9 matches found
Mozilla Firefox < 53.0.2
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 53.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2017-14 advisory. - A use-after-free can occur during Buffer11 API calls within the ANGLE graphics library, used for WebGL content. This...
Mozilla Firefox < 53.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 53.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-10 advisory. - Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. CVE-2017-5469 ...
SUSE CVE-2017-5458
When a "javascript:" URL is drag and dropped by a user into the addressbar, the URL will be processed and executed. This allows for users to be socially engineered to execute an XSS attack on themselves. This vulnerability affects Firefox 53...
SUSE CVE-2017-5468
An issue with incorrect ownership model of "privateBrowsing" information exposed through developer tools. This can result in a non-exploitable crash when manually triggered during debugging. This vulnerability affects Firefox 53...
DEBIAN-CVE-2017-5464
During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
CVE-2017-5449
A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. This vulnerability affects Thunderbird 52.1, Firefox ESR 52.1, and Firefox 53...
Mozilla: Use-after-free during focus handling (MFSA 2017-11, MFSA 2017-12)
A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
Mozilla: Crash during bidirectional unicode manipulation with animation (MFSA 2017-11, MFSA 2017-12)
A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. This vulnerability affects Thunderbird 52.1, Firefox ESR 52.1, and Firefox 53...
UBUNTU-CVE-2017-5468
An issue with incorrect ownership model of "privateBrowsing" information exposed through developer tools. This can result in a non-exploitable crash when manually triggered during debugging. This vulnerability affects Firefox 53...