Redhat Enterprise Linux vulnerabilities

CVE-2017-5404 [CRITICAL] CWE-416 CVE-2017-5404: A use-after-free error can occur when manipulating ranges in selections with one node inside a nativ A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.

CVE-2017-7753 [CRITICAL] CWE-125 CVE-2017-7753: An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, usi An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVE-2017-5376 [CRITICAL] CWE-416 CVE-2017-5376: Use-after-free while manipulating XSL in XSLT documents. This vulnerability affects Thunderbird < 45 Use-after-free while manipulating XSL in XSLT documents. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVE-2017-7801 [CRITICAL] CWE-416 CVE-2017-7801: A use-after-free vulnerability can occur while re-computing layout for a "marquee" element during wi A use-after-free vulnerability can occur while re-computing layout for a "marquee" element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVE-2018-5091 [CRITICAL] CWE-416 CVE-2018-5091: A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF ti A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.6 and Firefox < 58.

CVE-2017-5446 [CRITICAL] CWE-125 CVE-2017-5446: An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVE-2017-7809 [CRITICAL] CWE-416 CVE-2017-7809: A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVE-2016-9898 [CRITICAL] CWE-416 CVE-2016-9898: Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Edit Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

CVE-2017-5440 [CRITICAL] CWE-416 CVE-2017-5440: A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 5

CVE-2017-5460 [CRITICAL] CWE-416 CVE-2017-5460: A use-after-free vulnerability in frame selection triggered by a combination of malicious script con A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVE-2017-5464 [CRITICAL] CWE-119 CVE-2017-5464: During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sy During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVE-2017-5380 [CRITICAL] CWE-416 CVE-2017-5380: A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulner A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVE-2017-5438 [CRITICAL] CWE-416 CVE-2017-5438: A use-after-free vulnerability during XSLT processing due to the result handler being held by a free A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVE-2017-7749 [CRITICAL] CWE-416 CVE-2017-7749: A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVE-2018-5184 [HIGH] CWE-326 CVE-2018-5184: Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerabili Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

CVE-2017-5455 [HIGH] CVE-2017-5455: The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and esca The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. This vulnerability affects Firefox ESR < 52.1 and Firefox < 53.

CVE-2017-7807 [HIGH] CWE-20 CVE-2017-7807: A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVE-2016-9900 [HIGH] CWE-254 CVE-2016-9900: External resources that should be blocked when loaded by SVG images can bypass security restrictions External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of "data:" URLs. This could allow for cross-domain data leakage. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

CVE-2017-7754 [HIGH] CWE-125 CVE-2017-7754: An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVE-2017-5436 [HIGH] CWE-787 CVE-2017-5436: An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.