| CVE-2017-5396 |
High |
Yes |
Arbitrary code execution |
A use-after-free vulnerability has been found in the Media Decoder of Firefox < 51 and Thunderbird < 45.7, when working with media files when some events... |
| CVE-2017-5390 |
High |
Yes |
Privilege escalation |
The JSON viewer in the Developer Tools in Firefox < 51 and Thunderbird < 45.7 uses insecure methods to create a communication channel for copying and... |
| CVE-2017-5383 |
Medium |
Yes |
Content spoofing |
URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display in Firefox < 51 and Thunderbird < 45.7,... |
| CVE-2017-5380 |
High |
Yes |
Arbitrary code execution |
A potential use-after-free vulnerability during DOM manipulation of SVG content has been in Firefox < 51 and Thunderbird < 45.7. |
| CVE-2017-5378 |
High |
Yes |
Information disclosure |
An information disclosure vulnerability has been found in Firefox < 51 and Thunderbird < 45.7, where hashed codes of JavaScript objects are shared between... |
| CVE-2017-5376 |
Critical |
Yes |
Arbitrary code execution |
A use-after-free vulnerability has been found in Firefox < 51 and Thunderbird < 45.7, while manipulating XSL in XSLT documents. |
| CVE-2017-5375 |
Critical |
Yes |
Arbitrary code execution |
JIT code allocation in Firefox < 51 and Thunderbird < 45.7 can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. |
| CVE-2017-5373 |
Critical |
Yes |
Arbitrary code execution |
Several memory safety bugs have been found in Firefox < 51 and Thunderbird < 47.5. Some of these bugs showed evidence of memory corruption and we presume... |