| CVE-2016-5284 |
High |
Yes |
Certificate verification bypass |
Due to flaws in the process used to update "Preloaded Public Key Pinning", the pinning for add-on updates became ineffective in early September. An attacker... |
| CVE-2016-5283 |
High |
Yes |
Information disclosure |
A timing attack vulnerability was discovered using iframes to potentially reveal private cross-origin data using document resizes and link colors. |
| CVE-2016-5282 |
Medium |
Yes |
Access restriction bypass |
Favicons can be loaded through non-whitelisted protocols, such as jar. |
| CVE-2016-5281 |
High |
Yes |
Arbitrary code execution |
A use-after-free vulnerability has been discovered in the DOMSVGLength when manipulating SVG format content through a script. |
| CVE-2016-5280 |
High |
Yes |
Arbitrary code execution |
A use-after-free vulnerability has been discovered in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function when changing text direction. |
| CVE-2016-5279 |
Medium |
Yes |
Information disclosure |
The full path to local files is available to scripts when local files are drag and dropped into Firefox. |
| CVE-2016-5278 |
Critical |
Yes |
Arbitrary code execution |
A potentially exploitable crash caused by a heap based buffer overflow has been discovered in the nsBMPEncoder::AddImageFrame function while encoding image... |
| CVE-2016-5277 |
High |
Yes |
Arbitrary code execution |
A user-after-free vulnerability has been disconvered in the nsRefreshDriver::Tick function with web animations when destroying a timeline. |
| CVE-2016-5276 |
High |
Yes |
Arbitrary code execution |
A use-after-free vulnerability has been discovered in the mozilla::a11y::DocAccessible::ProcessInvalidationList function triggered by setting a aria-owns attribute. |
| CVE-2016-5275 |
Critical |
Yes |
Arbitrary code execution |
A buffer overflow vulnerability has been discovered in the mozilla::gfx::FilterSupport::ComputeSourceNeededRegions function when working with empty filters... |
| CVE-2016-5274 |
High |
Yes |
Arbitrary code execution |
A use-after-free vulnerability has been discovered in the nsFrameManager::CaptureFrameState function in web animations during restyling. |
| CVE-2016-5273 |
Critical |
Yes |
Arbitrary code execution |
A potentially exploitable crash in accessibility in the mozilla::a11y::HyperTextAccessible::GetChildOffset function. |
| CVE-2016-5272 |
Critical |
Yes |
Arbitrary code execution |
A bad cast when processing layout with input elements can result in a potentially exploitable crash. |
| CVE-2016-5271 |
Low |
Yes |
Information disclosure |
An out-of-bounds read during the processing of text runs in some pages using display:contents. |
| CVE-2016-5270 |
High |
Yes |
Arbitrary code execution |
An out-of-bounds write of a boolean value during text conversion with some unicode characters. |
| CVE-2016-5257 |
Critical |
Yes |
Arbitrary code execution |
Mozilla developers and community members Christoph Diehl, Andrew McCreight, Dan Minor, Byron Campen, Jon Coppeard, Steve Fink, Tyson Smith, Philipp, and... |
| CVE-2016-5256 |
Critical |
Yes |
Arbitrary code execution |
Mozilla developers Christoph Diehl, Christian Holler, Gary Kwong, Nathan Froyd, Honza Bambas, Seth Fowler, and Michael Smith reported memory safety bugs... |