML injection. This vulnerability affects Firefox ESR < 45.6 and Firefox < 50.1.

CVE-2016-5297 [CRITICAL] CWE-190 CVE-2016-5297: An error in argument length checking in JavaScript, leading to potential integer overflows or other An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

CVE-2017-7828 [CRITICAL] CWE-416 CVE-2017-7828: A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use. This results in a potentially exploitable crash during these operations. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5.

CVE-2017-7818 [CRITICAL] CWE-416 CVE-2017-7818: A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applic A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers through the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

CVE-2018-5150 [CRITICAL] CWE-119 CVE-2018-5150: Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of thes Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8

CVE-2017-5433 [CRITICAL] CWE-416 CVE-2017-5433: A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation element A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVE-2017-5432 [CRITICAL] CWE-416 CVE-2017-5432: A use-after-free vulnerability occurs during certain text input selection resulting in a potentially A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVE-2017-7758 [CRITICAL] CWE-125 CVE-2017-7758: An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio st An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVE-2017-7785 [CRITICAL] CWE-119 CVE-2017-7785: A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attribute A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVE-2018-5154 [CRITICAL] CWE-416 CVE-2018-5154: A use-after-free vulnerability can occur while enumerating attributes during SVG animations with cli A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.

CVE-2017-5428 [CRITICAL] CWE-190 CVE-2017-5428: An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for t An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Fir

CVE-2018-5097 [CRITICAL] CWE-416 CVE-2018-5097: A use-after-free vulnerability can occur during XSL transformations when the source document for the A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.