FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
firefox < 65.0_1,1
waterfox < 56.2.7
linux-seamonkey < 2.49.5
seamonkey < 2.49.5
firefox-esr < 60.5.0_1,1
linux-firefox < 60.5.0,2
libxul < 60.5.0
linux-thunderbird < 60.5.0
thunderbird < 60.5.0

Details

VuXML ID b1f7d52f-fc42-48e8-8403-87d4c9d26229
Discovery 2019-01-29
Entry 2019-01-29

Mozilla Foundation reports:

CVE-2018-18500: Use-after-free parsing HTML5 stream

CVE-2018-18503: Memory corruption with Audio Buffer

CVE-2018-18504: Memory corruption and out-of-bounds read of texture client buffer

CVE-2018-18505: Privilege escalation through IPC channel messages

CVE-2018-18506: Proxy Auto-Configuration file can define localhost access to be proxied

CVE-2018-18502: Memory safety bugs fixed in Firefox 65

CVE-2018-18501: Memory safety bugs fixed in Firefox 65 and Firefox ESR 60.5

References

CVE Name CVE-2018-18500
CVE Name CVE-2018-18501
CVE Name CVE-2018-18502
CVE Name CVE-2018-18503
CVE Name CVE-2018-18504
CVE Name CVE-2018-18505
CVE Name CVE-2018-18506
URL https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2019-02/