FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
firefox < 54.0,1
linux-seamonkey < 2.51
seamonkey < 2.51
firefox-esr < 52.2.0,1
linux-firefox < 52.2.0,2
libxul < 52.2.0
linux-thunderbird < 52.2.0
thunderbird < 52.2.0

Details

VuXML ID 6cec1b0a-da15-467d-8691-1dea392d4c8d
Discovery 2017-06-13
Entry 2017-06-13

Mozilla Foundation reports:

CVE-2017-5472: Use-after-free using destroyed node when regenerating trees

CVE-2017-7749: Use-after-free during docshell reloading

CVE-2017-7750: Use-after-free with track elements

CVE-2017-7751: Use-after-free with content viewer listeners

CVE-2017-7752: Use-after-free with IME input

CVE-2017-7754: Out-of-bounds read in WebGL with ImageInfo object

CVE-2017-7755: Privilege escalation through Firefox Installer with same directory DLL files

CVE-2017-7756: Use-after-free and use-after-scope logging XHR header errors

CVE-2017-7757: Use-after-free in IndexedDB

CVE-2017-7778: Vulnerabilities in the Graphite 2 library

CVE-2017-7758: Out-of-bounds read in Opus encoder

CVE-2017-7759: Android intent URLs can cause navigation to local file system

CVE-2017-7760: File manipulation and privilege escalation via callback parameter in Mozilla Windows Updater and Maintenance Service

CVE-2017-7761: File deletion and privilege escalation through Mozilla Maintenance Service helper.exe application

CVE-2017-7762: Addressbar spoofing in Reader mode

CVE-2017-7763: Mac fonts render some unicode characters as spaces

CVE-2017-7764: Domain spoofing with combination of Canadian Syllabics and other unicode blocks

CVE-2017-7765: Mark of the Web bypass when saving executable files

CVE-2017-7766: File execution and privilege escalation through updater.ini, Mozilla Windows Updater, and Mozilla Maintenance Service

CVE-2017-7767: Privilege escalation and arbitrary file overwrites through Mozilla Windows Updater and Mozilla Maintenance Service

CVE-2017-7768: 32 byte arbitrary file read through Mozilla Maintenance Service

CVE-2017-5471: Memory safety bugs fixed in Firefox 54

CVE-2017-5470: Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2

References

CVE Name CVE-2017-5470
CVE Name CVE-2017-5471
CVE Name CVE-2017-5472
CVE Name CVE-2017-7749
CVE Name CVE-2017-7750
CVE Name CVE-2017-7751
CVE Name CVE-2017-7752
CVE Name CVE-2017-7754
CVE Name CVE-2017-7755
CVE Name CVE-2017-7756
CVE Name CVE-2017-7757
CVE Name CVE-2017-7758
CVE Name CVE-2017-7759
CVE Name CVE-2017-7760
CVE Name CVE-2017-7761
CVE Name CVE-2017-7762
CVE Name CVE-2017-7763
CVE Name CVE-2017-7764
CVE Name CVE-2017-7765
CVE Name CVE-2017-7766
CVE Name CVE-2017-7767
CVE Name CVE-2017-7768
CVE Name CVE-2017-7778
URL https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/