AVG-249 log

Package firefox
Status Fixed
Severity Critical
Type multiple issues
Affected 52.0.2-1
Fixed 53.0-1
Current 124.0-1 [extra-testing]
123.0.1-1 [extra]
Ticket None
Created Thu Apr 20 08:05:13 2017
Issue Severity Remote Type Description
CVE-2017-5469 High Yes Arbitrary code execution
Several potential buffer overflows in generated code, due to the CVE-2016-6354 issue in Flex, have been fixed in Firefox 53.
CVE-2017-5468 Low Yes Denial of service
An issue with incorrect ownership model of privateBrowsing information exposed through developer tools has been found in Firefox < 53. This can result in a...
CVE-2017-5467 Medium Yes Denial of service
A potential memory corruption and crash has been found in Firefox < 53, when using Skia content when drawing content outside of the bounds of a clipping region.
CVE-2017-5466 Critical Yes Cross-site scripting
An origin confusion issue has been found in Firefox < 53. If a page is loaded from an original site through a hyperlink and contains a redirect to a...
CVE-2017-5465 High Yes Information disclosure
An out-of-bounds read has been found in Firefox < 53, while processing SVG content in ConvolvePixel. This results in a crash and also allows for otherwise...
CVE-2017-5464 High Yes Arbitrary code execution
A security issue has been found in Firefox < 53. During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with...
CVE-2017-5461 Critical Yes Arbitrary code execution
An out-of-bounds write during Base64 decoding operation has been found in the Network Security Services (NSS) library due to insufficient memory being...
CVE-2017-5460 High Yes Arbitrary code execution
A use-after-free vulnerability has been found in Firefox < 53. It's located in frame selection, triggered by a combination of malicious script content and...
CVE-2017-5459 Critical Yes Arbitrary code execution
A buffer overflow has been found in the WebGL part of Firefox < 53. It's triggerable by web content, resulting in a potentially exploitable crash.
CVE-2017-5458 Low No Cross-site scripting
An issue has been found in Firefox < 53. When a javascript: URL is drag and dropped by a user into the addressbar, the URL will be processed and executed....
CVE-2017-5456 High Yes Arbitrary filesystem access
A security issue has been found in Firefox < 53, allowing to bypass file system access protections in the sandbox using the file system request constructor...
CVE-2017-5455 High No Access restriction bypass
A security issue has been found in Firefox < 53. The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation...
CVE-2017-5454 High Yes Access restriction bypass
A security issue has been found in Firefox < 53, allowing to bypass file system access protections in the sandbox to use the file picker to access different...
CVE-2017-5453 Low Yes Content spoofing
A security issue has been found in Firefox < 53, allowing to inject static HTML into the RSS reader preview page due to a failure to escape characters sent...
CVE-2017-5451 Medium Yes Content spoofing
A security issue has been found in Firefox < 53, allowing to spoof the addressbar through the user interaction on the addressbar and the onblur event. The...
CVE-2017-5449 Medium Yes Arbitrary code execution
A possibly exploitable crash has been found in Firefox < 53, triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations.
CVE-2017-5448 High Yes Arbitrary code execution
A security issue has been found in Firefox < 53, an out-of-bounds write in ClearKeyDecryptor while decrypting some Clearkey-encrypted media content. The...
CVE-2017-5447 High Yes Arbitrary code execution
An out-of-bounds read has been found in Firefox < 53, during the processing of glyph widths while rendering text layout. This results in a potentially...
CVE-2017-5446 High Yes Arbitrary code execution
An out-of-bounds read has been found in Firefox < 53, when an HTTP/2 connection to a servers sends DATA frames with incorrect data content. This leads to a...
CVE-2017-5445 Medium Yes Information disclosure
A vulnerability has been found in Firefox < 53, while parsing application/http-index-format format content where uninitialized values are used to create an...
CVE-2017-5444 High Yes Information disclosure
A buffer overflow vulnerability has been found in Firefox < 53, while parsing application/http-index-format format content when the header contains...
CVE-2017-5443 High Yes Arbitrary code execution
An out-of-bounds write vulnerability has been found in Firefox < 53, while decoding improperly formed BinHex format archives.
CVE-2017-5442 High Yes Arbitrary code execution
A use-after-free vulnerability during changes in style when manipulating DOM elements has been found in Firefox < 53. This results in a potentially...
CVE-2017-5441 High Yes Arbitrary code execution
A use-after-free vulnerability when holding a selection during scroll events has been found in Firefox < 53. This results in a potentially exploitable crash.
CVE-2017-5440 High Yes Arbitrary code execution
A use-after-free vulnerability has been found in Firefox < 53, during XSLT processing due to a failure to propagate error conditions during matching while...
CVE-2017-5439 High Yes Arbitrary code execution
A use-after-free vulnerability has been found in Firefox < 53, during XSLT processing due to poor handling of template parameters. This results in a...
CVE-2017-5438 Medium Yes Arbitrary code execution
A use-after-free vulnerability has been found in Firefox < 53, during XSLT processing due to the result handler being held by a freed handler during...
CVE-2017-5437 High Yes Denial of service
Three vulnerabilities were reported in the Libevent library that allow for out-of-bounds reads and denial of service (DoS) attacks: CVE-2016-10195,...
CVE-2017-5436 Critical Yes Arbitrary code execution
An out-of-bounds write has been found in the Graphite 2 library, triggered with a maliciously crafted Graphite font. This results in a potentially...
CVE-2017-5435 Critical Yes Arbitrary code execution
A use-after-free vulnerability has been found in Firefox < 53. It occurs during transaction processing in the editor during design mode interactions and...
CVE-2017-5434 High Yes Arbitrary code execution
A use-after-free vulnerability has been found in Firefox < 53. It occurs when redirecting focus handling and results in a potentially exploitable crash.
CVE-2017-5433 Critical Yes Arbitrary code execution
A use-after-free vulnerability has been found in Firefox < 53, It occurs in SMIL animation functions when pointers to animation elements in an array are...
CVE-2017-5432 High Yes Arbitrary code execution
A use-after-free vulnerability has been found in Firefox < 53. It occurs during certain text input selection and results in a potentially exploitable crash.
CVE-2017-5430 Critical Yes Arbitrary code execution
Mozilla developers and community members Christian Holler, Jon Coppeard, Milan Sreckovic, Tyson Smith, Ronald Crane, Randell Jesup, Philipp, Tooru Fujisawa,...
CVE-2017-5429 Critical Yes Arbitrary code execution
Mozilla developers and community members Christian Holler, Jon Coppeard, Marcia Knous, David Baron, Mats Palmgren, Ronald Crane, Bob Clary, and Chris...
Date Advisory Package Type
21 Apr 2017 ASA-201704-6 firefox multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/