Mozilla Firefox Esr vulnerabilities

CVE-2017-5438 [CRITICAL] CWE-416 CVE-2017-5438: A use-after-free vulnerability during XSLT processing due to the result handler being held by a free A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVE-2018-5102 [CRITICAL] CWE-416 CVE-2018-5102: A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, r A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.

CVE-2017-7749 [CRITICAL] CWE-416 CVE-2017-7749: A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVE-2017-5429 [CRITICAL] CWE-119 CVE-2017-5429: Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Firefox ESR 52, and Thunderbird 52 Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Fi

CVE-2017-7757 [CRITICAL] CWE-416 CVE-2017-7757: A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a m A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVE-2018-5158 [HIGH] CWE-94 CVE-2018-5158: The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious Ja The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.

CVE-2017-7765 [HIGH] CWE-20 CVE-2017-7765: The "Mark of the Web" was not correctly saved on Windows when files with very long names were downlo The "Mark of the Web" was not correctly saved on Windows when files with very long names were downloaded from the Internet. Without the Mark of the Web data, the security warning that Windows displays before running executables downloaded from the Internet is not shown. Note: This attack only affects Windows operating systems. Other operating systems are

CVE-2017-5455 [HIGH] CVE-2017-5455: The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and esca The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. This vulnerability affects Firefox ESR < 52.1 and Firefox < 53.

CVE-2017-7803 [HIGH] CWE-269 CVE-2017-7803: When a page's content security policy (CSP) header contains a "sandbox" directive, other directives When a page's content security policy (CSP) header contains a "sandbox" directive, other directives are ignored. This results in the incorrect enforcement of CSP. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVE-2016-9902 [HIGH] CWE-346 CVE-2016-9902: The Pocket toolbar button, once activated, listens for events fired from it's own pages but does not The Pocket toolbar button, once activated, listens for events fired from it's own pages but does not verify the origin of incoming events. This allows content from other origins to fire events and inject content and commands into the Pocket context. Note: this issue does not affect users with e10s enabled. This vulnerability affects Firefox ESR < 45.6 a

CVE-2017-7845 [HIGH] CWE-119 CVE-2017-7845: A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graph A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaf

CVE-2017-7807 [HIGH] CWE-20 CVE-2017-7807: A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVE-2016-9900 [HIGH] CWE-254 CVE-2016-9900: External resources that should be blocked when loaded by SVG images can bypass security restrictions External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of "data:" URLs. This could allow for cross-domain data leakage. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

CVE-2017-7755 [HIGH] CWE-426 CVE-2017-7755: The Firefox installer on Windows can be made to load malicious DLL files stored in the same director The Firefox installer on Windows can be made to load malicious DLL files stored in the same directory as the installer when it is run. This allows privileged execution if the installer is run with elevated privileges. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54

CVE-2017-7760 [HIGH] CWE-417 CVE-2017-7760: The Mozilla Windows updater modifies some files to be updated by reading the original file and apply The Mozilla Windows updater modifies some files to be updated by reading the original file and applying changes to it. The location of the original file can be altered by a malicious user by passing a special path to the callback parameter through the Mozilla Maintenance Service, allowing the manipulation of files in the installation directory and privi

CVE-2017-7754 [HIGH] CWE-125 CVE-2017-7754: An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVE-2017-5467 [HIGH] CWE-119 CVE-2017-5467: A potential memory corruption and crash when using Skia content when drawing content outside of the A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.

CVE-2018-5129 [HIGH] CWE-787 CVE-2018-5129: A lack of parameter validation on IPC messages results in a potential out-of-bounds write through ma A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in the parent process. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59.

CVE-2018-5144 [HIGH] CWE-190 CVE-2018-5144: An integer overflow can occur during conversion of text to some Unicode character sets due to an unc An integer overflow can occur during conversion of text to some Unicode character sets due to an unchecked length parameter. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7.

CVE-2017-5436 [HIGH] CWE-787 CVE-2017-5436: An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.