112 matches found
CVE-2017-5440
A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1,...
CVE-2017-5439
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
CVE-2017-5438
A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
Design/Logic Flaw
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
Design/Logic Flaw
A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
CVE-2017-5438
CVE-2017-5438 is a use-after-free in XSLT processing caused by the result handler being held by a freed handler. Publicly documented impact includes crashes and potential code execution in affected Mozilla products. Affected: Firefox
CVE-2017-5439
CVE-2017-5439 is a use-after-free in XSLT processing caused by improper handling of template parameters (nsTArray Length()) in Mozilla code, affecting Firefox and Thunderbird. It targets Firefox < 53 (and related ESR branches) and Thunderbird
CVE-2017-5440
CVE-2017-5440 is a use-after-free in XSLT processing caused by failure to propagate error conditions during matching while evaluating context, leading to use of freed objects and potentially a crash. Affected products include Mozilla Firefox (Firefox < 53) and Firefox ESR, and Mozilla Thunderb...
CVE-2017-5439
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
CVE-2017-5440
A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1,...
CVE-2017-5439
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
Mozilla: Use-after-free in nsAutoPtr during XSLT processing (MFSA 2017-11, MFSA 2017-12)
A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
Mozilla: Use-after-free in nsTArray Length() during XSLT processing (MFSA 2017-11, MFSA 2017-12)
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
Security fix for the ALT Linux 10 package thunderbird version 52.1.0-alt1
May 2, 2017 Andrey Cherepanov 52.1.0-alt1 - New version 52.0.1 - Security fixes: + CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR + CVE-2017-5430: Memory safety bugs fixed in Firefox 53, Firefox ESR + CVE-2017-5432: Use-after-free in text input selection + CVE-2017-5433:...
Mozilla Firefox ESR < 52.1
The version of Firefox ESR installed on the remote Windows host is prior to 52.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-12 advisory. - Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. CVE-2017-5469 - A...
Mozilla Firefox ESR 45.x < 45.9 Multiple Vulnerabilities (macOS)
The version of Mozilla Firefox ESR installed on the remote macOS or Mac OS X host is 45.x prior to 45.9. It is, therefore, affected by the following vulnerabilities : - Multiple buffer overflow conditions exist in the FLEX generated code due to improper validation of certain input. An...
Mozilla: Use-after-free in nsTArray Length() during XSLT processing (MFSA 2017-11, MFSA 2017-12)
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
Mozilla: Use-after-free in nsTArray Length() during XSLT processing (MFSA 2017-11, MFSA 2017-12)
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
CVE-2017-5439
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
CVE-2017-5440
A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1,...