AVG-1071 log

Package firefox
Status Fixed
Severity Critical
Type multiple issues
Affected 70.0.1-3
Fixed 71.0-1
Current 133.0.3-2 [extra]
Ticket None
Created Tue Dec 3 19:34:26 2019
Issue Severity Remote Type Description
CVE-2019-17014 Medium Yes Information disclosure
An information disclosure issue has been found in Firefox before 71.0 where, if an image had not loaded correctly (such as when it is not actually an...
CVE-2019-17013 Critical Yes Arbitrary code execution
Several memory safety bugs have been found in Firefox before 71.0. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with...
CVE-2019-17012 Critical Yes Arbitrary code execution
Several memory safety bugs have been found in Firefox before 71.0 and Thunderbird before 68.3. Some of these bugs showed evidence of memory corruption and...
CVE-2019-17011 High Yes Arbitrary code execution
A use-after-free vulnerability has been found in Firefox before 71.0 and Thunderbird before 68.3. Under certain conditions, when retrieving a document from...
CVE-2019-17010 High Yes Arbitrary code execution
A use-after-free vulnerability has been found in Firefox before 71.0 and Thunderbird before 68.3. Under certain conditions, when checking the Resist...
CVE-2019-17009 Medium No Privilege escalation
A privilege escalation vulnerability has been found in Firefox before 71.0. When running, the updater service wrote status and log files to an unrestricted...
CVE-2019-17008 Critical Yes Arbitrary code execution
A use-after-free vulnerability has been found in Firefox before 71.0 and Thunderbird before 68.3. When using nested workers, a use-after- free could occur...
CVE-2019-17005 High Yes Arbitrary code execution
An out-of-bounds write vulnerability has been found in Firefox before 71.0 and Thunderbird before 68.3 where the plain text serializer used a fixed-size...
CVE-2019-11756 High Yes Denial of service
A use-after-free vulnerability has been found in Firefox before 71.0 where improper reference counting of soft token session objects could cause a...
CVE-2019-11745 Critical Yes Arbitrary code execution
An out-of-bounds write vulnerability has been found in the NSS component of Firefox before 71.0 and Thunderbird before 68.3. When encrypting with a block...
Date Advisory Package Type
03 Dec 2019 ASA-201912-1 firefox multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/