AVG-494

Package firefox
Status Fixed
Severity Critical
Type multiple issues
Affected 56.0.2-1
Fixed 57.0-1
Current 65.0.2-1 [extra]
Ticket None
Created Wed Nov 15 22:40:03 2017
Issue Severity Remote Type Description
CVE-2017-7842 Low Yes Information disclosure
If a document’s Referrer Policy attribute is set to "no-referrer" sometimes two network requests are made for <link> elements instead of one in Firefox...
CVE-2017-7840 Low No Cross-site scripting
JavaScript can be injected into an exported bookmarks file by placing JavaScript code into user-supplied tags in saved bookmarks in Firefox before 57.0. If...
CVE-2017-7839 Low Yes Cross-site scripting
Control characters prepended before javascript: URLs pasted in the addressbar in Firefox before 57.0 can cause the leading characters to be ignored and the...
CVE-2017-7838 Low Yes Content spoofing
Punycode format text in Firefox before 57.0 will be displayed for entire qualified international domain names in some instances when a sub-domain triggers...
CVE-2017-7837 Medium Yes Same-origin policy bypass
SVG loaded through <img> tags in Firefox before 57.0 can use <meta> tags within the SVG data to set cookies for that page.
CVE-2017-7836 Medium No Privilege escalation
The "pingsender" executable used by the Firefox Health Report before 57.0 dynamically loads a system copy of libcurl, which an attacker could replace. This...
CVE-2017-7835 Medium Yes Access restriction bypass
Mixed content blocking of insecure (HTTP) sub-resources in a secure (HTTPS) document was not correctly applied for resources that redirect from HTTPS to...
CVE-2017-7834 Medium Yes Access restriction bypass
A data: URL loaded in a new tab of Firefox before 57.0 did not inherit the Content Security Policy (CSP) of the original page, allowing for bypasses of the...
CVE-2017-7833 Medium Yes Content spoofing
Some Arabic and Indic vowel marker characters can be combined with Latin characters in a domain name to eclipse the non-Latin character with some font sets...
CVE-2017-7832 Medium Yes Content spoofing
The combined, single character, version of the letter 'i' with any of the potential accents in unicode, such as acute or grave, can be spoofed in the...
CVE-2017-7831 Medium Yes Information disclosure
A vulnerability has been found in Firefox before 57.0  where the security wrapper does not deny access to some exposed properties using the deprecated...
CVE-2017-7830 High Yes Same-origin policy bypass
The Resource Timing API in Firefox before 57.0 and Thunderbird before 52.5 incorrectly revealed navigations in cross-origin iframes. This is a same-origin...
CVE-2017-7828 Critical Yes Arbitrary code execution
A use-after-free vulnerability can occur in Firefox before 57.0 and Thunderbird before 52.5 when flushing and resizing layout because the PressShell object...
CVE-2017-7827 Critical Yes Arbitrary code execution
Several memory safety bugs have been found in Firefox before 57.0. Some of these bugs showed evidence of memory corruption and with enough effort some of...
CVE-2017-7826 Critical Yes Arbitrary code execution
Several reported memory safety bugs have been found in Firefox before 57.0 and Thunderbird before 52.5. Some of these bugs showed evidence of memory...
Date Advisory Package Description
15 Nov 2017 ASA-201711-23 firefox multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/