Mozilla Firefox Esr vulnerabilities

CVE-2016-9079 [HIGH] CWE-416 CVE-2016-9079: A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulner A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.

CVE-2017-7843 [HIGH] CWE-200 CVE-2017-7843: When Private Browsing mode is used, it is possible for a web worker to write persistent data to Inde When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode and this stored data will persist across multiple private browsing mode sessions because it is not cleared when exiting. This vulnerability affects Firefox E

CVE-2016-9897 [HIGH] CWE-119 CVE-2016-9897: Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

CVE-2017-5386 [HIGH] CVE-2017-5386: WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions usi WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensions. This vulnerability affects Firefox ESR < 45.7 and Firefox < 51.

CVE-2017-5444 [HIGH] CWE-119 CVE-2017-5444: A buffer overflow vulnerability while parsing "application/http-index-format" format content when th A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVE-2018-5130 [HIGH] CWE-20 CVE-2018-5130: When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstance When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstances a potentially exploitable crash is triggered. This vulnerability affects Firefox ESR < 52.7 and Firefox < 59.

CVE-2017-7752 [HIGH] CWE-416 CVE-2017-7752: A use-after-free vulnerability during specific user interactions with the input method editor (IME) A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVE-2017-7763 [MEDIUM] CWE-20 CVE-2017-7763: Default fonts on OS X display some Tibetan characters as whitespace. When used in the addressbar as Default fonts on OS X display some Tibetan characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVE-2017-7764 [MEDIUM] CWE-20 CVE-2017-7764: Characters from the "Canadian Syllabics" unicode block can be mixed with characters from other unico Characters from the "Canadian Syllabics" unicode block can be mixed with characters from other unicode blocks in the addressbar instead of being rendered as their raw "punycode" form, allowing for domain name spoofing attacks through character confusion. The current Unicode standard allows characters from "Aspirational Use Scripts" such as Canadian Syl

CVE-2017-7791 [MEDIUM] CWE-20 CVE-2017-7791: On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will re On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVE-2017-5409 [MEDIUM] CWE-269 CVE-2017-5409: The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file by passing a special path to the callback parameter through the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerabil

CVE-2017-5408 [MEDIUM] CWE-200 CVE-2017-5408: Video files loaded video captions cross-origin without checking for the presence of CORS headers per Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.

CVE-2018-5131 [MEDIUM] CWE-200 CVE-2018-5131: Under certain circumstances the "fetch()" API can return transient local copies of resources that we Under certain circumstances the "fetch()" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessible to users if they share a common profile while brows

CVE-2017-7768 [MEDIUM] CWE-200 CVE-2017-7768: The Mozilla Maintenance Service can be invoked by an unprivileged user to read 32 bytes of any arbit The Mozilla Maintenance Service can be invoked by an unprivileged user to read 32 bytes of any arbitrary file on the local system by convincing the service that it is reading a status file provided by the Mozilla Windows Updater. The Mozilla Maintenance Service executes with privileged access, bypassing system protections against unprivileged users. N

CVE-2017-5383 [MEDIUM] CWE-20 CVE-2017-5383: URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger pu URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVE-2016-9074 [MEDIUM] CWE-200 CVE-2016-9074: An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This is An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

CVE-2016-9064 [MEDIUM] CWE-295 CVE-2016-9064: Add-on updates failed to verify that the add-on ID inside the signed package matched the ID of the a Add-on updates failed to verify that the add-on ID inside the signed package matched the ID of the add-on being updated. An attacker who could perform a man-in-the-middle attack on the user's connection to the update server and defeat the certificate pinning protection could provide a malicious signed add-on instead of a valid update. This vulnerabili

CVE-2016-5294 [MEDIUM] CWE-20 CVE-2016-5294: The Mozilla Updater can be made to choose an arbitrary target working directory for output files res The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

CVE-2016-5293 [MEDIUM] CWE-20 CVE-2016-5293: When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hard When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox ESR < 45.5 and Firefox < 50.

CVE-2017-5462 [MEDIUM] CWE-682 CVE-2017-5462: A flaw in DRBG number generation within the Network Security Services (NSS) library where the intern A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Fir