FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
firefox < 66.0_3,1
waterfox < 56.2.9
linux-seamonkey < 2.49.5
seamonkey < 2.49.5
firefox-esr < 60.6.0,1
linux-firefox < 60.6.0,2
libxul < 60.6.0
linux-thunderbird < 60.6.0
thunderbird < 60.6.0

Details

VuXML ID 05da6b56-3e66-4306-9ea3-89fafe939726
Discovery 2019-03-19
Entry 2019-03-19

Mozilla Foundation reports:

CVE-2019-9790: Use-after-free when removing in-use DOM elements

CVE-2019-9791: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey

CVE-2019-9792: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script

CVE-2019-9793: Improper bounds checks when Spectre mitigations are disabled

CVE-2019-9794: Command line arguments not discarded during execution

CVE-2019-9795: Type-confusion in IonMonkey JIT compiler

CVE-2019-9796: Use-after-free with SMIL animation controller

CVE-2019-9797: Cross-origin theft of images with createImageBitmap

CVE-2019-9798: Library is loaded from world writable APITRACE_LIB location

CVE-2019-9799: Information disclosure via IPC channel messages

CVE-2019-9801: Windows programs that are not 'URL Handlers' are exposed to web content

CVE-2019-9802: Chrome process information leak

CVE-2019-9803: Upgrade-Insecure-Requests incorrectly enforced for same-origin navigation

CVE-2019-9804: Code execution through 'Copy as cURL' in Firefox Developer Tools on macOS

CVE-2019-9805: Potential use of uninitialized memory in Prio

CVE-2019-9806: Denial of service through successive FTP authorization prompts

CVE-2019-9807: Text sent through FTP connection can be incorporated into alert messages

CVE-2019-9809: Denial of service through FTP modal alert error messages

CVE-2019-9808: WebRTC permissions can display incorrect origin with data: and blob: URLs

CVE-2019-9789: Memory safety bugs fixed in Firefox 66

CVE-2019-9788: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6

References

CVE Name CVE-2019-9788
CVE Name CVE-2019-9789
CVE Name CVE-2019-9790
CVE Name CVE-2019-9791
CVE Name CVE-2019-9792
CVE Name CVE-2019-9793
CVE Name CVE-2019-9794
CVE Name CVE-2019-9795
CVE Name CVE-2019-9796
CVE Name CVE-2019-9797
CVE Name CVE-2019-9798
CVE Name CVE-2019-9799
CVE Name CVE-2019-9801
CVE Name CVE-2019-9802
CVE Name CVE-2019-9803
CVE Name CVE-2019-9804
CVE Name CVE-2019-9805
CVE Name CVE-2019-9806
CVE Name CVE-2019-9807
CVE Name CVE-2019-9808
CVE Name CVE-2019-9809
URL https://www.mozilla.org/security/advisories/mfsa2019-07/
URL https://www.mozilla.org/security/advisories/mfsa2019-08/