FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
4a1ca8a4-bd82-11e2-b7a0-d43d7e0c7c02mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2013-41 Miscellaneous memory safety hazards (rv:21.0 / rv:17.0.6)

MFSA 2013-42 Privileged access for content level constructor

MFSA 2013-43 File input control has access to full path

MFSA 2013-44 Local privilege escalation through Mozilla Maintenance Service

MFSA 2013-45 Mozilla Updater fails to update some Windows Registry entries

MFSA 2013-46 Use-after-free with video and onresize event

MFSA 2013-47 Uninitialized functions in DOMSVGZoomEvent

MFSA 2013-48 Memory corruption found using Address Sanitizer


Discovery 2013-05-14
Entry 2013-05-15
Modified 2013-05-21
firefox
gt 18.0,1 lt 21.0,1

< 17.0.6,1

linux-firefox
< 17.0.6,1

linux-seamonkey
< 2.17.1

linux-thunderbird
< 17.0.6

seamonkey
< 2.17.1

thunderbird
gt 11.0 lt 17.0.6

CVE-2012-1942
CVE-2013-0801
CVE-2013-1669
CVE-2013-1670
CVE-2013-1671
CVE-2013-1672
CVE-2013-1674
CVE-2013-1675
CVE-2013-1676
CVE-2013-1677
CVE-2013-1678
CVE-2013-1679
CVE-2013-1680
CVE-2013-1681
http://www.mozilla.org/security/announce/2013/mfsa2013-40.html
http://www.mozilla.org/security/announce/2013/mfsa2013-41.html
http://www.mozilla.org/security/announce/2013/mfsa2013-42.html
http://www.mozilla.org/security/announce/2013/mfsa2013-43.html
http://www.mozilla.org/security/announce/2013/mfsa2013-44.html
http://www.mozilla.org/security/announce/2013/mfsa2013-45.html
http://www.mozilla.org/security/announce/2013/mfsa2013-46.html
http://www.mozilla.org/security/announce/2013/mfsa2013-47.html
http://www.mozilla.org/security/announce/2013/mfsa2013-48.html
http://www.mozilla.org/security/known-vulnerabilities/
d23119df-335d-11e2-b64c-c8600054b392mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2012-91 Miscellaneous memory safety hazards (rv:17.0/ rv:10.0.11)

MFSA 2012-92 Buffer overflow while rendering GIF images

MFSA 2012-93 evalInSanbox location context incorrectly applied

MFSA 2012-94 Crash when combining SVG text on path with CSS

MFSA 2012-95 Javascript: URLs run in privileged context on New Tab page

MFSA 2012-96 Memory corruption in str_unescape

MFSA 2012-97 XMLHttpRequest inherits incorrect principal within sandbox

MFSA 2012-98 Firefox installer DLL hijacking

MFSA 2012-99 XrayWrappers exposes chrome-only properties when not in chrome compartment

MFSA 2012-100 Improper security filtering for cross-origin wrappers

MFSA 2012-101 Improper character decoding in HZ-GB-2312 charset

MFSA 2012-102 Script entered into Developer Toolbar runs with chrome privileges

MFSA 2012-103 Frames can shadow top.location

MFSA 2012-104 CSS and HTML injection through Style Inspector

MFSA 2012-105 Use-after-free and buffer overflow issues found

MFSA 2012-106 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer


Discovery 2012-11-20
Entry 2012-11-20
firefox
gt 11.0,1 lt 17.0,1

< 10.0.11,1

linux-firefox
< 10.0.11,1

linux-seamonkey
< 2.14

linux-thunderbird
< 10.0.11

seamonkey
< 2.14

thunderbird
gt 11.0 lt 17.0

< 10.0.11

libxul
gt 1.9.2.* lt 10.0.11

CVE-2012-4201
CVE-2012-4202
CVE-2012-4203
CVE-2012-4204
CVE-2012-4205
CVE-2012-4206
CVE-2012-4207
CVE-2012-4208
CVE-2012-4209
CVE-2012-4210
CVE-2012-4212
CVE-2012-4213
CVE-2012-4214
CVE-2012-4215
CVE-2012-4216
CVE-2012-4217
CVE-2012-4218
CVE-2012-5829
CVE-2012-5830
CVE-2012-5833
CVE-2012-5835
CVE-2012-5836
CVE-2012-5837
CVE-2012-5838
CVE-2012-5839
CVE-2012-5840
CVE-2012-5841
CVE-2012-5842
CVE-2012-5843
http://www.mozilla.org/security/announce/2012/mfsa2012-90.html
http://www.mozilla.org/security/announce/2012/mfsa2012-91.html
http://www.mozilla.org/security/announce/2012/mfsa2012-92.html
http://www.mozilla.org/security/announce/2012/mfsa2012-93.html
http://www.mozilla.org/security/announce/2012/mfsa2012-94.html
http://www.mozilla.org/security/announce/2012/mfsa2012-95.html
http://www.mozilla.org/security/announce/2012/mfsa2012-96.html
http://www.mozilla.org/security/announce/2012/mfsa2012-97.html
http://www.mozilla.org/security/announce/2012/mfsa2012-98.html
http://www.mozilla.org/security/announce/2012/mfsa2012-99.html
http://www.mozilla.org/security/announce/2012/mfsa2012-100.html
http://www.mozilla.org/security/announce/2012/mfsa2012-101.html
http://www.mozilla.org/security/announce/2012/mfsa2012-102.html
http://www.mozilla.org/security/announce/2012/mfsa2012-103.html
http://www.mozilla.org/security/announce/2012/mfsa2012-104.html
http://www.mozilla.org/security/announce/2012/mfsa2012-105.html
http://www.mozilla.org/security/announce/2012/mfsa2012-106.html
http://www.mozilla.org/security/known-vulnerabilities/
94976433-9c74-11e2-a9fc-d43d7e0c7c02mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2013-30 Miscellaneous memory safety hazards (rv:20.0 / rv:17.0.5)

MFSA 2013-31 Out-of-bounds write in Cairo library

MFSA 2013-32 Privilege escalation through Mozilla Maintenance Service

MFSA 2013-33 World read and write access to app_tmp directory on Android

MFSA 2013-34 Privilege escalation through Mozilla Updater

MFSA 2013-35 WebGL crash with Mesa graphics driver on Linux

MFSA 2013-36 Bypass of SOW protections allows cloning of protected nodes

MFSA 2013-37 Bypass of tab-modal dialog origin disclosure

MFSA 2013-38 Cross-site scripting (XSS) using timed history navigations

MFSA 2013-39 Memory corruption while rendering grayscale PNG images

MFSA 2013-40 Out-of-bounds array read in CERT_DecodeCertPackage


Discovery 2013-04-02
Entry 2013-04-03
Modified 2013-04-08
firefox
gt 18.0,1 lt 20.0,1

< 17.0.5,1

linux-firefox
< 17.0.5,1

linux-seamonkey
< 2.17

linux-thunderbird
< 17.0.5

seamonkey
< 2.17

thunderbird
gt 11.0 lt 17.0.5

CVE-2013-0788
CVE-2013-0789
CVE-2013-0790
CVE-2013-0791
CVE-2013-0792
CVE-2013-0793
CVE-2013-0794
CVE-2013-0795
CVE-2013-0796
CVE-2013-0797
CVE-2013-0798
CVE-2013-0799
CVE-2013-0800
http://www.mozilla.org/security/announce/2013/mfsa2013-30.html
http://www.mozilla.org/security/announce/2013/mfsa2013-31.html
http://www.mozilla.org/security/announce/2013/mfsa2013-32.html
http://www.mozilla.org/security/announce/2013/mfsa2013-33.html
http://www.mozilla.org/security/announce/2013/mfsa2013-34.html
http://www.mozilla.org/security/announce/2013/mfsa2013-35.html
http://www.mozilla.org/security/announce/2013/mfsa2013-36.html
http://www.mozilla.org/security/announce/2013/mfsa2013-37.html
http://www.mozilla.org/security/announce/2013/mfsa2013-38.html
http://www.mozilla.org/security/announce/2013/mfsa2013-39.html
http://www.mozilla.org/security/announce/2013/mfsa2013-40.html
http://www.mozilla.org/security/known-vulnerabilities/
7943794f-707f-4e31-9fea-3bbf1ddcedc1mozilla -- multiple vulnerabilities

The Mozilla Foundation reports:

CVE-2018-5146: Out of bounds memory write in libvorbis

An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest.

CVE-2018-5147: Out of bounds memory write in libtremor

The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms.


Discovery 2018-03-16
Entry 2018-03-16
Modified 2018-03-31
libvorbis
< 1.3.6,3

libtremor
< 1.2.1.s20180316

firefox
< 59.0.1,1

waterfox
< 56.0.4.36_3

seamonkey
linux-seamonkey
< 2.49.3

firefox-esr
< 52.7.2,1

linux-firefox
< 52.7.2,2

libxul
< 52.7.3

thunderbird
linux-thunderbird
< 52.7.0

CVE-2018-5146
CVE-2018-5147
https://www.mozilla.org/security/advisories/mfsa2018-08/
https://www.mozilla.org/security/advisories/mfsa2018-09/
42c98cef-62b1-4b8b-9065-f4621e08d526libvpx -- out-of-bounds write

The Mozilla Project reports:

Using the Address Sanitizer tool, security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team found an out-of-bounds write when buffering WebM format video containing frames with invalid tile sizes. This can lead to a potentially exploitable crash during WebM video playback.


Discovery 2014-10-14
Entry 2015-08-12
libvpx
< 1.4.0

firefox
< 33.0,1

firefox-esr
< 31.1.2,1

linux-firefox
< 33.0,1

linux-seamonkey
< 2.30

linux-thunderbird
< 31.1.2

seamonkey
< 2.30

thunderbird
< 31.1.2

libxul
< 31.1.2

CVE-2014-1578
https://www.mozilla.org/security/advisories/mfsa2014-77/
https://hg.mozilla.org/releases/mozilla-esr31/rev/6023f0b4f8ba
34e60332-2448-4ed6-93f0-12713749f250libvpx -- multiple buffer overflows

The Mozilla Project reports:

Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover two buffer overflow issues in the Libvpx library used for WebM video when decoding a malformed WebM video file. These buffer overflows result in potentially exploitable crashes.


Discovery 2015-08-11
Entry 2015-08-11
Modified 2015-08-14
libvpx
< 1.4.0.488

firefox
< 40.0,1

linux-firefox
< 40.0,1

CVE-2015-4485
CVE-2015-4486
https://www.mozilla.org/security/advisories/mfsa2015-89/
7dfed67b-20aa-11e3-b8d8-0025905a4771mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9)

MFSA 2013-77 Improper state in HTML5 Tree Builder with templates

MFSA 2013-78 Integer overflow in ANGLE library

MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning

MFSA 2013-80 NativeKey continues handling key messages after widget is destroyed

MFSA 2013-81 Use-after-free with select element

MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption

MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification

MFSA 2013-84 Same-origin bypass through symbolic links

MFSA 2013-85 Uninitialized data in IonMonkey

MFSA 2013-86 WebGL Information disclosure through OS X NVIDIA graphic drivers

MFSA 2013-87 Shared object library loading from writable location

MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes

MFSA 2013-89 Buffer overflow with multi-column, lists, and floats

MFSA 2013-90 Memory corruption involving scrolling

MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object

MFSA 2013-92 GC hazard with default compartments and frame chain restoration


Discovery 2013-08-17
Entry 2013-08-18
Modified 2013-09-19
firefox
gt 18.0,1 lt 24.0,1

< 17.0.9,1

linux-firefox
< 17.0.9,1

linux-seamonkey
< 2.21

linux-thunderbird
< 17.0.9

seamonkey
< 2.21

thunderbird
< 24.0

CVE-2013-1722
CVE-2013-1718
CVE-2013-1719
CVE-2013-1720
CVE-2013-1721
CVE-2013-1723
CVE-2013-1724
CVE-2013-1725
CVE-2013-1726
CVE-2013-1727
CVE-2013-1728
CVE-2013-1729
CVE-2013-1730
CVE-2013-1731
CVE-2013-1732
CVE-2013-1735
CVE-2013-1736
CVE-2013-1737
CVE-2013-1738
https://www.mozilla.org/security/announce/2013/mfsa2013-76.html
https://www.mozilla.org/security/announce/2013/mfsa2013-77.html
https://www.mozilla.org/security/announce/2013/mfsa2013-78.html
https://www.mozilla.org/security/announce/2013/mfsa2013-79.html
https://www.mozilla.org/security/announce/2013/mfsa2013-80.html
https://www.mozilla.org/security/announce/2013/mfsa2013-81.html
https://www.mozilla.org/security/announce/2013/mfsa2013-82.html
https://www.mozilla.org/security/announce/2013/mfsa2013-83.html
https://www.mozilla.org/security/announce/2013/mfsa2013-84.html
https://www.mozilla.org/security/announce/2013/mfsa2013-85.html
https://www.mozilla.org/security/announce/2013/mfsa2013-86.html
https://www.mozilla.org/security/announce/2013/mfsa2013-87.html
https://www.mozilla.org/security/announce/2013/mfsa2013-88.html
https://www.mozilla.org/security/announce/2013/mfsa2013-89.html
https://www.mozilla.org/security/announce/2013/mfsa2013-90.html
https://www.mozilla.org/security/announce/2013/mfsa2013-91.html
https://www.mozilla.org/security/announce/2013/mfsa2013-92.html
http://www.mozilla.org/security/known-vulnerabilities/
7ae61870-9dd2-4884-a2f2-f19bb5784d09mozilla -- multiple vulnerabilities

The Mozilla Project reports:

ASN.1 DER decoding of lengths is too permissive, allowing undetected smuggling of arbitrary data

MFSA-2014-90 Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory

MFSA-2014-89 Bad casting from the BasicThebesLayer to BasicContainerLayer

MFSA-2014-88 Buffer overflow while parsing media content

MFSA-2014-87 Use-after-free during HTML5 parsing

MFSA-2014-86 CSP leaks redirect data via violation reports

MFSA-2014-85 XMLHttpRequest crashes with some input streams

MFSA-2014-84 XBL bindings accessible via improper CSS declarations

MFSA-2014-83 Miscellaneous memory safety hazards (rv:34.0 / rv:31.3)


Discovery 2014-12-01
Entry 2014-12-02
firefox
< 34.0,1

firefox-esr
< 31.3.0,1

linux-firefox
< 34.0,1

linux-seamonkey
< 2.31

linux-thunderbird
< 31.3.0

seamonkey
< 2.31

thunderbird
< 31.3.0

libxul
< 31.3.0

nss
< 3.17.3

CVE-2014-1587
CVE-2014-1588
CVE-2014-1589
CVE-2014-1590
CVE-2014-1591
CVE-2014-1592
CVE-2014-1593
CVE-2014-1594
CVE-2014-1595
CVE-2014-1569
https://www.mozilla.org/security/advisories/mfsa2014-83
https://www.mozilla.org/security/advisories/mfsa2014-84
https://www.mozilla.org/security/advisories/mfsa2014-85
https://www.mozilla.org/security/advisories/mfsa2014-86
https://www.mozilla.org/security/advisories/mfsa2014-87
https://www.mozilla.org/security/advisories/mfsa2014-88
https://www.mozilla.org/security/advisories/mfsa2014-89
https://www.mozilla.org/security/advisories/mfsa2014-90
https://www.mozilla.org/security/advisories/
512c0ffd-cd39-4da4-b2dc-81ff4ba8e238mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2016-9894: Buffer overflow in SkiaGL

CVE-2016-9899: Use-after-free while manipulating DOM events and audio elements

CVE-2016-9895: CSP bypass using marquee tag

CVE-2016-9896: Use-after-free with WebVR

CVE-2016-9897: Memory corruption in libGLES

CVE-2016-9898: Use-after-free in Editor while manipulating DOM subtrees

CVE-2016-9900: Restricted external resources can be loaded by SVG images through data URLs

CVE-2016-9904: Cross-origin information leak in shared atoms

CVE-2016-9901: Data from Pocket server improperly sanitized before execution

CVE-2016-9902: Pocket extension does not validate the origin of events

CVE-2016-9903: XSS injection vulnerability in add-ons SDK

CVE-2016-9080: Memory safety bugs fixed in Firefox 50.1

CVE-2016-9893: Memory safety bugs fixed in Firefox 50.1 and Firefox ESR 45.6


Discovery 2016-12-13
Entry 2016-12-14
firefox
< 50.1.0_1,1

seamonkey
linux-seamonkey
< 2.47

firefox-esr
< 45.6.0,1

linux-firefox
< 45.6.0,2

libxul
thunderbird
linux-thunderbird
< 45.6.0

CVE-2016-9894
CVE-2016-9899
CVE-2016-9895
CVE-2016-9896
CVE-2016-9897
CVE-2016-9898
CVE-2016-9900
CVE-2016-9904
CVE-2016-9901
CVE-2016-9902
CVE-2016-9903
CVE-2016-9080
CVE-2016-9893
https://www.mozilla.org/security/advisories/mfsa2016-94/
https://www.mozilla.org/security/advisories/mfsa2016-95/
4f00dac0-1e18-4481-95af-7aaad63fd303mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

MFSA 2016-01 Miscellaneous memory safety hazards (rv:44.0 / rv:38.6)

MFSA 2016-02 Out of Memory crash when parsing GIF format images

MFSA 2016-03 Buffer overflow in WebGL after out of memory allocation

MFSA 2016-04 Firefox allows for control characters to be set in cookie names

MFSA 2016-06 Missing delay following user click events in protocol handler dialog

MFSA 2016-09 Addressbar spoofing attacks

MFSA 2016-10 Unsafe memory manipulation found through code inspection

MFSA 2016-11 Application Reputation service disabled in Firefox 43


Discovery 2016-01-26
Entry 2016-02-01
Modified 2016-03-08
firefox
linux-firefox
< 44.0,1

seamonkey
linux-seamonkey
< 2.41

firefox-esr
< 38.6.0,1

libxul
thunderbird
linux-thunderbird
< 38.6.0

CVE-2015-7208
CVE-2016-1930
CVE-2016-1931
CVE-2016-1933
CVE-2016-1935
CVE-2016-1937
CVE-2016-1939
CVE-2016-1942
CVE-2016-1943
CVE-2016-1944
CVE-2016-1945
CVE-2016-1946
CVE-2016-1947
https://www.mozilla.org/security/advisories/mfsa2016-01/
https://www.mozilla.org/security/advisories/mfsa2016-02/
https://www.mozilla.org/security/advisories/mfsa2016-03/
https://www.mozilla.org/security/advisories/mfsa2016-04/
https://www.mozilla.org/security/advisories/mfsa2016-06/
https://www.mozilla.org/security/advisories/mfsa2016-09/
https://www.mozilla.org/security/advisories/mfsa2016-10/
https://www.mozilla.org/security/advisories/mfsa2016-11/
2b8cad90-f289-11e1-a215-14dae9ebcf89mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2012-57 Miscellaneous memory safety hazards (rv:15.0/ rv:10.0.7)

MFSA 2012-58 Use-after-free issues found using Address Sanitizer

MFSA 2012-59 Location object can be shadowed using Object.defineProperty

MFSA 2012-60 Escalation of privilege through about:newtab

MFSA 2012-61 Memory corruption with bitmap format images with negative height

MFSA 2012-62 WebGL use-after-free and memory corruption

MFSA 2012-63 SVG buffer overflow and use-after-free issues

MFSA 2012-64 Graphite 2 memory corruption

MFSA 2012-65 Out-of-bounds read in format-number in XSLT

MFSA 2012-66 HTTPMonitor extension allows for remote debugging without explicit activation

MFSA 2012-67 Installer will launch incorrect executable following new installation

MFSA 2012-68 DOMParser loads linked resources in extensions when parsing text/html

MFSA 2012-69 Incorrect site SSL certificate data display

MFSA 2012-70 Location object security checks bypassed by chrome code

MFSA 2012-71 Insecure use of __android_log_print

MFSA 2012-72 Web console eval capable of executing chrome-privileged code


Discovery 2012-08-28
Entry 2012-08-30
firefox
gt 11.0,1 lt 15.0,1

< 10.0.7,1

linux-firefox
< 10.0.7,1

linux-seamonkey
< 2.12

linux-thunderbird
< 10.0.7

seamonkey
< 2.12

thunderbird
gt 11.0 lt 15.0

< 10.0.7

libxul
gt 1.9.2.* lt 10.0.7

CVE-2012-1956
CVE-2012-1970
CVE-2012-1971
CVE-2012-1972
CVE-2012-1973
CVE-2012-1974
CVE-2012-1975
CVE-2012-1976
CVE-2012-3956
CVE-2012-3957
CVE-2012-3958
CVE-2012-3959
CVE-2012-3960
CVE-2012-3961
CVE-2012-3962
CVE-2012-3963
CVE-2012-3964
CVE-2012-3965
CVE-2012-3966
CVE-2012-3967
CVE-2012-3968
CVE-2012-3969
CVE-2012-3970
CVE-2012-3971
CVE-2012-3972
CVE-2012-3973
CVE-2012-3974
CVE-2012-3975
CVE-2012-3976
CVE-2012-3978
CVE-2012-3979
CVE-2012-3980
http://www.mozilla.org/security/known-vulnerabilities/
http://www.mozilla.org/security/announce/2012/mfsa2012-57.html
http://www.mozilla.org/security/announce/2012/mfsa2012-58.html
http://www.mozilla.org/security/announce/2012/mfsa2012-59.html
http://www.mozilla.org/security/announce/2012/mfsa2012-60.html
http://www.mozilla.org/security/announce/2012/mfsa2012-61.html
http://www.mozilla.org/security/announce/2012/mfsa2012-62.html
http://www.mozilla.org/security/announce/2012/mfsa2012-63.html
http://www.mozilla.org/security/announce/2012/mfsa2012-64.html
http://www.mozilla.org/security/announce/2012/mfsa2012-65.html
http://www.mozilla.org/security/announce/2012/mfsa2012-66.html
http://www.mozilla.org/security/announce/2012/mfsa2012-67.html
http://www.mozilla.org/security/announce/2012/mfsa2012-68.html
http://www.mozilla.org/security/announce/2012/mfsa2012-69.html
http://www.mozilla.org/security/announce/2012/mfsa2012-70.html
http://www.mozilla.org/security/announce/2012/mfsa2012-71.html
http://www.mozilla.org/security/announce/2012/mfsa2012-72.html
6e5a9afd-12d3-11e2-b47d-c8600054b392mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2012-74 Miscellaneous memory safety hazards (rv:16.0/ rv:10.0.8)

MFSA 2012-75 select element persistance allows for attacks

MFSA 2012-76 Continued access to initial origin after setting document.domain

MFSA 2012-77 Some DOMWindowUtils methods bypass security checks

MFSA 2012-78 Reader Mode pages have chrome privileges

MFSA 2012-79 DOS and crash with full screen and history navigation

MFSA 2012-80 Crash with invalid cast when using instanceof operator

MFSA 2012-81 GetProperty function can bypass security checks

MFSA 2012-82 top object and location property accessible by plugins

MFSA 2012-83 Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties

MFSA 2012-84 Spoofing and script injection through location.hash

MFSA 2012-85 Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer

MFSA 2012-86 Heap memory corruption issues found using Address Sanitizer

MFSA 2012-87 Use-after-free in the IME State Manager

MFSA 2012-88 Miscellaneous memory safety hazards (rv:16.0.1)

MFSA 2012-89 defaultValue security checks not applied


Discovery 2012-10-09
Entry 2012-10-10
Modified 2012-10-11
firefox
gt 11.0,1 lt 16.0.1,1

< 10.0.9,1

linux-firefox
< 10.0.9,1

linux-seamonkey
< 2.13.1

linux-thunderbird
< 10.0.9

seamonkey
< 2.13.1

thunderbird
gt 11.0 lt 16.0.1

< 10.0.9

libxul
gt 1.9.2.* lt 10.0.9

CVE-2012-3982
CVE-2012-3983
CVE-2012-3984
CVE-2012-3985
CVE-2012-3986
CVE-2012-3987
CVE-2012-3988
CVE-2012-3989
CVE-2012-3990
CVE-2012-3991
CVE-2012-3992
CVE-2012-3993
CVE-2012-3994
CVE-2012-3995
CVE-2012-4179
CVE-2012-4180
CVE-2012-4181
CVE-2012-4182
CVE-2012-4183
CVE-2012-4184
CVE-2012-4186
CVE-2012-4187
CVE-2012-4188
CVE-2012-4190
CVE-2012-4191
CVE-2012-4192
CVE-2012-4193
http://www.mozilla.org/security/known-vulnerabilities/
http://www.mozilla.org/security/announce/2012/mfsa2012-74.html
http://www.mozilla.org/security/announce/2012/mfsa2012-75.html
http://www.mozilla.org/security/announce/2012/mfsa2012-76.html
http://www.mozilla.org/security/announce/2012/mfsa2012-77.html
http://www.mozilla.org/security/announce/2012/mfsa2012-78.html
http://www.mozilla.org/security/announce/2012/mfsa2012-79.html
http://www.mozilla.org/security/announce/2012/mfsa2012-80.html
http://www.mozilla.org/security/announce/2012/mfsa2012-81.html
http://www.mozilla.org/security/announce/2012/mfsa2012-82.html
http://www.mozilla.org/security/announce/2012/mfsa2012-83.html
http://www.mozilla.org/security/announce/2012/mfsa2012-84.html
http://www.mozilla.org/security/announce/2012/mfsa2012-85.html
http://www.mozilla.org/security/announce/2012/mfsa2012-86.html
http://www.mozilla.org/security/announce/2012/mfsa2012-87.html
http://www.mozilla.org/security/announce/2012/mfsa2012-88.html
http://www.mozilla.org/security/announce/2012/mfsa2012-89.html
630c8c08-880f-11e2-807f-d43d7e0c7c02mozilla -- use-after-free in HTML Editor

The Mozilla Project reports:

MFSA 2013-29 Use-after-free in HTML Editor


Discovery 2013-03-07
Entry 2013-03-08
firefox
gt 18.0,1 lt 19.0.2,1

< 17.0.3,1

linux-firefox
< 17.0.4,1

linux-seamonkey
< 2.16.1

linux-thunderbird
< 17.0.4

seamonkey
< 2.16.1

thunderbird
gt 11.0 lt 17.0.4

< 10.0.12

CVE-2013-0787
http://www.mozilla.org/security/announce/2013/mfsa2013-29.html
http://www.mozilla.org/security/known-vulnerabilities/
c66a5632-708a-4727-8236-d65b2d5b2739mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2015-79 Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)

MFSA 2015-80 Out-of-bounds read with malformed MP3 file

MFSA 2015-81 Use-after-free in MediaStream playback

MFSA 2015-82 Redefinition of non-configurable JavaScript object properties

MFSA 2015-83 Overflow issues in libstagefright

MFSA 2015-84 Arbitrary file overwriting through Mozilla Maintenance Service with hard links

MFSA 2015-85 Out-of-bounds write with Updater and malicious MAR file

MFSA 2015-86 Feed protocol with POST bypasses mixed content protections

MFSA 2015-87 Crash when using shared memory in JavaScript

MFSA 2015-88 Heap overflow in gdk-pixbuf when scaling bitmap images

MFSA 2015-90 Vulnerabilities found through code inspection

MFSA 2015-91 Mozilla Content Security Policy allows for asterisk wildcards in violation of CSP specification

MFSA 2015-92 Use-after-free in XMLHttpRequest with shared workers


Discovery 2015-08-11
Entry 2015-08-11
Modified 2015-08-22
firefox
< 40.0,1

linux-firefox
< 40.0,1

seamonkey
ge 2.36 lt 2.37

< 2.35

linux-seamonkey
ge 2.36 lt 2.37

< 2.35

firefox-esr
< 38.2.0,1

libxul
< 38.2.0

thunderbird
< 38.2.0

linux-thunderbird
< 38.2.0

CVE-2015-4473
CVE-2015-4474
CVE-2015-4475
CVE-2015-4477
CVE-2015-4478
CVE-2015-4479
CVE-2015-4480
CVE-2015-4481
CVE-2015-4482
CVE-2015-4483
CVE-2015-4484
CVE-2015-4487
CVE-2015-4488
CVE-2015-4489
CVE-2015-4490
CVE-2015-4491
CVE-2015-4492
CVE-2015-4493
https://www.mozilla.org/security/advisories/mfsa2015-79/
https://www.mozilla.org/security/advisories/mfsa2015-80/
https://www.mozilla.org/security/advisories/mfsa2015-81/
https://www.mozilla.org/security/advisories/mfsa2015-82/
https://www.mozilla.org/security/advisories/mfsa2015-83/
https://www.mozilla.org/security/advisories/mfsa2015-84/
https://www.mozilla.org/security/advisories/mfsa2015-85/
https://www.mozilla.org/security/advisories/mfsa2015-86/
https://www.mozilla.org/security/advisories/mfsa2015-87/
https://www.mozilla.org/security/advisories/mfsa2015-88/
https://www.mozilla.org/security/advisories/mfsa2015-90/
https://www.mozilla.org/security/advisories/mfsa2015-91/
https://www.mozilla.org/security/advisories/mfsa2015-92/
81f866ad-41a4-11e3-a4af-0025905a4771mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2013-93 Miscellaneous memory safety hazards (rv:25.0 / rv:24.1 / rv:17.0.10)

MFSA 2013-94 Spoofing addressbar though SELECT element

MFSA 2013-95 Access violation with XSLT and uninitialized data

MFSA 2013-96 Improperly initialized memory and overflows in some JavaScript functions

MFSA 2013-97 Writing to cycle collected object during image decoding

MFSA 2013-98 Use-after-free when updating offline cache

MFSA 2013-99 Security bypass of PDF.js checks using iframes

MFSA 2013-100 Miscellaneous use-after-free issues found through ASAN fuzzing

MFSA 2013-101 Memory corruption in workers

MFSA 2013-102 Use-after-free in HTML document templates


Discovery 2013-10-29
Entry 2013-10-30
Modified 2013-10-31
firefox
< 24.1.0,1

linux-firefox
< 25.0,1

linux-seamonkey
< 2.22

linux-thunderbird
< 24.1.0

seamonkey
< 2.22

thunderbird
< 24.1.0

CVE-2013-1739
CVE-2013-5590
CVE-2013-5591
CVE-2013-5592
CVE-2013-5593
CVE-2013-5595
CVE-2013-5596
CVE-2013-5597
CVE-2013-5598
CVE-2013-5599
CVE-2013-5600
CVE-2013-5601
CVE-2013-5602
CVE-2013-5603
CVE-2013-5604
https://www.mozilla.org/security/announce/2013/mfsa2013-93.html
https://www.mozilla.org/security/announce/2013/mfsa2013-94.html
https://www.mozilla.org/security/announce/2013/mfsa2013-95.html
https://www.mozilla.org/security/announce/2013/mfsa2013-96.html
https://www.mozilla.org/security/announce/2013/mfsa2013-97.html
https://www.mozilla.org/security/announce/2013/mfsa2013-98.html
https://www.mozilla.org/security/announce/2013/mfsa2013-99.html
https://www.mozilla.org/security/announce/2013/mfsa2013-100.html
https://www.mozilla.org/security/announce/2013/mfsa2013-101.html
https://www.mozilla.org/security/announce/2013/mfsa2013-102.html
http://www.mozilla.org/security/known-vulnerabilities/
7c3a02b9-3273-4426-a0ba-f90fad2ff72emozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2018-12391: HTTP Live Stream audio data is accessible cross-origin

CVE-2018-12392: Crash with nested event loops

CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript

CVE-2018-12395: WebExtension bypass of domain restrictions through header rewriting

CVE-2018-12396: WebExtension content scripts can execute in disallowed contexts

CVE-2018-12397:

CVE-2018-12398: CSP bypass through stylesheet injection in resource URIs

CVE-2018-12399: Spoofing of protocol registration notification bar

CVE-2018-12400: Favicons are cached in private browsing mode on Firefox for Android

CVE-2018-12401: DOS attack through special resource URI parsing

CVE-2018-12402: SameSite cookies leak when pages are explicitly saved

CVE-2018-12403: Mixed content warning is not displayed when HTTPS page loads a favicon over HTTP

CVE-2018-12388: Memory safety bugs fixed in Firefox 63

CVE-2018-12390: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3


Discovery 2018-10-23
Entry 2018-10-23
Modified 2019-07-23
firefox
< 63.0_1,1

waterfox
< 56.2.5

seamonkey
linux-seamonkey
< 2.53.0

firefox-esr
< 60.3.0,1

linux-firefox
< 60.3.0,2

libxul
thunderbird
linux-thunderbird
< 60.3.0

CVE-2018-12388
CVE-2018-12390
CVE-2018-12391
CVE-2018-12392
CVE-2018-12393
CVE-2018-12395
CVE-2018-12396
CVE-2018-12397
CVE-2018-12398
CVE-2018-12399
CVE-2018-12400
CVE-2018-12401
CVE-2018-12402
CVE-2018-12403
https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/
https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/
bd62c640-9bb9-11e4-a5ad-000c297fb80fmozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA-2015-01 Miscellaneous memory safety hazards (rv:35.0 / rv:31.4)

MFSA-2015-02 Uninitialized memory use during bitmap rendering

MFSA-2015-03 sendBeacon requests lack an Origin header

MFSA-2015-04 Cookie injection through Proxy Authenticate responses

MFSA-2015-05 Read of uninitialized memory in Web Audio

MFSA-2015-06 Read-after-free in WebRTC

MFSA-2015-07 Gecko Media Plugin sandbox escape

MFSA-2015-08 Delegated OCSP responder certificates failure with id-pkix-ocsp-nocheck extension

MFSA-2015-09 XrayWrapper bypass through DOM objects


Discovery 2015-01-13
Entry 2015-01-14
firefox
< 35.0,1

firefox-esr
< 31.4.0,1

linux-firefox
< 35.0,1

linux-seamonkey
< 2.32

linux-thunderbird
< 31.4.0

seamonkey
< 2.32

thunderbird
< 31.4.0

libxul
< 31.4.0

CVE-2014-8634
CVE-2014-8635
CVE-2014-8637
CVE-2014-8638
CVE-2014-8639
CVE-2014-8640
CVE-2014-8641
CVE-2014-8642
CVE-2014-8643
CVE-2014-8636
https://www.mozilla.org/en-US/security/advisories/mfsa2015-01/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-02/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-03/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-04/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-05/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-06/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-07/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-08/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-09/
https://www.mozilla.org/security/advisories/
5e0a038a-ca30-416d-a2f5-38cbf5e7df33mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

Please reference CVE/URL list for details


Discovery 2017-04-19
Entry 2017-04-19
Modified 2017-09-19
firefox
< 53.0_2,1

seamonkey
linux-seamonkey
< 2.49.1

firefox-esr
ge 46.0,1 lt 52.1.0_2,1

< 45.9.0,1

linux-firefox
ge 46.0,2 lt 52.1.0,2

< 45.9.0,2

libxul
ge 46.0 lt 52.1.0

< 45.9.0

thunderbird
linux-thunderbird
ge 46.0 lt 52.1.0

< 45.9.0

CVE-2017-5433
CVE-2017-5435
CVE-2017-5436
CVE-2017-5461
CVE-2017-5459
CVE-2017-5466
CVE-2017-5434
CVE-2017-5432
CVE-2017-5460
CVE-2017-5438
CVE-2017-5439
CVE-2017-5440
CVE-2017-5441
CVE-2017-5442
CVE-2017-5464
CVE-2017-5443
CVE-2017-5444
CVE-2017-5446
CVE-2017-5447
CVE-2017-5465
CVE-2017-5448
CVE-2017-5437
CVE-2017-5454
CVE-2017-5455
CVE-2017-5456
CVE-2017-5469
CVE-2017-5445
CVE-2017-5449
CVE-2017-5450
CVE-2017-5451
CVE-2017-5462
CVE-2017-5463
CVE-2017-5467
CVE-2017-5452
CVE-2017-5453
CVE-2017-5458
CVE-2017-5468
CVE-2017-5430
CVE-2017-5429
https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/
https://www.mozilla.org/en-US/security/advisories/mfsa2017-11/
https://www.mozilla.org/en-US/security/advisories/mfsa2017-12/
0592f49f-b3b8-4260-b648-d1718762656cmozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2019-9811: Sandbox escape via installation of malicious language pack

CVE-2019-11711: Script injection within domain through inner window reuse

CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects

CVE-2019-11713: Use-after-free with HTTP/2 cached stream

CVE-2019-11714: NeckoChild can trigger crash when accessed off of main thread

CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a segmentation fault

CVE-2019-11715: HTML parsing error can contribute to content XSS

CVE-2019-11716: globalThis not enumerable until accessed

CVE-2019-11717: Caret character improperly escaped in origins

CVE-2019-11718: Activity Stream writes unsanitized content to innerHTML

CVE-2019-11719: Out-of-bounds read when importing curve25519 private key

CVE-2019-11720: Character encoding XSS vulnerability

CVE-2019-11721: Domain spoofing through unicode latin 'kra' character

CVE-2019-11730: Same-origin policy treats all files in a directory as having the same-origin

CVE-2019-11723: Cookie leakage during add-on fetching across private browsing boundaries

CVE-2019-11724: Retired site input.mozilla.org has remote troubleshooting permissions

CVE-2019-11725: Websocket resources bypass safebrowsing protections

CVE-2019-11727: PKCS#1 v1.5 signatures can be used for TLS 1.3

CVE-2019-11728: Port scanning through Alt-Svc header

CVE-2019-11710: Memory safety bugs fixed in Firefox 68

CVE-2019-11709: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8


Discovery 2019-07-09
Entry 2019-07-09
Modified 2019-07-23
firefox
< 68.0_4,1

waterfox
< 56.2.12

seamonkey
linux-seamonkey
< 2.53.0

firefox-esr
< 60.8.0,1

linux-firefox
< 60.8.0,2

libxul
thunderbird
linux-thunderbird
< 60.8.0

CVE-2019-11709
CVE-2019-11710
CVE-2019-11711
CVE-2019-11712
CVE-2019-11713
CVE-2019-11714
CVE-2019-11715
CVE-2019-11716
CVE-2019-11717
CVE-2019-11718
CVE-2019-11719
CVE-2019-11720
CVE-2019-11721
CVE-2019-11723
CVE-2019-11724
CVE-2019-11725
CVE-2019-11727
CVE-2019-11728
CVE-2019-11729
CVE-2019-11730
CVE-2019-9811
https://www.mozilla.org/security/advisories/mfsa2019-21/
https://www.mozilla.org/security/advisories/mfsa2019-22/
d10b49b2-8d02-49e8-afde-0844626317afmozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2018-12407: Buffer overflow with ANGLE library when using VertexBuffer11 module

CVE-2018-17466: Buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11

CVE-2018-18492: Use-after-free with select element

CVE-2018-18493: Buffer overflow in accelerated 2D canvas with Skia

CVE-2018-18494: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs

CVE-2018-18495: WebExtension content scripts can be loaded in about: pages

CVE-2018-18496: Embedded feed preview page can be abused for clickjacking

CVE-2018-18497: WebExtensions can load arbitrary URLs through pipe separators

CVE-2018-18498: Integer overflow when calculating buffer sizes for images

CVE-2018-12406: Memory safety bugs fixed in Firefox 64

CVE-2018-12405: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4


Discovery 2018-12-11
Entry 2018-12-11
Modified 2019-07-23
firefox
< 64.0_3,1

waterfox
< 56.2.6

seamonkey
linux-seamonkey
< 2.53.0

firefox-esr
< 60.4.0,1

linux-firefox
< 60.4.0,2

libxul
thunderbird
linux-thunderbird
< 60.4.0

CVE-2018-12405
CVE-2018-12406
CVE-2018-12407
CVE-2018-17466
CVE-2018-18492
CVE-2018-18493
CVE-2018-18494
CVE-2018-18495
CVE-2018-18496
CVE-2018-18497
CVE-2018-18498
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/
https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/
99029172-8253-407d-9d8b-2cfeab9abf81mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA-2015-11 Miscellaneous memory safety hazards (rv:36.0 / rv:31.5)

MFSA-2015-12 Invoking Mozilla updater will load locally stored DLL files

MFSA-2015-13 Appended period to hostnames can bypass HPKP and HSTS protections

MFSA-2015-14 Malicious WebGL content crash when writing strings

MFSA-2015-15 TLS TURN and STUN connections silently fail to simple TCP connections

MFSA-2015-16 Use-after-free in IndexedDB

MFSA-2015-17 Buffer overflow in libstagefright during MP4 video playback

MFSA-2015-18 Double-free when using non-default memory allocators with a zero-length XHR

MFSA-2015-19 Out-of-bounds read and write while rendering SVG content

MFSA-2015-20 Buffer overflow during CSS restyling

MFSA-2015-21 Buffer underflow during MP3 playback

MFSA-2015-22 Crash using DrawTarget in Cairo graphics library

MFSA-2015-23 Use-after-free in Developer Console date with OpenType Sanitiser

MFSA-2015-24 Reading of local files through manipulation of form autocomplete

MFSA-2015-25 Local files or privileged URLs in pages can be opened into new tabs

MFSA-2015-26 UI Tour whitelisted sites in background tab can spoof foreground tabs

MFSA-2015-27 Caja Compiler JavaScript sandbox bypass


Discovery 2015-02-24
Entry 2015-02-27
firefox
< 36.0,1

firefox-esr
< 31.5.0,1

linux-firefox
< 36.0,1

linux-seamonkey
< 2.33

linux-thunderbird
< 31.5.0

seamonkey
< 2.33

thunderbird
< 31.5.0

libxul
< 31.5.0

CVE-2015-0819
CVE-2015-0820
CVE-2015-0821
CVE-2015-0822
CVE-2015-0823
CVE-2015-0824
CVE-2015-0825
CVE-2015-0826
CVE-2015-0827
CVE-2015-0828
CVE-2015-0829
CVE-2015-0830
CVE-2015-0831
CVE-2015-0832
CVE-2015-0833
CVE-2015-0834
CVE-2015-0835
CVE-2015-0836
https://www.mozilla.org/security/advisories/mfsa2015-11/
https://www.mozilla.org/security/advisories/mfsa2015-12/
https://www.mozilla.org/security/advisories/mfsa2015-13/
https://www.mozilla.org/security/advisories/mfsa2015-14/
https://www.mozilla.org/security/advisories/mfsa2015-15/
https://www.mozilla.org/security/advisories/mfsa2015-16/
https://www.mozilla.org/security/advisories/mfsa2015-17/
https://www.mozilla.org/security/advisories/mfsa2015-18/
https://www.mozilla.org/security/advisories/mfsa2015-19/
https://www.mozilla.org/security/advisories/mfsa2015-20/
https://www.mozilla.org/security/advisories/mfsa2015-21/
https://www.mozilla.org/security/advisories/mfsa2015-22/
https://www.mozilla.org/security/advisories/mfsa2015-23/
https://www.mozilla.org/security/advisories/mfsa2015-24/
https://www.mozilla.org/security/advisories/mfsa2015-25/
https://www.mozilla.org/security/advisories/mfsa2015-26/
https://www.mozilla.org/security/advisories/mfsa2015-27/
https://www.mozilla.org/security/advisories/
cd81806c-26e7-4d4a-8425-02724a2f48afmozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2018-12359: Buffer overflow using computed size of canvas element

CVE-2018-12360: Use-after-free when using focus()

CVE-2018-12361: Integer overflow in SwizzleData

CVE-2018-12358: Same-origin bypass using service worker and redirection

CVE-2018-12362: Integer overflow in SSSE3 scaler

CVE-2018-5156: Media recorder segmentation fault when track type is changed during capture

CVE-2018-12363: Use-after-free when appending DOM nodes

CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins

CVE-2018-12365: Compromised IPC child process can list local filenames

CVE-2018-12371: Integer overflow in Skia library during edge builder allocation

CVE-2018-12366: Invalid data handling during QCMS transformations

CVE-2018-12367: Timing attack mitigation of PerformanceNavigationTiming

CVE-2018-12368: No warning when opening executable SettingContent-ms files

CVE-2018-12369: WebExtension security permission checks bypassed by embedded experiments

CVE-2018-12370: SameSite cookie protections bypassed when exiting Reader View

CVE-2018-5186: Memory safety bugs fixed in Firefox 61

CVE-2018-5187: Memory safety bugs fixed in Firefox 60 and Firefox ESR 60.1

CVE-2018-5188: Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9


Discovery 2018-06-26
Entry 2018-06-26
Modified 2018-07-07
firefox
< 61.0_1,1

waterfox
< 56.2.1.19_2

seamonkey
linux-seamonkey
< 2.49.4

firefox-esr
ge 60.0,1 lt 60.1.0_1,1

< 52.9.0_1,1

linux-firefox
< 52.9.0,2

libxul
thunderbird
linux-thunderbird
< 52.9.0

CVE-2018-12362
CVE-2018-5156
CVE-2018-5186
CVE-2018-5187
CVE-2018-5188
CVE-2018-12358
CVE-2018-12359
CVE-2018-12360
CVE-2018-12361
CVE-2018-12363
CVE-2018-12364
CVE-2018-12365
CVE-2018-12366
CVE-2018-12367
CVE-2018-12368
CVE-2018-12369
CVE-2018-12370
CVE-2018-12371
https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/
https://www.mozilla.org/en-US/security/advisories/mfsa2018-16/
https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/
23f59689-0152-42d3-9ade-1658d6380567mozilla -- use-after-free in compositor

The Mozilla Foundation reports:

CVE-2018-5148: Use-after-free in compositor

A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash.


Discovery 2018-03-26
Entry 2018-03-27
Modified 2018-03-31
firefox
< 59.0.2,1

waterfox
< 56.0.4.36_3

seamonkey
linux-seamonkey
< 2.49.3

firefox-esr
< 52.7.3,1

linux-firefox
< 52.7.3,2

libxul
< 52.7.3

linux-thunderbird
< 52.7.1

thunderbird
< 52.7.0_1

CVE-2018-5148
https://www.mozilla.org/security/advisories/mfsa2018-10/
2c57c47e-8bb3-4694-83c8-9fc3abad3964mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2016-2827 - Out-of-bounds read in mozilla::net::IsValidReferrerPolicy [low]

CVE-2016-5256 - Memory safety bugs fixed in Firefox 49 [critical]

CVE-2016-5257 - Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4 [critical]

CVE-2016-5270 - Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString [high]

CVE-2016-5271 - Out-of-bounds read in PropertyProvider::GetSpacingInternal [low]

CVE-2016-5272 - Bad cast in nsImageGeometryMixin [high]

CVE-2016-5273 - crash in mozilla::a11y::HyperTextAccessible::GetChildOffset [high]

CVE-2016-5274 - use-after-free in nsFrameManager::CaptureFrameState [high]

CVE-2016-5275 - global-buffer-overflow in mozilla::gfx::FilterSupport::ComputeSourceNeededRegions [critical]

CVE-2016-5276 - Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList [high]

CVE-2016-5277 - Heap-use-after-free in nsRefreshDriver::Tick [high]

CVE-2016-5278 - Heap-buffer-overflow in nsBMPEncoder::AddImageFrame [critical]

CVE-2016-5279 - Full local path of files is available to web pages after drag and drop [moderate]

CVE-2016-5280 - Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap [high]

CVE-2016-5281 - use-after-free in DOMSVGLength [high]

CVE-2016-5282 - Don't allow content to request favicons from non-whitelisted schemes [moderate]

CVE-2016-5283 -