Redhat Enterprise Linux Server Aus vulnerabilities

CVE-2018-5127 [HIGH] CWE-119 CVE-2018-5127: A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. This res A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59.

CVE-2018-5178 [HIGH] CWE-119 CVE-2018-5178: A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremel A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8.

CVE-2018-5146 [HIGH] CWE-787 CVE-2018-5146: An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own co An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.

CVE-2017-7798 [HIGH] CWE-94 CVE-2017-7798: The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR < 52.3 and Firefox < 55.

CVE-2017-7787 [HIGH] CWE-200 CVE-2017-7787: Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, a Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVE-2017-5448 [HIGH] CWE-787 CVE-2017-5448: An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content. The "ClearKeyDecryptor" code runs within the Gecko Media Plugin (GMP) sandbox. If a second mechanism is found to escape the sandbox, this vulnerability allows for the writing of arbitrary data within memory, resulting in a potentially exploitable crash.

CVE-2017-5378 [HIGH] CWE-200 CVE-2017-5378: Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because a Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an object's content using these hash codes. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVE-2017-5445 [HIGH] CWE-129 CVE-2017-5445: A vulnerability while parsing "application/http-index-format" format content where uninitialized val A vulnerability while parsing "application/http-index-format" format content where uninitialized values are used to create an array. This could allow the reading of uninitialized memory into the arrays affected. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVE-2016-9079 [HIGH] CWE-416 CVE-2016-9079: A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulner A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.

CVE-2017-7843 [HIGH] CWE-200 CVE-2017-7843: When Private Browsing mode is used, it is possible for a web worker to write persistent data to Inde When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode and this stored data will persist across multiple private browsing mode sessions because it is not cleared when exiting. This vulnerability affects Firefox E

CVE-2017-5386 [HIGH] CVE-2017-5386: WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions usi WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensions. This vulnerability affects Firefox ESR < 45.7 and Firefox < 51.

CVE-2017-5444 [HIGH] CWE-119 CVE-2017-5444: A buffer overflow vulnerability while parsing "application/http-index-format" format content when th A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVE-2018-5130 [HIGH] CWE-20 CVE-2018-5130: When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstance When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstances a potentially exploitable crash is triggered. This vulnerability affects Firefox ESR < 52.7 and Firefox < 59.

CVE-2018-5162 [HIGH] CWE-311 CVE-2018-5162: Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vu Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

CVE-2017-7752 [HIGH] CWE-416 CVE-2017-7752: A use-after-free vulnerability during specific user interactions with the input method editor (IME) A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVE-2017-7791 [MEDIUM] CWE-20 CVE-2017-7791: On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will re On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVE-2017-5408 [MEDIUM] CWE-200 CVE-2017-5408: Video files loaded video captions cross-origin without checking for the presence of CORS headers per Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.

CVE-2018-5131 [MEDIUM] CWE-200 CVE-2018-5131: Under certain circumstances the "fetch()" API can return transient local copies of resources that we Under certain circumstances the "fetch()" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessible to users if they share a common profile while brows

CVE-2018-5185 [MEDIUM] CWE-311 CVE-2018-5185: Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerabili Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

CVE-2017-5383 [MEDIUM] CWE-20 CVE-2017-5383: URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger pu URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.