AVG-693

Package firefox
Status Fixed
Severity Critical
Type multiple issues
Affected 59.0.2-3
Fixed 60.0-1
Current 68.0.2-1 [extra]
Ticket None
Created Sun May 13 20:50:46 2018
Issue Severity Remote Type Description
CVE-2018-5182 Low No Access restriction bypass
If a text string that happens to be a filename in the operating system's native format is dragged and dropped onto the address bar of Firefox before 60.0,...
CVE-2018-5181 Low No Access restriction bypass
If a URL using the file: protocol is dragged and dropped onto an open tab of Firefox before 60.0 that is running in a different child process the tab will...
CVE-2018-5180 Low Yes Arbitrary code execution
A use-after-free vulnerability can occur during WebGL operations in Firefox before 60.0. While this results in a potentially exploitable crash, the...
CVE-2018-5177 Medium Yes Denial of service
A vulnerability exists in the XSLT component of Firefox before 60.0, during number formatting where a negative buffer size may be allocated in some...
CVE-2018-5176 Medium Yes Information disclosure
The JSON Viewer in Firefox before 60.0 displays clickable hyperlinks for strings that are parseable as URLs, including javascript: links. If a JSON file...
CVE-2018-5175 Medium Yes Access restriction bypass
A mechanism to bypass Content Security Policy (CSP) protections on sites that have a script-src policy of 'strict-dynamic' has been found in Firefox < 60.0....
CVE-2018-5173 Medium Yes Content spoofing
The filename appearing in the Downloads panel in Firefox before 60.0 improperly renders some Unicode characters, allowing for the file name to be spoofed....
CVE-2018-5172 Medium Yes Arbitrary code execution
The Live Bookmarks page and the PDF viewer in Firefox before 60.0 can run injected script content if a user pastes script from the clipboard into them while...
CVE-2018-5169 Medium Yes Access restriction bypass
If manipulated hyperlinked text with chrome: URL contained in it is dragged and dropped on the "home" icon in Firefox before 60.0, the home page can be...
CVE-2018-5168 Medium Yes Access restriction bypass
Sites can bypass security checks on permissions to install lightweight themes in Firefox before 60.0 and Thunderbird before 52.8, by manipulating the...
CVE-2018-5167 Medium Yes Content spoofing
The web console and JavaScript debugger in Firefox < 6.0.0 do not sanitize all output that can be hyperlinked. Both will display chrome: links as active,...
CVE-2018-5166 Medium Yes Access restriction bypass
WebExtensions in Firefox before 60.0 can use request redirection and a filterReponseData filter to bypass host permission settings to redirect network...
CVE-2018-5164 Medium Yes Access restriction bypass
A Content Security Policy (CSP) bypass has been found in Firefox < 60.0, where the CSP is not applied correctly to all parts of multipart content sent with...
CVE-2018-5163 Medium Yes Sandbox escape
A sandbox escape vulnerability has been found in Firefox < 60.0. If a malicious attacker has used another vulnerability to gain full control over a content...
CVE-2018-5160 High Yes Arbitrary code execution
A uninitialized memory use vulnerability has been found in the WebRTC component of Firefox < 60.0, which can use a WrappedI420Buffer pixel buffer whose...
CVE-2018-5159 High Yes Arbitrary code execution
An integer overflow vulnerability has been found in the Skia library used in Firefox < 60.0 and Thunderbird < 52.8, due to 32-bit integer use in an array...
CVE-2018-5158 High Yes Arbitrary code execution
A insufficient sanitization of Postscript calculator functions vulnerability has been found in the PDF viewer of Firefox < 60.0, allowing malicious...
CVE-2018-5157 High Yes Same-origin policy bypass
A same-origin policy bypass vulnerability has been found in the PDF viewer of Firefox < 60.0,  allowing a malicious site to intercept messages meant for the...
CVE-2018-5155 High Yes Arbitrary code execution
A use-after-free vulnerability has been found in Firefox < 60.0 and Thunderbird < 52.8, while adjusting layout during SVG animations with text paths.
CVE-2018-5154 High Yes Arbitrary code execution
A use-after-free vulnerability has been found in Firefox < 60.0 and Thunderbird < 52.8, while enumerating attributes during SVG animations with clip paths.
CVE-2018-5153 Medium Yes Information disclosure
An information disclosure vulnerability has been found in Firefox < 60.0. If websocket data is sent with mixed text and binary in a single message, the...
CVE-2018-5152 Medium Yes Information disclosure
An information disclosure vulnerability has been found in Firefox < 60.0. WebExtensions with the appropriate permissions can attach content scripts to...
CVE-2018-5151 Critical Yes Arbitrary code execution
Several memory safety bugs has been found in Firefox before 60.0. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with...
CVE-2018-5150 Critical Yes Arbitrary code execution
Several memory safety bugs have been found in Firefox before 60.0 and Thunderbird before 52.8. Some of these bugs showed evidence of memory corruption and...
Date Advisory Package Description
13 May 2018 ASA-201805-10 firefox multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2018-11