FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
c4f39920-781f-4aeb-b6af-17ed566c4272mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2018-12386: Type confusion in JavaScript

A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered.

CVE-2018-12387:

A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content process.


Discovery 2018-10-02
Entry 2018-10-02
Modified 2019-07-23
firefox
< 62.0.3,1

waterfox
< 56.2.4

seamonkey
linux-seamonkey
< 2.53.0

firefox-esr
< 60.2.2,1

linux-firefox
< 60.2.2,2

libxul
thunderbird
linux-thunderbird
< 60.2.2

CVE-2018-12386
CVE-2018-12387
https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/
4f00dac0-1e18-4481-95af-7aaad63fd303mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

MFSA 2016-01 Miscellaneous memory safety hazards (rv:44.0 / rv:38.6)

MFSA 2016-02 Out of Memory crash when parsing GIF format images

MFSA 2016-03 Buffer overflow in WebGL after out of memory allocation

MFSA 2016-04 Firefox allows for control characters to be set in cookie names

MFSA 2016-06 Missing delay following user click events in protocol handler dialog

MFSA 2016-09 Addressbar spoofing attacks

MFSA 2016-10 Unsafe memory manipulation found through code inspection

MFSA 2016-11 Application Reputation service disabled in Firefox 43


Discovery 2016-01-26
Entry 2016-02-01
Modified 2016-03-08
firefox
linux-firefox
< 44.0,1

seamonkey
linux-seamonkey
< 2.41

firefox-esr
< 38.6.0,1

libxul
thunderbird
linux-thunderbird
< 38.6.0

CVE-2015-7208
CVE-2016-1930
CVE-2016-1931
CVE-2016-1933
CVE-2016-1935
CVE-2016-1937
CVE-2016-1939
CVE-2016-1942
CVE-2016-1943
CVE-2016-1944
CVE-2016-1945
CVE-2016-1946
CVE-2016-1947
https://www.mozilla.org/security/advisories/mfsa2016-01/
https://www.mozilla.org/security/advisories/mfsa2016-02/
https://www.mozilla.org/security/advisories/mfsa2016-03/
https://www.mozilla.org/security/advisories/mfsa2016-04/
https://www.mozilla.org/security/advisories/mfsa2016-06/
https://www.mozilla.org/security/advisories/mfsa2016-09/
https://www.mozilla.org/security/advisories/mfsa2016-10/
https://www.mozilla.org/security/advisories/mfsa2016-11/
c66a5632-708a-4727-8236-d65b2d5b2739mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2015-79 Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)

MFSA 2015-80 Out-of-bounds read with malformed MP3 file

MFSA 2015-81 Use-after-free in MediaStream playback

MFSA 2015-82 Redefinition of non-configurable JavaScript object properties

MFSA 2015-83 Overflow issues in libstagefright

MFSA 2015-84 Arbitrary file overwriting through Mozilla Maintenance Service with hard links

MFSA 2015-85 Out-of-bounds write with Updater and malicious MAR file

MFSA 2015-86 Feed protocol with POST bypasses mixed content protections

MFSA 2015-87 Crash when using shared memory in JavaScript

MFSA 2015-88 Heap overflow in gdk-pixbuf when scaling bitmap images

MFSA 2015-90 Vulnerabilities found through code inspection

MFSA 2015-91 Mozilla Content Security Policy allows for asterisk wildcards in violation of CSP specification

MFSA 2015-92 Use-after-free in XMLHttpRequest with shared workers


Discovery 2015-08-11
Entry 2015-08-11
Modified 2015-08-22
firefox
< 40.0,1

linux-firefox
< 40.0,1

seamonkey
ge 2.36 lt 2.37

< 2.35

linux-seamonkey
ge 2.36 lt 2.37

< 2.35

firefox-esr
< 38.2.0,1

libxul
< 38.2.0

thunderbird
< 38.2.0

linux-thunderbird
< 38.2.0

CVE-2015-4473
CVE-2015-4474
CVE-2015-4475
CVE-2015-4477
CVE-2015-4478
CVE-2015-4479
CVE-2015-4480
CVE-2015-4481
CVE-2015-4482
CVE-2015-4483
CVE-2015-4484
CVE-2015-4487
CVE-2015-4488
CVE-2015-4489
CVE-2015-4490
CVE-2015-4491
CVE-2015-4492
CVE-2015-4493
https://www.mozilla.org/security/advisories/mfsa2015-79/
https://www.mozilla.org/security/advisories/mfsa2015-80/
https://www.mozilla.org/security/advisories/mfsa2015-81/
https://www.mozilla.org/security/advisories/mfsa2015-82/
https://www.mozilla.org/security/advisories/mfsa2015-83/
https://www.mozilla.org/security/advisories/mfsa2015-84/
https://www.mozilla.org/security/advisories/mfsa2015-85/
https://www.mozilla.org/security/advisories/mfsa2015-86/
https://www.mozilla.org/security/advisories/mfsa2015-87/
https://www.mozilla.org/security/advisories/mfsa2015-88/
https://www.mozilla.org/security/advisories/mfsa2015-90/
https://www.mozilla.org/security/advisories/mfsa2015-91/
https://www.mozilla.org/security/advisories/mfsa2015-92/
d9b43004-f5fd-4807-b1d7-dbf66455b244mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA-2015-46 Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)

MFSA-2015-47 Buffer overflow parsing H.264 video with Linux Gstreamer

MFSA-2015-48 Buffer overflow with SVG content and CSS

MFSA-2015-49 Referrer policy ignored when links opened by middle-click and context menu

MFSA-2015-50 Out-of-bounds read and write in asm.js validation

MFSA-2015-51 Use-after-free during text processing with vertical text enabled

MFSA-2015-52 Sensitive URL encoded information written to Android logcat

MFSA-2015-53 Use-after-free due to Media Decoder Thread creation during shutdown

MFSA-2015-54 Buffer overflow when parsing compressed XML

MFSA-2015-55 Buffer overflow and out-of-bounds read while parsing MP4 video metadata

MFSA-2015-56 Untrusted site hosting trusted page can intercept webchannel responses

MFSA-2015-57 Privilege escalation through IPC channel messages

MFSA-2015-58 Mozilla Windows updater can be run outside of application directory

MFSA 2015-93 Integer overflows in libstagefright while processing MP4 video metadata


Discovery 2015-05-12
Entry 2015-05-12
Modified 2015-08-28
firefox
< 38.0,1

linux-firefox
< 38.0,1

seamonkey
< 2.35

linux-seamonkey
< 2.35

firefox-esr
< 31.7.0,1

libxul
< 31.7.0

ge 32.0 lt 38.0

thunderbird
< 31.7.0

ge 32.0 lt 38.0

linux-thunderbird
< 31.7.0

ge 32.0 lt 38.0

CVE-2011-3079
CVE-2015-0797
CVE-2015-0833
CVE-2015-2708
CVE-2015-2709
CVE-2015-2710
CVE-2015-2711
CVE-2015-2712
CVE-2015-2713
CVE-2015-2714
CVE-2015-2715
CVE-2015-2716
CVE-2015-2717
CVE-2015-2718
CVE-2015-2720
CVE-2015-4496
https://www.mozilla.org/security/advisories/mfsa2015-46/
https://www.mozilla.org/security/advisories/mfsa2015-47/
https://www.mozilla.org/security/advisories/mfsa2015-48/
https://www.mozilla.org/security/advisories/mfsa2015-49/
https://www.mozilla.org/security/advisories/mfsa2015-50/
https://www.mozilla.org/security/advisories/mfsa2015-51/
https://www.mozilla.org/security/advisories/mfsa2015-52/
https://www.mozilla.org/security/advisories/mfsa2015-53/
https://www.mozilla.org/security/advisories/mfsa2015-54/
https://www.mozilla.org/security/advisories/mfsa2015-55/
https://www.mozilla.org/security/advisories/mfsa2015-56/
https://www.mozilla.org/security/advisories/mfsa2015-57/
https://www.mozilla.org/security/advisories/mfsa2015-58/
https://www.mozilla.org/security/advisories/mfsa2015-93/
d1853110-07f4-4645-895b-6fd462ad0589mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

Please reference CVE/URL list for details


Discovery 2016-11-15
Entry 2016-11-16
firefox
< 50.0_1,1

seamonkey
linux-seamonkey
< 2.47

firefox-esr
< 45.5.0,1

linux-firefox
< 45.5.0,2

libxul
thunderbird
linux-thunderbird
< 45.5.0

CVE-2016-5289
CVE-2016-5290
CVE-2016-5291
CVE-2016-5292
CVE-2016-5293
CVE-2016-5294
CVE-2016-5295
CVE-2016-5296
CVE-2016-5297
CVE-2016-5298
CVE-2016-5299
CVE-2016-9061
CVE-2016-9062
CVE-2016-9063
CVE-2016-9064
CVE-2016-9065
CVE-2016-9066
CVE-2016-9067
CVE-2016-9068
CVE-2016-9070
CVE-2016-9071
CVE-2016-9072
CVE-2016-9073
CVE-2016-9074
CVE-2016-9075
CVE-2016-9076
CVE-2016-9077
https://www.mozilla.org/security/advisories/mfsa2016-89/
https://www.mozilla.org/security/advisories/mfsa2016-90/
4a1ca8a4-bd82-11e2-b7a0-d43d7e0c7c02mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2013-41 Miscellaneous memory safety hazards (rv:21.0 / rv:17.0.6)

MFSA 2013-42 Privileged access for content level constructor

MFSA 2013-43 File input control has access to full path

MFSA 2013-44 Local privilege escalation through Mozilla Maintenance Service

MFSA 2013-45 Mozilla Updater fails to update some Windows Registry entries

MFSA 2013-46 Use-after-free with video and onresize event

MFSA 2013-47 Uninitialized functions in DOMSVGZoomEvent

MFSA 2013-48 Memory corruption found using Address Sanitizer


Discovery 2013-05-14
Entry 2013-05-15
Modified 2013-05-21
firefox
gt 18.0,1 lt 21.0,1

< 17.0.6,1

linux-firefox
< 17.0.6,1

linux-seamonkey
< 2.17.1

linux-thunderbird
< 17.0.6

seamonkey
< 2.17.1

thunderbird
gt 11.0 lt 17.0.6

CVE-2012-1942
CVE-2013-0801
CVE-2013-1669
CVE-2013-1670
CVE-2013-1671
CVE-2013-1672
CVE-2013-1674
CVE-2013-1675
CVE-2013-1676
CVE-2013-1677
CVE-2013-1678
CVE-2013-1679
CVE-2013-1680
CVE-2013-1681
http://www.mozilla.org/security/announce/2013/mfsa2013-40.html
http://www.mozilla.org/security/announce/2013/mfsa2013-41.html
http://www.mozilla.org/security/announce/2013/mfsa2013-42.html
http://www.mozilla.org/security/announce/2013/mfsa2013-43.html
http://www.mozilla.org/security/announce/2013/mfsa2013-44.html
http://www.mozilla.org/security/announce/2013/mfsa2013-45.html
http://www.mozilla.org/security/announce/2013/mfsa2013-46.html
http://www.mozilla.org/security/announce/2013/mfsa2013-47.html
http://www.mozilla.org/security/announce/2013/mfsa2013-48.html
http://www.mozilla.org/security/known-vulnerabilities/
1bcfd963-e483-41b8-ab8e-bad5c3ce49c9brotli -- buffer overflow

Google Chrome Releases reports:

[583607] High CVE-2016-1624: Buffer overflow in Brotli. Credit to lukezli.

Mozilla Foundation reports:

Security researcher Luke Li reported a pointer underflow bug in the Brotli library's decompression that leads to a buffer overflow. This results in a potentially exploitable crash when triggered.


Discovery 2016-02-08
Entry 2016-03-08
Modified 2016-03-08
brotli
ge 0.3.0 lt 0.3.0_1

< 0.2.0_2

libbrotli
< 0.3.0_3

chromium
chromium-npapi
chromium-pulse
< 48.0.2564.109

firefox
linux-firefox
< 45.0,1

seamonkey
linux-seamonkey
< 2.42

firefox-esr
< 38.7.0,1

libxul
thunderbird
linux-thunderbird
< 38.7.0

CVE-2016-1624
CVE-2016-1968
https://github.com/google/brotli/commit/37a320dd81db8d546cd24a45b4c61d87b45dcade
https://chromium.googlesource.com/chromium/src/+/7716418a27d561ee295a99f11fd3865580748de2%5E!/
https://www.mozilla.org/security/advisories/mfsa2016-30/
https://hg.mozilla.org/releases/mozilla-release/rev/4a5d8ade4e3e
2d56c7f4-b354-428f-8f48-38150c607a05mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2015-96 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)

MFSA 2015-97 Memory leak in mozTCPSocket to servers

MFSA 2015-98 Out of bounds read in QCMS library with ICC V4 profile attributes

MFSA 2015-99 Site attribute spoofing on Android by pasting URL with unknown scheme

MFSA 2015-100 Arbitrary file manipulation by local user through Mozilla updater

MFSA 2015-101 Buffer overflow in libvpx while parsing vp9 format video

MFSA 2015-102 Crash when using debugger with SavedStacks in JavaScript

MFSA 2015-103 URL spoofing in reader mode

MFSA 2015-104 Use-after-free with shared workers and IndexedDB

MFSA 2015-105 Buffer overflow while decoding WebM video

MFSA 2015-106 Use-after-free while manipulating HTML media content

MFSA 2015-107 Out-of-bounds read during 2D canvas display on Linux 16-bit color depth systems

MFSA 2015-108 Scripted proxies can access inner window

MFSA 2015-109 JavaScript immutable property enforcement can be bypassed

MFSA 2015-110 Dragging and dropping images exposes final URL after redirects

MFSA 2015-111 Errors in the handling of CORS preflight request headers

MFSA 2015-112 Vulnerabilities found through code inspection

MFSA 2015-113 Memory safety errors in libGLES in the ANGLE graphics library

MFSA 2015-114 Information disclosure via the High Resolution Time API


Discovery 2015-09-22
Entry 2015-09-22
firefox
< 41.0,1

linux-firefox
< 41.0,1

seamonkey
< 2.38

linux-seamonkey
< 2.38

firefox-esr
< 38.3.0,1

libxul
< 38.3.0

thunderbird
< 38.3.0

linux-thunderbird
< 38.3.0

CVE-2015-4476
CVE-2015-4500
CVE-2015-4501
CVE-2015-4502
CVE-2015-4503
CVE-2015-4504
CVE-2015-4505
CVE-2015-4506
CVE-2015-4507
CVE-2015-4508
CVE-2015-4509
CVE-2015-4510
CVE-2015-4512
CVE-2015-4516
CVE-2015-4517
CVE-2015-4519
CVE-2015-4520
CVE-2015-4521
CVE-2015-4522
CVE-2015-7174
CVE-2015-7175
CVE-2015-7176
CVE-2015-7177
CVE-2015-7178
CVE-2015-7179
CVE-2015-7180
https://www.mozilla.org/security/advisories/mfsa2015-96/
https://www.mozilla.org/security/advisories/mfsa2015-97/
https://www.mozilla.org/security/advisories/mfsa2015-98/
https://www.mozilla.org/security/advisories/mfsa2015-99/
https://www.mozilla.org/security/advisories/mfsa2015-100/
https://www.mozilla.org/security/advisories/mfsa2015-101/
https://www.mozilla.org/security/advisories/mfsa2015-102/
https://www.mozilla.org/security/advisories/mfsa2015-103/
https://www.mozilla.org/security/advisories/mfsa2015-104/
https://www.mozilla.org/security/advisories/mfsa2015-105/
https://www.mozilla.org/security/advisories/mfsa2015-106/
https://www.mozilla.org/security/advisories/mfsa2015-107/
https://www.mozilla.org/security/advisories/mfsa2015-108/
https://www.mozilla.org/security/advisories/mfsa2015-109/
https://www.mozilla.org/security/advisories/mfsa2015-110/
https://www.mozilla.org/security/advisories/mfsa2015-111/
https://www.mozilla.org/security/advisories/mfsa2015-112/
https://www.mozilla.org/security/advisories/mfsa2015-113/
https://www.mozilla.org/security/advisories/mfsa2015-114/
b3fcb387-de4b-11e2-b1c6-0025905a4771mozilla -- multiple vulnerabilities

The Mozilla Project reports:

Miscellaneous memory safety hazards (rv:22.0 / rv:17.0.7)

Title: Memory corruption found using Address Sanitizer

Privileged content access and execution via XBL

Arbitrary code execution within Profiler

Execution of unmapped memory through onreadystatechange

Data in the body of XHR HEAD requests leads to CSRF attacks

SVG filters can lead to information disclosure

PreserveWrapper has inconsistent behavior

Sandbox restrictions not applied to nested frame elements

X-Frame-Options ignored when using server push with multi-part responses

XrayWrappers can be bypassed to run user defined methods in a privileged context

getUserMedia permission dialog incorrectly displays location

Homograph domain spoofing in .com, .net and .name

Inaccessible updater can lead to local privilege escalation


Discovery 2013-06-25
Entry 2013-06-26
firefox
gt 18.0,1 lt 22.0,1

< 17.0.7,1

linux-firefox
< 17.0.7,1

linux-seamonkey
< 2.19

linux-thunderbird
< 17.0.7

seamonkey
< 2.19

thunderbird
gt 11.0 lt 17.0.7

CVE-2013-1682
CVE-2013-1683
CVE-2013-1684
CVE-2013-1685
CVE-2013-1686
CVE-2013-1687
CVE-2013-1688
CVE-2013-1690
CVE-2013-1692
CVE-2013-1693
CVE-2013-1694
CVE-2013-1695
CVE-2013-1696
CVE-2013-1697
CVE-2013-1698
CVE-2013-1699
CVE-2013-1700
http://www.mozilla.org/security/announce/2013/mfsa2013-49.html
http://www.mozilla.org/security/announce/2013/mfsa2013-50.html
http://www.mozilla.org/security/announce/2013/mfsa2013-51.html
http://www.mozilla.org/security/announce/2013/mfsa2013-52.html
http://www.mozilla.org/security/announce/2013/mfsa2013-53.html
http://www.mozilla.org/security/announce/2013/mfsa2013-54.html
http://www.mozilla.org/security/announce/2013/mfsa2013-55.html
http://www.mozilla.org/security/announce/2013/mfsa2013-56.html
http://www.mozilla.org/security/announce/2013/mfsa2013-57.html
http://www.mozilla.org/security/announce/2013/mfsa2013-58.html
http://www.mozilla.org/security/announce/2013/mfsa2013-59.html
http://www.mozilla.org/security/announce/2013/mfsa2013-60.html
http://www.mozilla.org/security/announce/2013/mfsa2013-61.html
http://www.mozilla.org/security/announce/2013/mfsa2013-62.html
http://www.mozilla.org/security/known-vulnerabilities/
10f7bc76-0335-4a88-b391-0b05b3a8ce1cNSS -- MD5 downgrade in TLS 1.2 signatures

The Mozilla Project reports:

Security researcher Karthikeyan Bhargavan reported an issue in Network Security Services (NSS) where MD5 signatures in the server signature within the TLS 1.2 ServerKeyExchange message are still accepted. This is an issue since NSS has officially disallowed the accepting MD5 as a hash algorithm in signatures since 2011. This issues exposes NSS based clients such as Firefox to theoretical collision-based forgery attacks.


Discovery 2015-12-22
Entry 2015-12-28
nss
linux-c6-nss
ge 3.20 lt 3.20.2

< 3.19.2.2

linux-firefox
< 43.0.2,1

linux-thunderbird
< 38.5.1

linux-seamonkey
< 2.40

CVE-2015-7575
https://www.mozilla.org/security/advisories/mfsa2015-150/
https://hg.mozilla.org/projects/nss/rev/94e1157f3fbb
18f39fb6-7400-4063-acaf-0806e92c094fMozilla -- SVG Animation Remote Code Execution

The Mozilla Foundation reports:

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows.


Discovery 2016-11-30
Entry 2016-12-01
Modified 2016-12-16
firefox
< 50.0.2,1

firefox-esr
< 45.5.1,1

linux-firefox
< 45.5.1,2

seamonkey
< 2.46

linux-seamonkey
< 2.46

libxul
< 45.5.1

thunderbird
< 45.5.1

linux-thunderbird
< 45.5.1

CVE-2016-9079
https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/
a891c5b4-3d7a-4de9-9c71-eef3fd698c77mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2018-5091: Use-after-free with DTMF timers

CVE-2018-5092: Use-after-free in Web Workers

CVE-2018-5093: Buffer overflow in WebAssembly during Memory/Table resizing

CVE-2018-5094: Buffer overflow in WebAssembly with garbage collection on uninitialized memory

CVE-2018-5095: Integer overflow in Skia library during edge builder allocation

CVE-2018-5097: Use-after-free when source document is manipulated during XSLT

CVE-2018-5098: Use-after-free while manipulating form input elements

CVE-2018-5099: Use-after-free with widget listener

CVE-2018-5100: Use-after-free when IsPotentiallyScrollable arguments are freed from memory

CVE-2018-5101: Use-after-free with floating first-letter style elements

CVE-2018-5102: Use-after-free in HTML media elements

CVE-2018-5103: Use-after-free during mouse event handling

CVE-2018-5104: Use-after-free during font face manipulation

CVE-2018-5105: WebExtensions can save and execute files on local file system without user prompts

CVE-2018-5106: Developer Tools can expose style editor information cross-origin through service worker

CVE-2018-5107: Printing process will follow symlinks for local file access

CVE-2018-5108: Manually entered blob URL can be accessed by subsequent private browsing tabs

CVE-2018-5109: Audio capture prompts and starts with incorrect origin attribution

CVE-2018-5110: Cursor can be made invisible on OS X

CVE-2018-5111: URL spoofing in addressbar through drag and drop

CVE-2018-5112: Extension development tools panel can open a non-relative URL in the panel

CVE-2018-5113: WebExtensions can load non-HTTPS pages with browser.identity.launchWebAuthFlow

CVE-2018-5114: The old value of a cookie changed to HttpOnly remains accessible to scripts

CVE-2018-5115: Background network requests can open HTTP authentication in unrelated foreground tabs

CVE-2018-5116: WebExtension ActiveTab permission allows cross-origin frame content access

CVE-2018-5117: URL spoofing with right-to-left text aligned left-to-right

CVE-2018-5118: Activity Stream images can attempt to load local content through file:

CVE-2018-5119: Reader view will load cross-origin content in violation of CORS headers

CVE-2018-5121: OS X Tibetan characters render incompletely in the addressbar

CVE-2018-5122: Potential integer overflow in DoCrypt

CVE-2018-5090: Memory safety bugs fixed in Firefox 58

CVE-2018-5089: Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6


Discovery 2018-01-23
Entry 2018-01-23
Modified 2018-01-29
firefox
< 58.0_1,1

waterfox
< 56.0.3.63

seamonkey
linux-seamonkey
< 2.49.2

firefox-esr
< 52.6.0_1,1

linux-firefox
< 52.6.0,2

libxul
thunderbird
linux-thunderbird
< 52.6.0

CVE-2018-5089
CVE-2018-5090
CVE-2018-5091
CVE-2018-5092
CVE-2018-5093
CVE-2018-5094
CVE-2018-5095
CVE-2018-5097
CVE-2018-5098
CVE-2018-5099
CVE-2018-5100
CVE-2018-5101
CVE-2018-5102
CVE-2018-5103
CVE-2018-5104
CVE-2018-5105
CVE-2018-5106
CVE-2018-5107
CVE-2018-5108
CVE-2018-5109
CVE-2018-5110
CVE-2018-5111
CVE-2018-5112
CVE-2018-5113
CVE-2018-5114
CVE-2018-5115
CVE-2018-5116
CVE-2018-5117
CVE-2018-5118
CVE-2018-5119
CVE-2018-5121
CVE-2018-5122
https://www.mozilla.org/security/advisories/mfsa2018-02/
https://www.mozilla.org/security/advisories/mfsa2018-03/
5aefc41e-d304-4ec8-8c82-824f84f08244mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2018-5183: Backport critical security fixes in Skia

CVE-2018-5154: Use-after-free with SVG animations and clip paths

CVE-2018-5155: Use-after-free with SVG animations and text paths

CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files

CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer

CVE-2018-5159: Integer overflow and out-of-bounds write in Skia

CVE-2018-5160: Uninitialized memory use by WebRTC encoder

CVE-2018-5152: WebExtensions information leak through webRequest API

CVE-2018-5153: Out-of-bounds read in mixed content websocket messages

CVE-2018-5163: Replacing cached data in JavaScript Start-up Bytecode Cache

CVE-2018-5164: CSP not applied to all multipart content sent with multipart/x-mixed-replace

CVE-2018-5166: WebExtension host permission bypass through filterReponseData

CVE-2018-5167: Improper linkification of chrome: and javascript: content in web console and JavaScript debugger

CVE-2018-5168: Lightweight themes can be installed without user interaction

CVE-2018-5169: Dragging and dropping link text onto home button can set home page to include chrome pages

CVE-2018-5172: Pasted script from clipboard can run in the Live Bookmarks page or PDF viewer

CVE-2018-5173: File name spoofing of Downloads panel with Unicode characters

CVE-2018-5174: Windows Defender SmartScreen UI runs with less secure behavior for downloaded files in Windows 10 April 2018 Update

CVE-2018-5175: Universal CSP bypass on sites using strict-dynamic in their policies

CVE-2018-5176: JSON Viewer script injection

CVE-2018-5177: Buffer overflow in XSLT during number formatting

CVE-2018-5165: Checkbox for enabling Flash protected mode is inverted in 32-bit Firefox

CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension

CVE-2018-5180: heap-use-after-free in mozilla::WebGLContext::DrawElementsInstanced

CVE-2018-5181: Local file can be displayed in noopener tab through drag and drop of hyperlink

CVE-2018-5182: Local file can be displayed from hyperlink dragged and dropped on addressbar

CVE-2018-5151: Memory safety bugs fixed in Firefox 60

CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8


Discovery 2018-05-09
Entry 2018-05-09
firefox
< 60.0,1

waterfox
< 56.1.0_18

seamonkey
linux-seamonkey
< 2.49.4

firefox-esr
< 52.8.0,1

linux-firefox
< 52.8.0,2

libxul
thunderbird
linux-thunderbird
< 52.8.0

CVE-2018-5150
CVE-2018-5151
CVE-2018-5152
CVE-2018-5153
CVE-2018-5154
CVE-2018-5155
CVE-2018-5157
CVE-2018-5158
CVE-2018-5159
CVE-2018-5160
CVE-2018-5163
CVE-2018-5164
CVE-2018-5165
CVE-2018-5166
CVE-2018-5167
CVE-2018-5168
CVE-2018-5169
CVE-2018-5172
CVE-2018-5173
CVE-2018-5174
CVE-2018-5175
CVE-2018-5176
CVE-2018-5177
CVE-2018-5178
CVE-2018-5180
CVE-2018-5181
CVE-2018-5182
CVE-2018-5183
https://www.mozilla.org/security/advisories/mfsa2018-11/
https://www.mozilla.org/security/advisories/mfsa2018-12/
44b6dfbf-4ef7-4d52-ad52-2b1b05d81272mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS

CVE-2019-9816: Type confusion with object groups and UnboxedObjects

CVE-2019-9817: Stealing of cross-domain images using canvas

CVE-2019-9818: Use-after-free in crash generation server

CVE-2019-9819: Compartment mismatch with fetch API

CVE-2019-9820: Use-after-free of ChromeEventHandler by DocShell

CVE-2019-9821: Use-after-free in AssertWorkerThread

CVE-2019-11691: Use-after-free in XMLHttpRequest

CVE-2019-11692: Use-after-free removing listeners in the event listener manager

CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux

CVE-2019-7317: Use-after-free in png_image_free of libpng library

CVE-2019-11694: Uninitialized memory memory leakage in Windows sandbox

CVE-2019-11695: Custom cursor can render over user interface outside of web content

CVE-2019-11696: Java web start .JNLP files are not recognized as executable files for download prompts

CVE-2019-11697: Pressing key combinations can bypass installation prompt delays and install extensions

CVE-2019-11698: Theft of user history data through drag and drop of hyperlinks to and from bookmarks

CVE-2019-11700: res: protocol can be used to open known local files

CVE-2019-11699: Incorrect domain name highlighting during page navigation

CVE-2019-11701: webcal: protocol default handler loads vulnerable web page

CVE-2019-9814: Memory safety bugs fixed in Firefox 67

CVE-2019-9800: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7


Discovery 2019-05-21
Entry 2019-05-22
Modified 2019-07-23
firefox
< 67.0,1

waterfox
< 56.2.10

seamonkey
linux-seamonkey
< 2.53.0

firefox-esr
< 60.7.0,1

linux-firefox
< 60.7.0,2

libxul
thunderbird
linux-thunderbird
< 60.7.0

CVE-2019-9815
CVE-2019-9816
CVE-2019-9817
CVE-2019-9818
CVE-2019-9819
CVE-2019-9820
CVE-2019-9821
CVE-2019-11691
CVE-2019-11692
CVE-2019-11693
CVE-2019-7317
CVE-2019-11694
CVE-2019-11695
CVE-2019-11696
CVE-2019-11697
CVE-2019-11698
CVE-2019-11700
CVE-2019-11699
CVE-2019-11701
CVE-2019-9814
CVE-2019-9800
https://www.mozilla.org/security/advisories/mfsa2019-13/
https://www.mozilla.org/security/advisories/mfsa2019-14/
https://www.mozilla.org/security/advisories/mfsa2019-15/
d10b49b2-8d02-49e8-afde-0844626317afmozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2018-12407: Buffer overflow with ANGLE library when using VertexBuffer11 module

CVE-2018-17466: Buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11

CVE-2018-18492: Use-after-free with select element

CVE-2018-18493: Buffer overflow in accelerated 2D canvas with Skia

CVE-2018-18494: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs

CVE-2018-18495: WebExtension content scripts can be loaded in about: pages

CVE-2018-18496: Embedded feed preview page can be abused for clickjacking

CVE-2018-18497: WebExtensions can load arbitrary URLs through pipe separators

CVE-2018-18498: Integer overflow when calculating buffer sizes for images

CVE-2018-12406: Memory safety bugs fixed in Firefox 64

CVE-2018-12405: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4


Discovery 2018-12-11
Entry 2018-12-11
Modified 2019-07-23
firefox
< 64.0_3,1

waterfox
< 56.2.6

seamonkey
linux-seamonkey
< 2.53.0

firefox-esr
< 60.4.0,1

linux-firefox
< 60.4.0,2

libxul
thunderbird
linux-thunderbird
< 60.4.0

CVE-2018-12405
CVE-2018-12406
CVE-2018-12407
CVE-2018-17466
CVE-2018-18492
CVE-2018-18493
CVE-2018-18494
CVE-2018-18495
CVE-2018-18496
CVE-2018-18497
CVE-2018-18498
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/
https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/
dd116b19-64b3-11e3-868f-0025905a4771mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2013-116 JPEG information leak

MFSA 2013-105 Application Installation doorhanger persists on navigation

MFSA 2013-106 Character encoding cross-origin XSS attack

MFSA 2013-107 Sandbox restrictions not applied to nested object elements

MFSA 2013-108 Use-after-free in event listeners

MFSA 2013-109 Use-after-free during Table Editing

MFSA 2013-110 Potential overflow in JavaScript binary search algorithms

MFSA 2013-111 Segmentation violation when replacing ordered list elements

MFSA 2013-112 Linux clipboard information disclosure though selection paste

MFSA 2013-113 Trust settings for built-in roots ignored during EV certificate validation

MFSA 2013-114 Use-after-free in synthetic mouse movement

MFSA 2013-115 GetElementIC typed array stubs can be generated outside observed typesets

MFSA 2013-116 JPEG information leak

MFSA 2013-117 Mis-issued ANSSI/DCSSI certificate


Discovery 2013-12-09
Entry 2013-12-14
firefox
gt 25.0,1 lt 26.0,1

< 24.2.0,1

linux-firefox
< 26.0,1

linux-seamonkey
< 2.23

linux-thunderbird
< 24.2.0

seamonkey
< 2.23

thunderbird
< 24.2.0

CVE-2013-5609
CVE-2013-5610
CVE-2013-5611
CVE-2013-5612
CVE-2013-5613
CVE-2013-5614
CVE-2013-5615
CVE-2013-5616
CVE-2013-5618
CVE-2013-5619
CVE-2013-6629
CVE-2013-6630
CVE-2013-6671
CVE-2013-6672
CVE-2013-6673
https://www.mozilla.org/security/announce/2013/mfsa2013-104.html
https://www.mozilla.org/security/announce/2013/mfsa2013-105.html
https://www.mozilla.org/security/announce/2013/mfsa2013-106.html
https://www.mozilla.org/security/announce/2013/mfsa2013-107.html
https://www.mozilla.org/security/announce/2013/mfsa2013-108.html
https://www.mozilla.org/security/announce/2013/mfsa2013-109.html
https://www.mozilla.org/security/announce/2013/mfsa2013-110.html
https://www.mozilla.org/security/announce/2013/mfsa2013-111.html
https://www.mozilla.org/security/announce/2013/mfsa2013-112.html
https://www.mozilla.org/security/announce/2013/mfsa2013-113.html
https://www.mozilla.org/security/announce/2013/mfsa2013-114.html
https://www.mozilla.org/security/announce/2013/mfsa2013-115.html
https://www.mozilla.org/security/announce/2013/mfsa2013-116.html
https://www.mozilla.org/security/announce/2013/mfsa2013-117.html
http://www.mozilla.org/security/known-vulnerabilities/
7c3a02b9-3273-4426-a0ba-f90fad2ff72emozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2018-12391: HTTP Live Stream audio data is accessible cross-origin

CVE-2018-12392: Crash with nested event loops

CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript

CVE-2018-12395: WebExtension bypass of domain restrictions through header rewriting

CVE-2018-12396: WebExtension content scripts can execute in disallowed contexts

CVE-2018-12397:

CVE-2018-12398: CSP bypass through stylesheet injection in resource URIs

CVE-2018-12399: Spoofing of protocol registration notification bar

CVE-2018-12400: Favicons are cached in private browsing mode on Firefox for Android

CVE-2018-12401: DOS attack through special resource URI parsing

CVE-2018-12402: SameSite cookies leak when pages are explicitly saved

CVE-2018-12403: Mixed content warning is not displayed when HTTPS page loads a favicon over HTTP

CVE-2018-12388: Memory safety bugs fixed in Firefox 63

CVE-2018-12390: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3


Discovery 2018-10-23
Entry 2018-10-23
Modified 2019-07-23
firefox
< 63.0_1,1

waterfox
< 56.2.5

seamonkey
linux-seamonkey
< 2.53.0

firefox-esr
< 60.3.0,1

linux-firefox
< 60.3.0,2

libxul
thunderbird
linux-thunderbird
< 60.3.0

CVE-2018-12388
CVE-2018-12390
CVE-2018-12391
CVE-2018-12392
CVE-2018-12393
CVE-2018-12395
CVE-2018-12396
CVE-2018-12397
CVE-2018-12398
CVE-2018-12399
CVE-2018-12400
CVE-2018-12401
CVE-2018-12402
CVE-2018-12403
https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/
https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/
c4292768-5273-4f17-a267-c5fe35125ce4NSS -- multiple vulnerabilities

Mozilla Foundation reports:

Security researcher Francis Gabriel reported a heap-based buffer overflow in the way the Network Security Services (NSS) libraries parsed certain ASN.1 structures. An attacker could create a specially-crafted certificate which, when parsed by NSS, would cause it to crash or execute arbitrary code with the permissions of the user.

Mozilla developer Tim Taubert used the Address Sanitizer tool and software fuzzing to discover a use-after-free vulnerability while processing DER encoded keys in the Network Security Services (NSS) libraries. The vulnerability overwrites the freed memory with zeroes.


Discovery 2016-03-08
Entry 2016-03-08
Modified 2016-09-05
nss
ge 3.20 lt 3.21.1

< 3.19.2.3

linux-c6-nss
ge 3.20 lt 3.21.0_1

< 3.19.2.3

linux-firefox
< 45.0,1

linux-thunderbird
< 38.7.0

linux-seamonkey
< 2.42

CVE-2016-1950
CVE-2016-1979
https://www.mozilla.org/security/advisories/mfsa2016-35/
https://www.mozilla.org/security/advisories/mfsa2016-36/
https://hg.mozilla.org/projects/nss/rev/b9a31471759d
https://hg.mozilla.org/projects/nss/rev/7033b1193c94
985d4d6c-cfbd-11e3-a003-b4b52fce4ce8mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2014-34 Miscellaneous memory safety hazards (rv:29.0 / rv:24.5)

MFSA 2014-35 Privilege escalation through Mozilla Maintenance Service Installer

MFSA 2014-36 Web Audio memory corruption issues

MFSA 2014-37 Out of bounds read while decoding JPG images

MFSA 2014-38 Buffer overflow when using non-XBL object as XBL

MFSA 2014-39 Use-after-free in the Text Track Manager for HTML video

MFSA 2014-41 Out-of-bounds write in Cairo

MFSA 2014-42 Privilege escalation through Web Notification API

MFSA 2014-43 Cross-site scripting (XSS) using history navigations

MFSA 2014-44 Use-after-free in imgLoader while resizing images

MFSA 2014-45 Incorrect IDNA domain name matching for wildcard certificates

MFSA 2014-46 Use-after-free in nsHostResolve

MFSA 2014-47 Debugger can bypass XrayWrappers with JavaScript


Discovery 2014-04-29
Entry 2014-04-29
firefox
< 29.0,1

firefox-esr
< 24.5.0,1

linux-firefox
< 29.0,1

linux-seamonkey
< 2.26

linux-thunderbird
< 24.5.0

seamonkey
< 2.26

thunderbird
< 24.5.0

CVE-2014-1529
CVE-2014-1492
CVE-2014-1518
CVE-2014-1519
CVE-2014-1520
CVE-2014-1522
CVE-2014-1523
CVE-2014-1524
CVE-2014-1525
CVE-2014-1526
CVE-2014-1527
CVE-2014-1528
CVE-2014-1530
CVE-2014-1531
CVE-2014-1532
https://www.mozilla.org/security/announce/2014/mfsa2014-34.html
https://www.mozilla.org/security/announce/2014/mfsa2014-35.html
https://www.mozilla.org/security/announce/2014/mfsa2014-36.html
https://www.mozilla.org/security/announce/2014/mfsa2014-37.html
https://www.mozilla.org/security/announce/2014/mfsa2014-38.html
https://www.mozilla.org/security/announce/2014/mfsa2014-39.html
https://www.mozilla.org/security/announce/2014/mfsa2014-41.html
https://www.mozilla.org/security/announce/2014/mfsa2014-42.html
https://www.mozilla.org/security/announce/2014/mfsa2014-43.html
https://www.mozilla.org/security/announce/2014/mfsa2014-44.html
https://www.mozilla.org/security/announce/2014/mfsa2014-45.html
https://www.mozilla.org/security/announce/2014/mfsa2014-46.html
https://www.mozilla.org/security/announce/2014/mfsa2014-47.html
http://www.mozilla.org/security/known-vulnerabilities/
76ff65f4-17ca-4d3f-864a-a3d6026194fbmozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA-2015-28 Privilege escalation through SVG navigation

MFSA-2015-29 Code execution through incorrect JavaScript bounds checking elimination


Discovery 2015-03-20
Entry 2015-03-22
firefox
< 36.0.4,1

firefox-esr
< 31.5.3,1

linux-firefox
< 36.0.4,1

linux-seamonkey
< 2.33.1

seamonkey
< 2.33.1

libxul
< 31.5.3

CVE-2015-0817
CVE-2015-0818
https://www.mozilla.org/security/advisories/mfsa2015-28/
https://www.mozilla.org/security/advisories/mfsa2015-29/
https://www.mozilla.org/security/advisories/
bd62c640-9bb9-11e4-a5ad-000c297fb80fmozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA-2015-01 Miscellaneous memory safety hazards (rv:35.0 / rv:31.4)

MFSA-2015-02 Uninitialized memory use during bitmap rendering

MFSA-2015-03 sendBeacon requests lack an Origin header

MFSA-2015-04 Cookie injection through Proxy Authenticate responses

MFSA-2015-05 Read of uninitialized memory in Web Audio

MFSA-2015-06 Read-after-free in WebRTC

MFSA-2015-07 Gecko Media Plugin sandbox escape

MFSA-2015-08 Delegated OCSP responder certificates failure with id-pkix-ocsp-nocheck extension

MFSA-2015-09 XrayWrapper bypass through DOM objects


Discovery 2015-01-13
Entry 2015-01-14
firefox
< 35.0,1

firefox-esr
< 31.4.0,1

linux-firefox
< 35.0,1

linux-seamonkey
< 2.32

linux-thunderbird
< 31.4.0

seamonkey
< 2.32

thunderbird
< 31.4.0

libxul
< 31.4.0

CVE-2014-8634
CVE-2014-8635
CVE-2014-8637
CVE-2014-8638
CVE-2014-8639
CVE-2014-8640
CVE-2014-8641
CVE-2014-8642
CVE-2014-8643
CVE-2014-8636
https://www.mozilla.org/en-US/security/advisories/mfsa2015-01/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-02/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-03/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-04/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-05/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-06/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-07/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-08/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-09/
https://www.mozilla.org/security/advisories/
2b8cad90-f289-11e1-a215-14dae9ebcf89mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2012-57 Miscellaneous memory safety hazards (rv:15.0/ rv:10.0.7)

MFSA 2012-58 Use-after-free issues found using Address Sanitizer

MFSA 2012-59 Location object can be shadowed using Object.defineProperty

MFSA 2012-60 Escalation of privilege through about:newtab

MFSA 2012-61 Memory corruption with bitmap format images with negative height

MFSA 2012-62 WebGL use-after-free and memory corruption

MFSA 2012-63 SVG buffer overflow and use-after-free issues

MFSA 2012-64 Graphite 2 memory corruption

MFSA 2012-65 Out-of-bounds read in format-number in XSLT

MFSA 2012-66 HTTPMonitor extension allows for remote debugging without explicit activation

MFSA 2012-67 Installer will launch incorrect executable following new installation

MFSA 2012-68 DOMParser loads linked resources in extensions when parsing text/html

MFSA 2012-69 Incorrect site SSL certificate data display

MFSA 2012-70 Location object security checks bypassed by chrome code

MFSA 2012-71 Insecure use of __android_log_print

MFSA 2012-72 Web console eval capable of executing chrome-privileged code


Discovery 2012-08-28
Entry 2012-08-30
firefox
gt 11.0,1 lt 15.0,1

< 10.0.7,1

linux-firefox
< 10.0.7,1

linux-seamonkey
< 2.12

linux-thunderbird
< 10.0.7

seamonkey
< 2.12

thunderbird
gt 11.0 lt 15.0

< 10.0.7

libxul
gt 1.9.2.* lt 10.0.7

CVE-2012-1956
CVE-2012-1970
CVE-2012-1971
CVE-2012-1972
CVE-2012-1973
CVE-2012-1974
CVE-2012-1975
CVE-2012-1976
CVE-2012-3956
CVE-2012-3957
CVE-2012-3958
CVE-2012-3959
CVE-2012-3960
CVE-2012-3961
CVE-2012-3962
CVE-2012-3963
CVE-2012-3964
CVE-2012-3965
CVE-2012-3966
CVE-2012-3967
CVE-2012-3968
CVE-2012-3969
CVE-2012-3970
CVE-2012-3971
CVE-2012-3972
CVE-2012-3973
CVE-2012-3974
CVE-2012-3975
CVE-2012-3976
CVE-2012-3978
CVE-2012-3979
CVE-2012-3980
http://www.mozilla.org/security/known-vulnerabilities/
http://www.mozilla.org/security/announce/2012/mfsa2012-57.html
http://www.mozilla.org/security/announce/2012/mfsa2012-58.html
http://www.mozilla.org/security/announce/2012/mfsa2012-59.html
http://www.mozilla.org/security/announce/2012/mfsa2012-60.html
http://www.mozilla.org/security/announce/2012/mfsa2012-61.html
http://www.mozilla.org/security/announce/2012/mfsa2012-62.html
http://www.mozilla.org/security/announce/2012/mfsa2012-63.html
http://www.mozilla.org/security/announce/2012/mfsa2012-64.html
http://www.mozilla.org/security/announce/2012/mfsa2012-65.html
http://www.mozilla.org/security/announce/2012/mfsa2012-66.html
http://www.mozilla.org/security/announce/2012/mfsa2012-67.html
http://www.mozilla.org/security/announce/2012/mfsa2012-68.html
http://www.mozilla.org/security/announce/2012/mfsa2012-69.html
http://www.mozilla.org/security/announce/2012/mfsa2012-70.html
http://www.mozilla.org/security/announce/2012/mfsa2012-71.html
http://www.mozilla.org/security/announce/2012/mfsa2012-72.html
bfecf7c1-af47-11e1-9580-4061862b8c22mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2012-34 Miscellaneous memory safety hazards (rv:13.0/ rv:10.0.5)

MFSA 2012-36 Content Security Policy inline-script bypass

MFSA 2012-37 Information disclosure though Windows file shares and shortcut files

MFSA 2012-38 Use-after-free while replacing/inserting a node in a document

MFSA 2012-39 NSS parsing errors with zero length items

MFSA 2012-40 Buffer overflow and use-after-free issues found using Address Sanitizer


Discovery 2012-06-05
Entry 2012-06-05
firefox
gt 11.0,1 lt 13.0,1

< 10.0.5,1

linux-firefox
< 10.0.5,1

linux-seamonkey
< 2.10

linux-thunderbird
< 10.0.5

seamonkey
< 2.10

thunderbird
gt 11.0 lt 13.0

< 10.0.5

libxul
gt 1.9.2.* lt 10.0.5

CVE-2011-3101
CVE-2012-0441
CVE-2012-1938
CVE-2012-1939
CVE-2012-1937
CVE-2012-1940
CVE-2012-1941
CVE-2012-1944
CVE-2012-1945
CVE-2012-1946
CVE-2012-1947
http://www.mozilla.org/security/known-vulnerabilities/
http://www.mozilla.org/security/announce/2012/mfsa2012-34.html
http://www.mozilla.org/security/announce/2012/mfsa2012-36.html
http://www.mozilla.org/security/announce/2012/mfsa2012-37.html
http://www.mozilla.org/security/announce/2012/mfsa2012-38.html
http://www.mozilla.org/security/announce/2012/mfsa2012-39.html
http://www.mozilla.org/security/announce/2012/mfsa2012-40.html
d23119df-335d-11e2-b64c-c8600054b392mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2012-91 Miscellaneous memory safety hazards (rv:17.0/ rv:10.0.11)

MFSA 2012-92 Buffer overflow while rendering GIF images

MFSA 2012-93 evalInSanbox location context incorrectly applied

MFSA 2012-94 Crash when combining SVG text on path with CSS

MFSA 2012-95 Javascript: URLs run in privileged context on New Tab page

MFSA 2012-96 Memory corruption in str_unescape

MFSA 2012-97 XMLHttpRequest inherits incorrect principal within sandbox

MFSA 2012-98 Firefox installer DLL hijacking

MFSA 2012-99 XrayWrappers exposes chrome-only properties when not in chrome compartment

MFSA 2012-100 Improper security filtering for cross-origin wrappers

MFSA 2012-101 Improper character decoding in HZ-GB-2312 charset

MFSA 2012-102 Script entered into Developer Toolbar runs with chrome privileges

MFSA 2012-103 Frames can shadow top.location

MFSA 2012-104 CSS and HTML injection through Style Inspector

MFSA 2012-105 Use-after-free and buffer overflow issues found

MFSA 2012-106 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer


Discovery 2012-11-20
Entry 2012-11-20
firefox
gt 11.0,1 lt 17.0,1

< 10.0.11,1

linux-firefox
< 10.0.11,1

linux-seamonkey
< 2.14

linux-thunderbird
< 10.0.11

seamonkey
< 2.14

thunderbird
gt 11.0 lt 17.0

< 10.0.11

libxul
gt 1.9.2.* lt 10.0.11

CVE-2012-4201
CVE-2012-4202
CVE-2012-4203
CVE-2012-4204
CVE-2012-4205
CVE-2012-4206
CVE-2012-4207
CVE-2012-4208
CVE-2012-4209
CVE-2012-4210
CVE-2012-4212
CVE-2012-4213
CVE-2012-4214
CVE-2012-4215
CVE-2012-4216
CVE-2012-4217
CVE-2012-4218
CVE-2012-5829
CVE-2012-5830
CVE-2012-5833
CVE-2012-5835
CVE-2012-5836
CVE-2012-5837
CVE-2012-5838
CVE-2012-5839
CVE-2012-5840
CVE-2012-5841
CVE-2012-5842
CVE-2012-5843
http://www.mozilla.org/security/announce/2012/mfsa2012-90.html
http://www.mozilla.org/security/announce/2012/mfsa2012-91.html
http://www.mozilla.org/security/announce/2012/mfsa2012-92.html
http://www.mozilla.org/security/announce/2012/mfsa2012-93.html
http://www.mozilla.org/security/announce/2012/mfsa2012-94.html
http://www.mozilla.org/security/announce/2012/mfsa2012-95.html
http://www.mozilla.org/security/announce/2012/mfsa2012-96.html
http://www.mozilla.org/security/announce/2012/mfsa2012-97.html
http://www.mozilla.org/security/announce/2012/mfsa2012-98.html
http://www.mozilla.org/security/announce/2012/mfsa2012-99.html
http://www.mozilla.org/security/announce/2012/mfsa2012-100.html
http://www.mozilla.org/security/announce/2012/mfsa2012-101.html
http://www.mozilla.org/security/announce/2012/mfsa2012-102.html
http://www.mozilla.org/security/announce/2012/mfsa2012-103.html
http://www.mozilla.org/security/announce/2012/mfsa2012-104.html
http://www.mozilla.org/security/announce/2012/mfsa2012-105.html
http://www.mozilla.org/security/announce/2012/mfsa2012-106.html
http://www.mozilla.org/security/known-vulnerabilities/
610de647-af8d-11e3-a25b-b4b52fce4ce8mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2014-15 Miscellaneous memory safety hazards (rv:28.0 / rv:24.4)

MFSA 2014-16 Files extracted during updates are not always read only

MFSA 2014-17 Out of bounds read during WAV file decoding

MFSA 2014-18 crypto.generateCRMFRequest does not validate type of key

MFSA 2014-19 Spoofing attack on WebRTC permission prompt

MFSA 2014-20 onbeforeunload and Javascript navigation DOS

MFSA 2014-21 Local file access via Open Link in new tab

MFSA 2014-22 WebGL content injection from one domain to rendering in another

MFSA 2014-23 Content Security Policy for data: documents not preserved by session restore

MFSA 2014-24 Android Crash Reporter open to manipulation

MFSA 2014-25 Firefox OS DeviceStorageFile object vulnerable to relative path escape

MFSA 2014-26 Information disclosure through polygon rendering in MathML

MFSA 2014-27 Memory corruption in Cairo during PDF font rendering

MFSA 2014-28 SVG filters information disclosure through feDisplacementMap

MFSA 2014-29 Privilege escalation using WebIDL-implemented APIs

MFSA 2014-30 Use-after-free in TypeObject

MFSA 2014-31 Out-of-bounds read/write through neutering ArrayBuffer objects

MFSA 2014-32 Out-of-bounds write through TypedArrayObject after neutering


Discovery 2014-03-19
Entry 2014-03-19
Modified 2014-03-20
firefox
< 28.0,1

firefox-esr
< 24.4.0,1

linux-firefox
< 28.0,1

linux-seamonkey
< 2.25

linux-thunderbird
< 24.4.0

seamonkey
< 2.25

thunderbird
< 24.4.0

CVE-2014-1493
CVE-2014-1494
CVE-2014-1496
CVE-2014-1497
CVE-2014-1498
CVE-2014-1499
CVE-2014-1500
CVE-2014-1501
CVE-2014-1502
CVE-2014-1504
CVE-2014-1505
CVE-2014-1506
CVE-2014-1507
CVE-2014-1508
CVE-2014-1509
CVE-2014-1510
CVE-2014-1511
CVE-2014-1512
CVE-2014-1513
CVE-2014-1514
https://www.mozilla.org/security/announce/2014/mfsa2014-15.html
https://www.mozilla.org/security/announce/2014/mfsa2014-16.html
https://www.mozilla.org/security/announce/2014/mfsa2014-17.html
https://www.mozilla.org/security/announce/2014/mfsa2014-18.html
https://www.mozilla.org/security/announce/2014/mfsa2014-19.html
https://www.mozilla.org/security/announce/2014/mfsa2014-20.html
https://www.mozilla.org/security/announce/2014/mfsa2014-21.html
https://www.mozilla.org/security/announce/2014/mfsa2014-22.html
https://www.mozilla.org/security/announce/2014/mfsa2014-23.html
https://www.mozilla.org/security/announce/2014/mfsa2014-24.html
https://www.mozilla.org/security/announce/2014/mfsa2014-25.html
https://www.mozilla.org/security/announce/2014/mfsa2014-26.html
https://www.mozilla.org/security/announce/2014/mfsa2014-27.html
https://www.mozilla.org/security/announce/2014/mfsa2014-28.html
https://www.mozilla.org/security/announce/2014/mfsa2014-29.html
https://www.mozilla.org/security/announce/2014/mfsa2014-30.html
https://www.mozilla.org/security/announce/2014/mfsa2014-31.html
https://www.mozilla.org/security/announce/2014/mfsa2014-32.html
http://www.mozilla.org/security/known-vulnerabilities/
6cec1b0a-da15-467d-8691-1dea392d4c8dmozilla -- multiple vulnerabilities

Mozilla Foundation reports:

Please reference CVE/URL list for details


Discovery 2017-06-13
Entry 2017-06-13
Modified 2017-09-19
firefox
< 54.0,1

seamonkey
linux-seamonkey
< 2.49.1

firefox-esr
< 52.2.0,1

linux-firefox
< 52.2.0,2

libxul
thunderbird
linux-thunderbird
< 52.2.0

CVE-2017-5470
CVE-2017-5471
CVE-2017-5472
CVE-2017-7749
CVE-2017-7750
CVE-2017-7751
CVE-2017-7752
CVE-2017-7754
CVE-2017-7755
CVE-2017-7756
CVE-2017-7757
CVE-2017-7758
CVE-2017-7759
CVE-2017-7760
CVE-2017-7761
CVE-2017-7762
CVE-2017-7763
CVE-2017-7764
CVE-2017-7765
CVE-2017-7766
CVE-2017-7767
CVE-2017-7768
CVE-2017-7778
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/
https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/
75091516-6f4b-4059-9884-6727023dc366NSS -- multiple vulnerabilities

Mozilla Foundation reports:

Security researcher Hanno Böck reported that calculations with mp_div and mp_exptmod in Network Security Services (NSS) can produce wrong results in some circumstances. These functions are used within NSS for a variety of cryptographic division functions, leading to potential cryptographic weaknesses.

Mozilla developer Eric Rescorla reported that a failed allocation during DHE and ECDHE handshakes would lead to a use-after-free vulnerability.


Discovery 2016-01-26
Entry 2016-03-08
nss
linux-c6-nss
< 3.21

linux-firefox
< 44.0,1

linux-seamonkey
< 2.41

CVE-2016-1938
CVE-2016-1978
https://www.mozilla.org/security/advisories/mfsa2016-07/
https://www.mozilla.org/security/advisories/mfsa2016-15/
https://hg.mozilla.org/projects/nss/rev/a555bf0fc23a
https://hg.mozilla.org/projects/nss/rev/a245a4ccd354
6b3b1b97-207c-11e2-a03f-c8600054b392mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2012-90 Fixes for Location object issues


Discovery 2012-10-26
Entry 2012-10-27
firefox
gt 11.0,1 lt 16.0.2,1

< 10.0.10,1

linux-firefox
< 10.0.10,1

linux-seamonkey
< 2.13.2

linux-thunderbird
< 10.0.10

seamonkey
< 2.13.2

thunderbird
gt 11.0 lt 16.0.2

< 10.0.10

libxul
gt 1.9.2.* lt 10.0.10

CVE-2012-4194
CVE-2012-4195
CVE-2012-4196
http://www.mozilla.org/security/known-vulnerabilities/
http://www.mozilla.org/security/announce/2012/mfsa2012-90.html
1098a15b-b0f6-42b7-b5c7-8a8646e8be07mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2017-7793: Use-after-free with Fetch API

CVE-2017-7817: Firefox for Android address bar spoofing through fullscreen mode

CVE-2017-7818: Use-after-free during ARIA array manipulation

CVE-2017-7819: Use-after-free while resizing images in design mode

CVE-2017-7824: Buffer overflow when drawing and validating elements with ANGLE

CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes

CVE-2017-7812: Drag and drop of malicious page content to the tab bar can open locally stored files

CVE-2017-7814: Blob and data URLs bypass phishing and malware protection warnings

CVE-2017-7813: Integer truncation in the JavaScript parser

CVE-2017-7825: OS X fonts render some Tibetan and Arabic unicode characters as spaces

CVE-2017-7815: Spoofing attack with modal dialogs on non-e10s installations

CVE-2017-7816: WebExtensions can load about: URLs in extension UI

CVE-2017-7821: WebExtensions can download and open non-executable files without user interaction

CVE-2017-7823: CSP sandbox directive did not create a unique origin

CVE-2017-7822: WebCrypto allows AES-GCM with 0-length IV

CVE-2017-7820: Xray wrapper bypass with new tab and web console

CVE-2017-7811: Memory safety bugs fixed in Firefox 56

CVE-2017-7810: Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4


Discovery 2017-09-28
Entry 2017-09-29
Modified 2017-10-03
firefox
< 56.0,1

seamonkey
linux-seamonkey
< 2.49.1

firefox-esr
< 52.4.0,1

linux-firefox
< 52.4.0,2

libxul
thunderbird
linux-thunderbird
< 52.4.0

CVE-2017-7793
CVE-2017-7805
CVE-2017-7810
CVE-2017-7811
CVE-2017-7812
CVE-2017-7813
CVE-2017-7814
CVE-2017-7815
CVE-2017-7816
CVE-2017-7817
CVE-2017-7818
CVE-2017-7819
CVE-2017-7820
CVE-2017-7821
CVE-2017-7822
CVE-2017-7823
CVE-2017-7824
CVE-2017-7825
https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/
https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/
5e0a038a-ca30-416d-a2f5-38cbf5e7df33mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

Please reference CVE/URL list for details


Discovery 2017-04-19
Entry 2017-04-19
Modified 2017-09-19
firefox
< 53.0_2,1

seamonkey
linux-seamonkey
< 2.49.1

firefox-esr
ge 46.0,1 lt 52.1.0_2,1

< 45.9.0,1

linux-firefox
ge 46.0,2 lt 52.1.0,2

< 45.9.0,2

libxul
ge 46.0 lt 52.1.0

< 45.9.0

thunderbird
linux-thunderbird
ge 46.0 lt 52.1.0

< 45.9.0

CVE-2017-5433
CVE-2017-5435
CVE-2017-5436
CVE-2017-5461
CVE-2017-5459
CVE-2017-5466
CVE-2017-5434
CVE-2017-5432
CVE-2017-5460
CVE-2017-5438
CVE-2017-5439
CVE-2017-5440
CVE-2017-5441
CVE-2017-5442
CVE-2017-5464
CVE-2017-5443
CVE-2017-5444
CVE-2017-5446
CVE-2017-5447
CVE-2017-5465
CVE-2017-5448
CVE-2017-5437
CVE-2017-5454
CVE-2017-5455
CVE-2017-5456
CVE-2017-5469
CVE-2017-5445
CVE-2017-5449
CVE-2017-5450
CVE-2017-5451
CVE-2017-5462
CVE-2017-5463
CVE-2017-5467
CVE-2017-5452
CVE-2017-5453
CVE-2017-5458
CVE-2017-5468
CVE-2017-5430
CVE-2017-5429
https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/
https://www.mozilla.org/en-US/security/advisories/mfsa2017-11/
https://www.mozilla.org/en-US/security/advisories/mfsa2017-12/
d0c97697-df2c-4b8b-bff2-cec24dc35af8mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA-2015-30 Miscellaneous memory safety hazards (rv:37.0 / rv:31.6)

MFSA-2015-31 Use-after-free when using the Fluendo MP3 GStreamer plugin

MFSA-2015-32 Add-on lightweight theme installation approval bypassed through MITM attack

MFSA-2015-33 resource:// documents can load privileged pages

MFSA-2015-34 Out of bounds read in QCMS library

MFSA-2015-35 Cursor clickjacking with flash and images

MFSA-2015-36 Incorrect memory management for simple-type arrays in WebRTC

MFSA-2015-37 CORS requests should not follow 30x redirections after preflight

MFSA-2015-38 Memory corruption crashes in Off Main Thread Compositing

MFSA-2015-39 Use-after-free due to type confusion flaws

MFSA-2015-40 Same-origin bypass through anchor navigation

MFSA-2015-41 PRNG weakness allows for DNS poisoning on Android

MFSA-2015-42 Windows can retain access to privileged content on navigation to unprivileged pages


Discovery 2015-03-31
Entry 2015-03-31
firefox
< 37.0,1

firefox-esr
< 31.6.0,1

linux-firefox
< 37.0,1

linux-seamonkey
< 2.34

linux-thunderbird
< 31.6.0

seamonkey
< 2.34

thunderbird
< 31.6.0

libxul
< 31.6.0

CVE-2012-2808
CVE-2015-0800
CVE-2015-0801
CVE-2015-0802
CVE-2015-0803
CVE-2015-0804
CVE-2015-0805
CVE-2015-0806
CVE-2015-0807
CVE-2015-0808
CVE-2015-0810
CVE-2015-0811
CVE-2015-0812
CVE-2015-0813
CVE-2015-0814
CVE-2015-0815
CVE-2015-0816
https://www.mozilla.org/security/advisories/mfsa2015-30/
https://www.mozilla.org/security/advisories/mfsa2015-31/
https://www.mozilla.org/security/advisories/mfsa2015-32/
https://www.mozilla.org/security/advisories/mfsa2015-33/
https://www.mozilla.org/security/advisories/mfsa2015-34/
https://www.mozilla.org/security/advisories/mfsa2015-35/
https://www.mozilla.org/security/advisories/mfsa2015-36/
https://www.mozilla.org/security/advisories/mfsa2015-37/
https://www.mozilla.org/security/advisories/mfsa2015-38/
https://www.mozilla.org/security/advisories/mfsa2015-39/
https://www.mozilla.org/security/advisories/mfsa2015-40/
https://www.mozilla.org/security/advisories/mfsa2015-41/
https://www.mozilla.org/security/advisories/mfsa2015-42/
https://www.mozilla.org/security/advisories/
7ae61870-9dd2-4884-a2f2-f19bb5784d09mozilla -- multiple vulnerabilities

The Mozilla Project reports:

ASN.1 DER decoding of lengths is too permissive, allowing undetected smuggling of arbitrary data

MFSA-2014-90 Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory

MFSA-2014-89 Bad casting from the BasicThebesLayer to BasicContainerLayer

MFSA-2014-88 Buffer overflow while parsing media content

MFSA-2014-87 Use-after-free during HTML5 parsing

MFSA-2014-86 CSP leaks redirect data via violation reports

MFSA-2014-85 XMLHttpRequest crashes with some input streams

MFSA-2014-84 XBL bindings accessible via improper CSS declarations

MFSA-2014-83 Miscellaneous memory safety hazards (rv:34.0 / rv:31.3)


Discovery 2014-12-01
Entry 2014-12-02
firefox
< 34.0,1

firefox-esr
< 31.3.0,1

linux-firefox
< 34.0,1

linux-seamonkey
< 2.31

linux-thunderbird
< 31.3.0

seamonkey
< 2.31

thunderbird
< 31.3.0

libxul
< 31.3.0

nss
< 3.17.3

CVE-2014-1587
CVE-2014-1588
CVE-2014-1589
CVE-2014-1590
CVE-2014-1591
CVE-2014-1592
CVE-2014-1593
CVE-2014-1594
CVE-2014-1595
CVE-2014-1569
https://www.mozilla.org/security/advisories/mfsa2014-83
https://www.mozilla.org/security/advisories/mfsa2014-84
https://www.mozilla.org/security/advisories/mfsa2014-85
https://www.mozilla.org/security/advisories/mfsa2014-86
https://www.mozilla.org/security/advisories/mfsa2014-87
https://www.mozilla.org/security/advisories/mfsa2014-88
https://www.mozilla.org/security/advisories/mfsa2014-89
https://www.mozilla.org/security/advisories/mfsa2014-90
https://www.mozilla.org/security/advisories/
b1f7d52f-fc42-48e8-8403-87d4c9d26229mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2018-18500: Use-after-free parsing HTML5 stream

CVE-2018-18503: Memory corruption with Audio Buffer

CVE-2018-18504: Memory corruption and out-of-bounds read of texture client buffer

CVE-2018-18505: Privilege escalation through IPC channel messages

CVE-2018-18506: Proxy Auto-Configuration file can define localhost access to be proxied

CVE-2018-18502: Memory safety bugs fixed in Firefox 65

CVE-2018-18501: Memory safety bugs fixed in Firefox 65 and Firefox ESR 60.5


Discovery 2019-01-29
Entry 2019-01-29
Modified 2019-07-23
firefox
< 65.0_1,1

waterfox
< 56.2.7

seamonkey
linux-seamonkey
< 2.53.0

firefox-esr
< 60.5.0_1,1

linux-firefox
< 60.5.0,2

libxul
thunderbird
linux-thunderbird
< 60.5.0

CVE-2018-18500
CVE-2018-18501
CVE-2018-18502
CVE-2018-18503
CVE-2018-18504
CVE-2018-18505
CVE-2018-18506
https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/
https://www.mozilla.org/en-US/security/advisories/mfsa2019-02/
2c2d1c39-1396-459a-91f5-ca03ee7c64c6mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2015-134 Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)

MFSA 2015-135 Crash with JavaScript variable assignment with unboxed objects

MFSA 2015-136 Same-origin policy violation using perfomance.getEntries and history navigation

MFSA 2015-137 Firefox allows for control characters to be set in cookies

MFSA 2015-138 Use-after-free in WebRTC when datachannel is used after being destroyed

MFSA 2015-139 Integer overflow allocating extremely large textures

MFSA 2015-140 Cross-origin information leak through web workers error events

MFSA 2015-141 Hash in data URI is incorrectly parsed

MFSA 2015-142 DOS due to malformed frames in HTTP/2

MFSA 2015-143 Linux file chooser crashes on malformed images due to flaws in Jasper library

MFSA 2015-144 Buffer overflows found through code inspection

MFSA 2015-145 Underflow through code inspection

MFSA 2015-146 Integer overflow in MP4 playback in 64-bit versions

MFSA 2015-147 Integer underflow and buffer overflow processing MP4 metadata in libstagefright

MFSA 2015-148 Privilege escalation vulnerabilities in WebExtension APIs

MFSA 2015-149 Cross-site reading attack through data and view-source URIs


Discovery 2015-12-15
Entry 2015-12-15
firefox
< 43.0,1

linux-firefox
< 43.0,1

seamonkey
< 2.40

linux-seamonkey
< 2.40

firefox-esr
< 38.5.0,1

libxul
< 38.5.0

thunderbird
< 38.5.0

linux-thunderbird
< 38.5.0

CVE-2015-7201
CVE-2015-7202
CVE-2015-7203
CVE-2015-7204
CVE-2015-7205
CVE-2015-7207
CVE-2015-7208
CVE-2015-7210
CVE-2015-7211
CVE-2015-7212
CVE-2015-7213
CVE-2015-7214
CVE-2015-7215
CVE-2015-7216
CVE-2015-7217
CVE-2015-7218
CVE-2015-7219
CVE-2015-7220
CVE-2015-7221
CVE-2015-7222
CVE-2015-7223
https://www.mozilla.org/security/advisories/mfsa2015-134/
https://www.mozilla.org/security/advisories/mfsa2015-135/
https://www.mozilla.org/security/advisories/mfsa2015-136/
https://www.mozilla.org/security/advisories/mfsa2015-137/
https://www.mozilla.org/security/advisories/mfsa2015-138/
https://www.mozilla.org/security/advisories/mfsa2015-139/
https://www.mozilla.org/security/advisories/mfsa2015-140/
https://www.mozilla.org/security/advisories/mfsa2015-141/
https://www.mozilla.org/security/advisories/mfsa2015-142/
https://www.mozilla.org/security/advisories/mfsa2015-143/
https://www.mozilla.org/security/advisories/mfsa2015-144/
https://www.mozilla.org/security/advisories/mfsa2015-145/
https://www.mozilla.org/security/advisories/mfsa2015-146/
https://www.mozilla.org/security/advisories/mfsa2015-147/
https://www.mozilla.org/security/advisories/mfsa2015-148/
https://www.mozilla.org/security/advisories/mfsa2015-149/
92d44f83-a7bf-41cf-91ee-3d1b8ecf579fmozilla -- multiple vulnerabilities

Mozilla Foundation reports:

MFSA 2016-39 Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8)

MFSA 2016-42 Use-after-free and buffer overflow in Service Workers

MFSA 2016-44 Buffer overflow in libstagefright with CENC offsets

MFSA 2016-45 CSP not applied to pages sent with multipart/x-mixed-replace

MFSA 2016-46 Elevation of privilege with chrome.tabs.update API in web extensions

MFSA 2016-47 Write to invalid HashMap entry through JavaScript.watch()

MFSA 2016-48 Firefox Health Reports could accept events from untrusted domains


Discovery 2016-04-26
Entry 2016-04-26
firefox
linux-firefox
< 46.0,1

seamonkey
linux-seamonkey
< 2.43

firefox-esr
ge 39.0,1 lt 45.1.0,1

< 38.8.0,1

libxul
thunderbird
linux-thunderbird
ge 39.0 lt 45.1.0

< 38.8.0

CVE-2016-2804
CVE-2016-2805
CVE-2016-2806
CVE-2016-2807
CVE-2016-2808
CVE-2016-2811
CVE-2016-2812
CVE-2016-2814
CVE-2016-2816
CVE-2016-2817
CVE-2016-2820
https://www.mozilla.org/security/advisories/mfsa2016-39/
https://www.mozilla.org/security/advisories/mfsa2016-42/
https://www.mozilla.org/security/advisories/mfsa2016-44/
https://www.mozilla.org/security/advisories/mfsa2016-45/
https://www.mozilla.org/security/advisories/mfsa2016-46/
https://www.mozilla.org/security/advisories/mfsa2016-47/
https://www.mozilla.org/security/advisories/mfsa2016-48/
8065d37b-8e7c-4707-a608-1b0a2b8509c3mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

MFSA 2016-49 Miscellaneous memory safety hazards (rv:47.0 / rv:45.2)

MFSA 2016-50 Buffer overflow parsing HTML5 fragments

MFSA 2016-51 Use-after-free deleting tables from a contenteditable document

MFSA 2016-52 Addressbar spoofing though the SELECT element

MFSA 2016-54 Partial same-origin-policy through setting location.host through data URI

MFSA 2016-56 Use-after-free when textures are used in WebGL operations after recycle pool destruction

MFSA 2016-57 Incorrect icon displayed on permissions notifications

MFSA 2016-58 Entering fullscreen and persistent pointerlock without user permission

MFSA 2016-59 Information disclosure of disabled plugins through CSS pseudo-classes

MFSA 2016-60 Java applets bypass CSP protections


Discovery 2016-06-07
Entry 2016-06-07
firefox
< 47.0,1

seamonkey
linux-seamonkey
< 2.44

firefox-esr
< 45.2.0,1

linux-firefox
< 45.2.0,2

libxul
thunderbird
linux-thunderbird
< 45.2.0

CVE-2016-2815
CVE-2016-2818
CVE-2016-2819
CVE-2016-2821
CVE-2016-2822
CVE-2016-2825
CVE-2016-2828
CVE-2016-2829
CVE-2016-2831
CVE-2016-2832
CVE-2016-2833
https://www.mozilla.org/security/advisories/mfsa2016-49/
https://www.mozilla.org/security/advisories/mfsa2016-50/
https://www.mozilla.org/security/advisories/mfsa2016-51/
https://www.mozilla.org/security/advisories/mfsa2016-52/
https://www.mozilla.org/security/advisories/mfsa2016-54/
https://www.mozilla.org/security/advisories/mfsa2016-56/
https://www.mozilla.org/security/advisories/mfsa2016-57/
https://www.mozilla.org/security/advisories/mfsa2016-58/
https://www.mozilla.org/security/advisories/mfsa2016-59/
https://www.mozilla.org/security/advisories/mfsa2016-60/
adffe823-e692-4921-ae9c-0b825c218372graphite2 -- multiple vulnerabilities

Mozilla Foundation reports:

Security researcher Holger Fuhrmannek and Mozilla security engineer Tyson Smith reported a number of security vulnerabilities in the Graphite 2 library affecting version 1.3.5. The issue reported by Holger Fuhrmannek is a mechanism to induce stack corruption with a malicious graphite font. This leads to a potentially exploitable crash when the font is loaded. Tyson Smith used the Address Sanitizer tool in concert with a custom software fuzzer to find a series of uninitialized memory, out-of-bounds read, and out-of-bounds write errors when working with fuzzed graphite fonts.

Security researcher James Clawson used the Address Sanitizer tool to discover an out-of-bounds write in the Graphite 2 library when loading a crafted Graphite font file. This results in a potentially exploitable crash.


Discovery 2016-03-08
Entry 2016-03-08
Modified 2016-03-14
graphite2
< 1.3.6

linux-firefox
< 45.0,1

linux-thunderbird
< 38.7.0

linux-seamonkey
< 2.42

https://www.mozilla.org/security/advisories/mfsa2016-37/
https://www.mozilla.org/security/advisories/mfsa2016-38/
CVE-2016-1969
CVE-2016-1977
CVE-2016-2790
CVE-2016-2791
CVE-2016-2792
CVE-2016-2793
CVE-2016-2794
CVE-2016-2795
CVE-2016-2796
CVE-2016-2797
CVE-2016-2798
CVE-2016-2799
CVE-2016-2800
CVE-2016-2801
CVE-2016-2802
e60169c4-aa86-46b0-8ae2-0d81f683df09mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

Please reference CVE/URL list for details


Discovery 2017-01-24
Entry 2017-01-24
firefox
< 51.0_1,1

seamonkey
linux-seamonkey
< 2.48

firefox-esr
< 45.7.0,1

linux-firefox
< 45.7.0,2

libxul
thunderbird
linux-thunderbird
< 45.7.0

CVE-2017-5373
CVE-2017-5374
CVE-2017-5375
CVE-2017-5376
CVE-2017-5377
CVE-2017-5378
CVE-2017-5379
CVE-2017-5380
CVE-2017-5381
CVE-2017-5382
CVE-2017-5383
CVE-2017-5384
CVE-2017-5385
CVE-2017-5386
CVE-2017-5387
CVE-2017-5388
CVE-2017-5389
CVE-2017-5390
CVE-2017-5391
CVE-2017-5392
CVE-2017-5393
CVE-2017-5394
CVE-2017-5395
CVE-2017-5396
https://www.mozilla.org/security/advisories/mfsa2017-01/
https://www.mozilla.org/security/advisories/mfsa2017-02/
94976433-9c74-11e2-a9fc-d43d7e0c7c02mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2013-30 Miscellaneous memory safety hazards (rv:20.0 / rv:17.0.5)

MFSA 2013-31 Out-of-bounds write in Cairo library

MFSA 2013-32 Privilege escalation through Mozilla Maintenance Service

MFSA 2013-33 World read and write access to app_tmp directory on Android

MFSA 2013-34 Privilege escalation through Mozilla Updater

MFSA 2013-35 WebGL crash with Mesa graphics driver on Linux

MFSA 2013-36 Bypass of SOW protections allows cloning of protected nodes

MFSA 2013-37 Bypass of tab-modal dialog origin disclosure

MFSA 2013-38 Cross-site scripting (XSS) using timed history navigations

MFSA 2013-39 Memory corruption while rendering grayscale PNG images

MFSA 2013-40 Out-of-bounds array read in CERT_DecodeCertPackage


Discovery 2013-04-02
Entry 2013-04-03
Modified 2013-04-08
firefox
gt 18.0,1 lt 20.0,1

< 17.0.5,1

linux-firefox
< 17.0.5,1

linux-seamonkey
< 2.17

linux-thunderbird
< 17.0.5

seamonkey
< 2.17

thunderbird
gt 11.0 lt 17.0.5

CVE-2013-0788
CVE-2013-0789
CVE-2013-0790
CVE-2013-0791
CVE-2013-0792
CVE-2013-0793
CVE-2013-0794
CVE-2013-0795
CVE-2013-0796
CVE-2013-0797
CVE-2013-0798
CVE-2013-0799
CVE-2013-0800
http://www.mozilla.org/security/announce/2013/mfsa2013-30.html
http://www.mozilla.org/security/announce/2013/mfsa2013-31.html
http://www.mozilla.org/security/announce/2013/mfsa2013-32.html
http://www.mozilla.org/security/announce/2013/mfsa2013-33.html
http://www.mozilla.org/security/announce/2013/mfsa2013-34.html
http://www.mozilla.org/security/announce/2013/mfsa2013-35.html
http://www.mozilla.org/security/announce/2013/mfsa2013-36.html
http://www.mozilla.org/security/announce/2013/mfsa2013-37.html
http://www.mozilla.org/security/announce/2013/mfsa2013-38.html
http://www.mozilla.org/security/announce/2013/mfsa2013-39.html
http://www.mozilla.org/security/announce/2013/mfsa2013-40.html
http://www.mozilla.org/security/known-vulnerabilities/
2225c5b4-1e5a-44fc-9920-b3201c384a15mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

MFSA 2016-16 Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)

MFSA 2016-17 Local file overwriting and potential privilege escalation through CSP reports

MFSA 2016-18 CSP reports fail to strip location information for embedded iframe pages

MFSA 2016-19 Linux video memory DOS with Intel drivers

MFSA 2016-20 Memory leak in libstagefright when deleting an array during MP4 processing

MFSA 2016-21 Displayed page address can be overridden

MFSA 2016-22 Service Worker Manager out-of-bounds read in Service Worker Manager

MFSA 2016-23 Use-after-free in HTML5 string parser

MFSA 2016-24 Use-after-free in SetBody

MFSA 2016-25 Use-after-free when using multiple WebRTC data channels

MFSA 2016-26 Memory corruption when modifying a file being read by FileReader

MFSA 2016-27 Use-after-free during XML transformations

MFSA 2016-28 Addressbar spoofing though history navigation and Location protocol property

MFSA 2016-29 Same-origin policy violation using perfomance.getEntries and history navigation with session restore

MFSA 2016-31 Memory corruption with malicious NPAPI plugin

MFSA 2016-32 WebRTC and LibVPX vulnerabilities found through code inspection

MFSA 2016-33 Use-after-free in GetStaticInstance in WebRTC

MFSA 2016-34 Out-of-bounds read in HTML parser following a failed allocation


Discovery 2016-03-08
Entry 2016-03-08
Modified 2016-03-08
firefox
linux-firefox
< 45.0,1

seamonkey
linux-seamonkey
< 2.42

firefox-esr
< 38.7.0,1

libxul
thunderbird
linux-thunderbird
< 38.7.0

CVE-2016-1952
CVE-2016-1953
CVE-2016-1954
CVE-2016-1955
CVE-2016-1956
CVE-2016-1957
CVE-2016-1958
CVE-2016-1959
CVE-2016-1960
CVE-2016-1961
CVE-2016-1962
CVE-2016-1963
CVE-2016-1964
CVE-2016-1965
CVE-2016-1966
CVE-2016-1967
CVE-2016-1970
CVE-2016-1971
CVE-2016-1972
CVE-2016-1973
CVE-2016-1974
CVE-2016-1975
CVE-2016-1976
https://www.mozilla.org/security/advisories/mfsa2016-16/
https://www.mozilla.org/security/advisories/mfsa2016-17/
https://www.mozilla.org/security/advisories/mfsa2016-18/
https://www.mozilla.org/security/advisories/mfsa2016-19/
https://www.mozilla.org/security/advisories/mfsa2016-20/
https://www.mozilla.org/security/advisories/mfsa2016-21/
https://www.mozilla.org/security/advisories/mfsa2016-22/
https://www.mozilla.org/security/advisories/mfsa2016-23/
https://www.mozilla.org/security/advisories/mfsa2016-24/
https://www.mozilla.org/security/advisories/mfsa2016-25/
https://www.mozilla.org/security/advisories/mfsa2016-26/
https://www.mozilla.org/security/advisories/mfsa2016-27/
https://www.mozilla.org/security/advisories/mfsa2016-28/
https://www.mozilla.org/security/advisories/mfsa2016-29/
https://www.mozilla.org/security/advisories/mfsa2016-31/
https://www.mozilla.org/security/advisories/mfsa2016-32/
https://www.mozilla.org/security/advisories/mfsa2016-33/
https://www.mozilla.org/security/advisories/mfsa2016-34/
dbf338d0-dce5-11e1-b655-14dae9ebcf89mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2012-42 Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6)

MFSA 2012-43 Incorrect URL displayed in addressbar through drag and drop

MFSA 2012-44 Gecko memory corruption

MFSA 2012-45 Spoofing issue with location

MFSA 2012-46 XSS through data: URLs

MFSA 2012-47 Improper filtering of javascript in HTML feed-view

MFSA 2012-48 use-after-free in nsGlobalWindow::PageHidden

MFSA 2012-49 Same-compartment Security Wrappers can be bypassed

MFSA 2012-50 Out of bounds read in QCMS

MFSA 2012-51 X-Frame-Options header ignored when duplicated

MFSA 2012-52 JSDependentString::undepend string conversion results in memory corruption

MFSA 2012-53 Content Security Policy 1.0 implementation errors cause data leakage

MFSA 2012-54 Clickjacking of certificate warning page

MFSA 2012-55 feed: URLs with an innerURI inherit security context of page

MFSA 2012-56 Code execution through javascript: URLs


Discovery 2012-07-17
Entry 2012-08-02
firefox
gt 11.0,1 lt 14.0.1,1

< 10.0.6,1

linux-firefox
< 10.0.6,1

linux-seamonkey
< 2.11

linux-thunderbird
< 10.0.6

seamonkey
< 2.11

thunderbird
gt 11.0 lt 14.0

< 10.0.6

libxul
gt 1.9.2.* lt 10.0.6

CVE-2012-1949
CVE-2012-1950
CVE-2012-1951
CVE-2012-1952
CVE-2012-1953
CVE-2012-1954
CVE-2012-1955
CVE-2012-1957
CVE-2012-1958
CVE-2012-1959
CVE-2012-1960
CVE-2012-1961
CVE-2012-1962
CVE-2012-1963
CVE-2012-1964
CVE-2012-1965
CVE-2012-1966
CVE-2012-1967
http://www.mozilla.org/security/known-vulnerabilities/
http://www.mozilla.org/security/announce/2012/mfsa2012-42.html
http://www.mozilla.org/security/announce/2012/mfsa2012-43.html
http://www.mozilla.org/security/announce/2012/mfsa2012-44.html
http://www.mozilla.org/security/announce/2012/mfsa2012-45.html
http://www.mozilla.org/security/announce/2012/mfsa2012-46.html
http://www.mozilla.org/security/announce/2012/mfsa2012-47.html
http://www.mozilla.org/security/announce/2012/mfsa2012-48.html
http://www.mozilla.org/security/announce/2012/mfsa2012-49.html
http://www.mozilla.org/security/announce/2012/mfsa2012-50.html
http://www.mozilla.org/security/announce/2012/mfsa2012-51.html
http://www.mozilla.org/security/announce/2012/mfsa2012-52.html
http://www.mozilla.org/security/announce/2012/mfsa2012-53.html
http://www.mozilla.org/security/announce/2012/mfsa2012-54.html
http://www.mozilla.org/security/announce/2012/mfsa2012-55.html
http://www.mozilla.org/security/announce/2012/mfsa2012-56.html
2c57c47e-8bb3-4694-83c8-9fc3abad3964mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2016-2827 - Out-of-bounds read in mozilla::net::IsValidReferrerPolicy [low]

CVE-2016-5256 - Memory safety bugs fixed in Firefox 49 [critical]

CVE-2016-5257 - Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4 [critical]

CVE-2016-5270 - Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString [high]

CVE-2016-5271 - Out-of-bounds read in PropertyProvider::GetSpacingInternal [low]

CVE-2016-5272 - Bad cast in nsImageGeometryMixin [high]

CVE-2016-5273 - crash in mozilla::a11y::HyperTextAccessible::GetChildOffset [high]

CVE-2016-5274 - use-after-free in nsFrameManager::CaptureFrameState [high]

CVE-2016-5275 - global-buffer-overflow in mozilla::gfx::FilterSupport::ComputeSourceNeededRegions [critical]

CVE-2016-5276 - Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList [high]

CVE-2016-5277 - Heap-use-after-free in nsRefreshDriver::Tick [high]

CVE-2016-5278 - Heap-buffer-overflow in nsBMPEncoder::AddImageFrame [critical]

CVE-2016-5279 - Full local path of files is available to web pages after drag and drop [moderate]

CVE-2016-5280 - Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap [high]

CVE-2016-5281 - use-after-free in DOMSVGLength [high]

CVE-2016-5282 - Don't allow content to request favicons from non-whitelisted schemes [moderate]

CVE-2016-5283 -